We had some people who would burn too much time on social media, so, they got added to a special rule on the `pf` firewall surrounding the office which blurred all images from selected sites, like facebook. I blurred instead of something more obvious like blocking or inverting the images since it was designed to counter casual use and was more amusing. Anybody who couldn't evade my trivial firewall block shouldn't have been working there.
I remember watching logs and I would progressively ratchet up the blur level if it wasn't effective enough.
I terminated the experiment when an employee casually told me he had an appointment at the eye doctor because it was getting hard to see his computer screen, it would never get any better than this.
My manager at my last job actually did this to one of his good friends many years ago after I showed this article to him - whenever the friend was using my manager's WiFi any images would be upside down, or blurred etc etc. He took great delight in telling me that the friend had even reinstalled his OS to try and solve it.
A couple of years later, said friend actually joined the company. I used to take great delight in dropping occasional obscure hints and comments, but he never did figure it out.
This is some real nostalgia. I spent all April Fools' Day probably every year in college trying to figure out how to make this work on my DD-WRT'd wireless router until finally getting it.
I once worked as a lowly front line help desk tech I and snuck around getting the MAC addresses of all my coworkers so I could specifically target them with this without affecting the broader office.
Someone logged it as a ticket and people got progressively more tense as it got escalated from desktop toward infosec. I finally came clean before it got too out of hand. The head network admin shook my hand, it was a good day.
The transparent proxy wouldn't care whether images are being dynamically loaded or not; it'll flip any image it sees (as long as it's a GIF or JPEG, in this example).
But HTTPS breaks it completely; that's kind of the point (can't MITM a TLS connection on a computer you don't control without certificate errors popping up).
The proxy seems to be matching on filenames, not content-sniffing arbitrary bytestreams for anything which might be a compressed image, so on more dynamic sites (especially SPAs), that would seem to be skipping most of the content.
I did this for fun a while back in our office.
We had some people who would burn too much time on social media, so, they got added to a special rule on the `pf` firewall surrounding the office which blurred all images from selected sites, like facebook. I blurred instead of something more obvious like blocking or inverting the images since it was designed to counter casual use and was more amusing. Anybody who couldn't evade my trivial firewall block shouldn't have been working there.
I remember watching logs and I would progressively ratchet up the blur level if it wasn't effective enough.
I terminated the experiment when an employee casually told me he had an appointment at the eye doctor because it was getting hard to see his computer screen, it would never get any better than this.