How to censor (was Re: [COLUG] Google Engaged In Censorship in the U.S.)

[Aaron Howard]

On Fri, 2006-10-13 at 12:47 -0700, Scott Webster Wood wrote:
> 
[snipped everything]

Okay, since this thread has not died a polite little death, I'll try to
steer it on topic...

I have a teenage son and a nine year old daughter and I wish to censor
what they have access to on the Internet.  I've used Squid+SquidGuard
before, but something tells me Google's methods are a little more
sophisticated.  How do they do it?  Can anybody help me accomplish the
following:

1. Block undesirable Internet traffic (hard block lists of sites and/or
regex matching on certain phrases), including HTTP, FTP, AIM, and in-
game chats (like chatting in RuneScape, for instance)
2. Proxy SMTP for logging what e-mails are being sent and proxy POP3
access to external mailboxes for proper spam/anti-virus handling. 
3. Allow my wife and myself to bypass the censors
4. Log all traffic, filtered or not
5. Generate meaningful reports on the logs
6. Not let on to the kids that censoring is happening

Generally, at most office locations I've setup such things, we've used
user authentication mechanisms, explicit port blocking to stop chatting
(AIM, IRC, etc.) and streaming (RTSP, MMS, etc.), squid+squidguard to
block pr0n and such, and sarge for viewing/reporting on the logs.

But, how do I get around the filters, identify whether a certain web
page was viewed by my son or my wife...all in a manner that will keep
him in the dark that I am even filtering/logging stuff?

Furthermore, typically squid+squidguard redirects you to a "you've been
blocked" page and I obviously can't have that.  How can I have it return
things like DNS errors, timeouts, 404s, etc. randomly so it will just
look like network issues?

I would just search google for info on how to censor properly but I'm
afraid my results might not be entirely *accurate*, if you catch my
meaning.

Thanks,
-Aaron