TL;DR: it looks like there are routers on the market that use gpt APIs to classify new, never seen before websites and add them to the blocklist in real time
This allows everyone to run something like the “great firewall of China” - and imagine what a government could do
Full story:
At work the boss got persuaded to pay some thousands for a fortinet firewall to cripple the customers free wifi (the extremely stupid idea is to sell them an unblock code, but I live in a country where with 10 euro per month people can get 100gb of 5G connection, who’s going to pay?)
I tried that network and I was really shocked how crippled it was. Boss decided to block anything related to gaming, for example. You visit a small game developer page and it initially works but after a few minutes, you get a “blocked” page (but customers can’t see that because nowadays everything uses HTTPS and they don’t have the self signed CA on their system - they just see HTTPS certificate error). I tried multiple times but always the same result, after a few minutes is blocked.
Everything that corporate thinks it’s not appropriate, it’s blocked!
I felt more frustrated using this network than the time that I lived in China! (Left a few years before COVID, don’t know the internet situation now)
When I came back home I took a shower and I thought to it under the hot water. At home I’m using gpt4o in karakeep to classify my bookmarks… and a router can also do the same.
for example, i browse to a completely new website that nobody ever visited. Nobody uses linux, so i go to gnome.org and first it loads because ther router/firewall never knew that URL before. Then in a few seconds gets blocked pending “ai classification”, then it gets permanently blocked because that asshole of my boss decided to block every website that offers software downloads
or, for example, i take a linux distro that literally nobody uses, when i use pacman it firstly load packages because i’m the first one to access the download server, then in the middle of downloads the firewall learns what those server does, and blocks them during download (invalid SSL due to MITM that replaces content with the “access blocked” message)
and because the blocklist is infinite, even listening to offline music gives errors when using music APIs
i wonder what’s the point of offering “free wifi” like this. It’s cheaper and gives a better customer experience to just remove the access points and say “no, we don’t have wifi” rather than “we have wifi but you need to login with facebook and you can only use it for whatsapp and to browse our website”. I heard the boss was pissed that the upstairs neighbors were “stealing” the wifi, as he saw traffic during night time