|
|
|
|
|
|
by zaarn
2623 days ago
|
|
|
It's entirely within the intentions of browser vendors to make blocking of content without consent of a user hard or even impossible. If the school cannot be bothered to block content properly (ie, only via DNS block) then that is their own fault. The tools exist to block on an IP level. For all computers the school owns, they SHOULD definitely do HTTPS MitM. |
|
|
SNI filtering is a reasonable middle ground - it has its flaws but nowhere near invasive as full MITM filtering yet achieves most of the filtering objectives of the organisation. Ie it is “good enough”. Sadly ESNI may be the end of usefulness of this approach.