TL;DR: it looks like there are routers on the market that use gpt APIs to classify new, never seen before websites and add them to the blocklist in real time

This allows everyone to run something like the “great firewall of China” - and imagine what a government could do

Full story:

At work the boss got persuaded to pay some thousands for a fortinet firewall to cripple the customers free wifi (the extremely stupid idea is to sell them an unblock code, but I live in a country where with 10 euro per month people can get 100gb of 5G connection, who’s going to pay?)

I tried that network and I was really shocked how crippled it was. Boss decided to block anything related to gaming, for example. You visit a small game developer page and it initially works but after a few minutes, you get a “blocked” page (but customers can’t see that because nowadays everything uses HTTPS and they don’t have the self signed CA on their system - they just see HTTPS certificate error). I tried multiple times but always the same result, after a few minutes is blocked.

Everything that corporate thinks it’s not appropriate, it’s blocked!

I felt more frustrated using this network than the time that I lived in China! (Left a few years before COVID, don’t know the internet situation now)

When I came back home I took a shower and I thought to it under the hot water. At home I’m using gpt4o in karakeep to classify my bookmarks… and a router can also do the same.

  • jubilationtcornpone@sh.itjust.works
    6·
    6 hours ago

    Boss decided to block anything related to gaming, for example. You visit a small game developer page and it initially works but after a few minutes, you get a “blocked” page (but customers can’t see that because nowadays everything uses HTTPS and they don’t have the self signed CA on their system - they just see HTTPS certificate error). I tried multiple times but always the same result, after a few minutes is blocked.

    That’s not “AI”. That’s just a “man in the middle (mitm)” attack. AKA, https proxy. Fortinet firewalls have been capable of that for many years. It’s not uncommon for businesses (e.g. banking and finance) to proxy all internal web traffic in order to make sure personally identifiable information isn’t being shared with shady websites.

    Proxying traffic on the guest WiFi is pretty sketchy though.

    • Moonrise2473@feddit.itOP
      2·
      1 hour ago

      I was used to normal fortinet filter (they block porn and warez in the work net which is acceptable) but this new one seems extreme, borderline unusable. You have one chance in the router lifetime to browse an obscure lifetime and then next time it’s already in blacklist. I think they pay some kind of subscription for ai autoclassification because there’s no way with human support it can be updated this fast