Given that Geneva hosts the United Nations, just a short walk from the university campus, I think this is very worrisome.
Picture taken this morning at Biotech campus.
Have you checked with the university IT? May be a simple case of a generic blacklist.
Edit: There’s even a link to have the page reevaluated. Have you tried that?
Would definitely send this story to 20 Minuten. Might make the headlines tomorrow
To be fair maybe there is just a list of “allowed” websites instead of it actively blocking it. Idk tho
Blocking things is actually a hard problem. Different approaches:
Whitelist: block everything expect trustworthy stuff. Obviously, this is very annoying tonmaintain and you will block too much. Can’t know all the good things toballow them, you’ll miss some.
Blacklist: block only what is known to be bad. Same as above, so many bad things out there, hard to know it all. You’ll miss bad stuff of course and let it through. But at least there’s a big community out there providing lists of known dangerous things (abuse.ch for example) but since there are many lists it’s hard to merge them together and figuer out which knes are legitimate.
“Dynamic” blocking: based on content, simply inspect the site and either black- or whitelist it based on content. Maybe you don’t want the word “porn” but now 20mins is blocked due to a single comment somewhere. Or wikipedia. But you only intended to block pornhub, oh well. Of course this can be done in a smarter AI/statistics/whatever way, but it will knly reduce the problem and not mitigate it.
Simply let IT know, it’s their problem to fix and manually override the blocking, if deemed appropriate by whoever is in charge. Just a thing that happens at some point in big managed networks.
This is a fortigate firewall that blocks your access. (Logo on the left, the red bars)
Fortigate has a url based category system, which means that fortinet (the company) has a list of domains that are categorized by a team or even sometimes externals.
Looking at the category, the domain matches just fine. By default fortigate does not do url filtering. If you enable it on a policy, you can use the default profile (Set of categories that are blocked), you are absolutely free in configuring the categories inside profiles, and in addition you can white or blacklist single urls or small groups, for anything else (more than 5 or so) it’s wise to create a a category with your custom urls.
The default contains (usually) firearms, gambling, porn, Malware etc.
The category shown above is definitely not in the default profile.
You can look all of this up by googling “fortigate url filtering” and looking through the latest versions documentations.
I’m not saying this was done on purpose, maybe someone didn’t know what this category meant (language barrier), or they just did what they were told, but if the uni didn’t do it themselves, the external IT Partner certainly knows about the categories, it’s daily business.
Edit: unlikely (since the list would be incredibly huge for a university), but it may be that there is a category with allowed pages defined by the uni, and everything else is just blocked. Not really the best approach, especially not for a university. Or maybe your IT department is just reeeeally overstaffed so that they can add new requests to the list 24/7.
6 comments
Given that Geneva hosts the United Nations, just a short walk from the university campus, I think this is very worrisome.
Picture taken this morning at Biotech campus.
Have you checked with the university IT? May be a simple case of a generic blacklist.
Edit: There’s even a link to have the page reevaluated. Have you tried that?
Would definitely send this story to 20 Minuten. Might make the headlines tomorrow
To be fair maybe there is just a list of “allowed” websites instead of it actively blocking it. Idk tho
Blocking things is actually a hard problem. Different approaches:
Whitelist: block everything expect trustworthy stuff. Obviously, this is very annoying tonmaintain and you will block too much. Can’t know all the good things toballow them, you’ll miss some.
Blacklist: block only what is known to be bad. Same as above, so many bad things out there, hard to know it all. You’ll miss bad stuff of course and let it through. But at least there’s a big community out there providing lists of known dangerous things (abuse.ch for example) but since there are many lists it’s hard to merge them together and figuer out which knes are legitimate.
“Dynamic” blocking: based on content, simply inspect the site and either black- or whitelist it based on content. Maybe you don’t want the word “porn” but now 20mins is blocked due to a single comment somewhere. Or wikipedia. But you only intended to block pornhub, oh well. Of course this can be done in a smarter AI/statistics/whatever way, but it will knly reduce the problem and not mitigate it.
Simply let IT know, it’s their problem to fix and manually override the blocking, if deemed appropriate by whoever is in charge. Just a thing that happens at some point in big managed networks.
This is a fortigate firewall that blocks your access. (Logo on the left, the red bars)
Fortigate has a url based category system, which means that fortinet (the company) has a list of domains that are categorized by a team or even sometimes externals.
Looking at the category, the domain matches just fine. By default fortigate does not do url filtering. If you enable it on a policy, you can use the default profile (Set of categories that are blocked), you are absolutely free in configuring the categories inside profiles, and in addition you can white or blacklist single urls or small groups, for anything else (more than 5 or so) it’s wise to create a a category with your custom urls.
The default contains (usually) firearms, gambling, porn, Malware etc.
The category shown above is definitely not in the default profile.
You can look all of this up by googling “fortigate url filtering” and looking through the latest versions documentations.
I’m not saying this was done on purpose, maybe someone didn’t know what this category meant (language barrier), or they just did what they were told, but if the uni didn’t do it themselves, the external IT Partner certainly knows about the categories, it’s daily business.
Edit: unlikely (since the list would be incredibly huge for a university), but it may be that there is a category with allowed pages defined by the uni, and everything else is just blocked. Not really the best approach, especially not for a university. Or maybe your IT department is just reeeeally overstaffed so that they can add new requests to the list 24/7.