CIPA done (was: OLPC Project suggestions.)

Albert Cahalan acahalan at
Wed May 7 02:35:07 EDT 2008

> Child-safe web filtering on XO
>   Regardless of its merits, CIPA requires it for XO deployments
>   in US schools:

Here are the requirements:

The easy way out is child ownership. The requirements only
apply to computers which are owned by schools and libraries.
Probably not every potential buyer is aware of this.

The other thing to note is that there is no required level of
performance, configurability, reliability, or anything else.
People keep assuming that perfection is necessary; it is not.

Not that schools should own the computers though; OLPC should
continue to push for child ownership. (of course the schools
may wish to filter upstream, and they will certainly wish to get
parental permission before distributing hardware)

Anyway, this isn't much of a project. Meeting the requirements
for school-owned and library-owned hardware is very simple.
My /etc/cipa.conf file and "technology protection measure" follow.
The suggested name is "/usr/bin/technology protection measure".
I do not believe that this implementation of the requirements
will have any measurable memory or CPU consumption, which is a
key consideration for the XO.

iptables -A INPUT -i eth0 -p tcp -j CIPA
iptables -N CIPA
while read i ; do iptables -A CIPA -s $i -j DROP ; done < /etc/cipa.conf

More information about the Devel mailing list