Digital Insurgency

Where Surveillance, Encryption & Privacy Collide

My son has a serious YouTube/gaming addiction. If he is in front of a computer for more than 5 minutes, he will start surfing gaming videos or playing games; homework, or whatever he is supposed to be doing, be damned.

It’s to the point that we’ve decided to make him go cold turkey.

I went into the hosts file on the Mac and created new entries to block his favorite gaming hangs (roblox.com, minecraft.net, and steampowered.com) from opening. I also added youtube.com.

I go to verify my handiwork. Roblox? BLOCKED!, Minecraft? BLOCKED! Steam? BLOCKED! YouTube? POPS RIGHT F**KING OPEN!!!

WTF?, says I? Did I mistype it?

I check my hosts file. Sure enough, YouTube.com is right there. I try again, and IT POPS RIGHT UP!

So I open Safari. YouTube? BLOCKED!

I find a plugin called StayFOCUSd, that is a Chrome extension and says it will block sites via Chrome. BUT IT WON’T F**KING BLOCK YOUTUBE. YouTube still opens right up, even when added to the block list.

So I go through OpenDNS and block YouTube at the OpenDNS settings, figuring for sure that will deal with it. If the computer can’t be trusted to do the job, I’ll block it at the network level.

I refresh the DNS, type in YouTube.com. IT POPS RIGHT UP!

It turns out that if you are using Google Chrome, you CANNOT block Google properties. Rather than using the DNS your computer specifies, Chrome routes around your DNS for Google properties. Rather than checking the local hosts file first, it checks its own properties first, and ignores the hosts. Parental controls are overridden by Google, and Chrome will take you directly to their sites regardless of how you try to block them.

So I decide I will uninstall Chrome and force him to use Safari. BUT!!!, says I, he knows how to install Chrome, so he would just go put it back. So I add Google.com to the hosts file figuring he can use Bing for search if he needs to.

EXCEPT, Google has inserted itself into NEARLY EVERY GODDAMN SCHOOL DISTRICT with Google Classroom, and you cannot block google.com if you want your kid to be able to access their f**king homework!!!

So Google champions net neutrality, and chides those evil ISPs they say will prioritize their own traffic. But Google literally WILL NOT LET YOU BLOCK THEIR SITES IF YOU ARE USING THEIR BROWSER (which roughly 45% of the people in the US are doing). If you are smart enough to force another browser, and block access to install Chrome via google.com, they WILL NOT LET YOU access the property most schools are using for managing classes.

4 Comments

  • Richy B

    Have you seen https://support.google.com/youtube/answer/6214622?hl=en which, if the list of dns entries can’t be blocked, at least it should restrict access a bit.

    Chrome does have its own DNS cache layer which may have been recording the youtube entries: try a reboot (you can also flush it using a chrome:// url, but I can’t remember which one atm)

    September 29, 2017 at 4:08 am Reply
  • No Thanks

    I’ve added “127.0.0.1 http://www.youtube.com” to my hosts file on my Mac and it blocked it fine, in Chrome 60. Did you perhaps put “youtube.com”, instead of “www.youtube.com”?

    StayFOCUSd appears to fail to block any site I give it, Google or not.

    OpenDNS I don’t use myself, but Chrome will have a short-term DNS cache to save on lookups, so perhaps it was cached in that, try a restart. Regardless, one certainly can block YouTube in Chrome.

    September 29, 2017 at 1:55 pm Reply
  • No Thanks

    I didn’t put the “http://” in my comment, that was auto-added by the commenter. You only put the domain name in the hosts file, of course.

    September 29, 2017 at 1:56 pm Reply
  • Anon

    “I fixed this problem by: Turn OFF “Protect you and your device from dangerous sites” in Chrome’s Advanced Preferences.

    Chrome’s built in “protection” includes checking a domain against their own DNS directly and bypassing certain types of host entries it deems “suspicious” or entries for sites that exist that are being overridden, which means most custom host entries are ignored. Especially *.dev and *.local entries used for development.

    Turning this off has resolved the issue 100% of the time for me. This was driving me mad for months when doing local development and i couldn’t find the answer listed anywhere, everyone just kept saying it couldn’t be happening. Turns out it was a simple toggle in advanced settings. Hope this helps you as well, cheers.”

    -Source: https://superuser.com/questions/648133/why-is-chrome-ignoring-etc-hosts-on-os-x

    November 8, 2018 at 2:05 pm Reply
  • Leave a Reply