Re: Access to Porn sites?

[David Eilken <david.eilken () DOMAIL MARICOPA EDU>]

Dave,

Palo Alto has since acquired Unit 42, Cisco has Talos, etc. There are a
number of good cyber threat intelligence services and ISACs that can
provide you with the intel or have it block in their hardware or cloud. I
have had good results with Emerging Threats' intelligence. Here is a list
of others:  http://thecyberthreat.com/cyber-threat-intelligence-feeds/

It's easier to avoid difficult discussions of blocking any particular type
of content this way. If a reputable cyber threat intelligence service or an
ISAC says something is malicious that should be enough reason to reduce the
risk to the organization and avoid it.

Dave E.
MCCCD

On Thu, Aug 15, 2019 at 12:54 PM David Opitz <dopitz () loyola edu> wrote:

> Hi,
>
>
>
> Like others, we don’t block web access to anything unless it is known to
> be malicious, due to Academic Freedom.
>
>
>
> There are other options available to you other than blocking things, such
> as auditing and policies.  If one employee saw that another employee was
> watching porn at his/her desk, I would hope that would be reported to HR as
> a probable violation of the employee conduct policy.  That has the
> advantage of passing off the decision to HR of “what is porn and what is
> not”.  Auditing would let you trace back to who is responsible if someone
> were downloading something illegal – and if it not illegal or malicious,
> should you be blocking it?
>
>
>
> How do you determine what is “bad” content that needs to be blocked?
> Other categories that Palo Alto has include: abused-drugs,
> alcohol-and-tobacco, extremism, hacking, malware, nudity, phishing,
> weapons, and more.  Which do you block?  It was a while ago, but I’ve
> tested the Palo Alto filters just to see how they worked, and to me they
> seemed very broad, and blocked websites that simply provide information
> about those topics.  Blocking access to the “gambling” category blocked
> access to some of the best poker strategy websites out there.  I found a
> good network security webpage that was classified by Palo Alto as “hacking”
> (or possibly “malware”).  I think blocking “weapons” including blocking the
> NRA website.  Regardless of anyone’s political thoughts on any of these
> topics (please, don’t let this become a political discussion), some of
> these are topics that I want students and employees to be knowledgeable
> about so they can make good decisions.
>
>
>
> Peace,
>
> Dave Opitz
>
> Loyola University Maryland
>
>
>
>
>
> *From:* The EDUCAUSE Security Community Group Listserv <
> SECURITY () LISTSERV EDUCAUSE EDU> *On Behalf Of *David Eilken
> *Sent:* Thursday, August 15, 2019 1:36 PM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* Re: [SECURITY] Access to Porn sites?
>
>
>
> Thanks all for responses on this. Regarding the larger topic of Academic
> Freedom, which doesn't make the Internet open and fully accessible.  We all
> (users of technology) have to block things - lots of things. As technology
> professionals, we all know this. It is simply not practical or ethical to
> have a fully open computing environment.  Boundaries are a necessity;
> besides your ISP would shut you down at some point.
>
>
>
> I like Randy at VA Tech's thoughts that were focused on the technical
> controls. Regardless of the content, there are things that are known bad.
> We all should be blocking bad things. However we determine what is bad
> (different vendors have different kinds/ quality of intelligence), there
> will always be false-positives. We still have to draw lines in the sand and
> those lines will never be perfect.
>
>
>
> Sometimes faculty and other non-technical people may get this confused. We
> all already block/ filter bad things, some porn/gambling sites will cross
> that line and should be filtered. If you can't draw your lines as clear as
> some, with the intelligence sources as Randy noted, it comes down to your
> level of risk tolerance. The risks with porn surfing specifically change
> daily but generally, we know it to be bad. I personally believe you should
> block it and provide exceptions where needed. That is a prudent and
> practical approach, as the risks are real and significant, and the actual
> permitted use cases for access to it are few.
>
>
>
> Dave E
>
>
>
>
>
> On Thu, Aug 15, 2019 at 8:57 AM Valdis Klētnieks <valdis.kletnieks () vt edu>
> wrote:
>
> On Thu, 15 Aug 2019 07:13:39 -0700, Babak Oskouian said:
>
> > Another concern is 18 U.S. Code  2258A.  As you know 18 U.S. Code  2258A
> > explicitly requires all Internet providers to report any and all digital
> > viewing, downloading and possession of child pornography to the National
> > Center for Missing and Exploited Children. Very stiff penalties ($150,000
> > first incidence, and $300,000 second incidence) are imposed on any
> provider
> > for failure to report.  Do you think (or has your legal counsel
> explicitly
> > assured you) that your institute is exempt form this law?
>
> This is well into very tricky legal territory indeed, because it's a field
> where writing the laws to avoid unintended consequences is very difficult.
> 18 USC 2258A only requires reporting child pornography that you're aware
> of.
> If you don't know about it, you don't have to report it.  This means that
> the ISP
> is better off not searching user datastreams for it, especially in
> combination
> with...
>
> Meanwhile, at the state level, possession of child pornography is usually a
> 'strict liability' offense, meaning there's no mens rea (state of mind)
> component to it. This means that if a user accidentally downloads some CP
> because it was labeled "Pirated Copy Of This Year's Top Movie.mp4", they
> have
> an *extremely high* DIS-incentive to report it, because they now have child
> pornography on their computer.  And since consideration of intent is
> prohibited, that means that the fact you had no intent doesn't matter - you
> downloaded it, you have it (or had it) on your computer and that alone is
> sufficient to make you guilty of possession yourself.
>
> Who is going to report accidentally discovered child pornography when you
> have to take it on faith that the police and district attorney are going
> to believe
> that it's accidental? (See other post regarding porn sites that don't do
> their
> due diligence regarding 18 USC 2257 record keeping....)
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693748726&sdata=Ci76l8sf3XJbASsuHJN4L%2FALBVe8vzplSSXP5vNmabI%3D&reserved=0>
>
>
>
>
> --
>
> [image: Maricopa Community College District Office logo]
>
> *DAVID EILKEN* MA MBA CISSP-ISSMP CISM CRISC C|CISO
>
> *MARICOPA COMMUNITY COLLEGES*
>
> Information Security Officer | ITS
>
> 2411 West 14th Street, Tempe, AZ 85281
>
> david.eilken () domail maricopa edu
>
> https://www.maricopa.edu/
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.maricopa.edu%2F&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693748726&sdata=7%2F9SLG8M5M210JSZuxeMwKVqi3Z1iPP2OeJrs%2B6e1Ps%3D&reserved=0>
>
> O: 480-784-0637
>
> LinkedIn
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flinkedin.com%2Fschool%2Fmaricopa-community-colleges&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693758721&sdata=3GU1Cq2sGPUbQCpt9iTquduLfG0tiX%2F%2F7FFHqeYG1tg%3D&reserved=0>
> | Twitter
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fmcccd&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693758721&sdata=Sc3kbdrg0vpXBlHKMNfSFC5FjGVbgeiIzpqZ8LxG6wY%3D&reserved=0>
> | Facebook
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fmaricopa.edu&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693768716&sdata=UByCdFXTMOGdsxIyuLNHjsrWgXRExNXW7Q1YaN0WYZg%3D&reserved=0>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community
> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cdopitz%40LOYOLA.EDU%7C59164ebbd6fd48b09ec308d721a70dd3%7C30ae0a8f3cdf44fdaf34278bf639b85d%7C0%7C0%7C637014873693768716&sdata=KB6XK7OwSXBs52q61eRsM%2BWtV2h0Zl1HrT1wv%2FleZ8I%3D&reserved=0>


-- 
[image: Maricopa Community College District Office logo]
DAVID EILKEN MA MBA CISSP-ISSMP CISM CRISC C|CISO
MARICOPA COMMUNITY COLLEGES
Information Security Officer | ITS
2411 West 14th Street, Tempe, AZ 85281
david.eilken () domail maricopa edu
https://www.maricopa.edu/
O: 480-784-0637
LinkedIn  <https://linkedin.com/school/maricopa-community-colleges>|
Twitter  <https://twitter.com/mcccd>| Facebook
<https://www.facebook.com/maricopa.edu>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community