Gears & Gadgets

Can Disney’s Circle really deliver a porn-free Internet?

Can the Mouse keep your house safe from the sketchy parts of the Internet?
Enlarge / Can the Mouse keep your house safe from the sketchy parts of the Internet?

Filtering out the bits of human knowledge you don’t like and leaving all the bits you do is a deceptively difficult task; it’s one of the classic “I may not know art, but I know what I (don’t) like” problems. If you have a family with small children and absolutely any adult member of that family is not a complete libertine, though, it’s a problem you’ll need to address. The Disney-backed Circle filtering platform aims to help, via either a standalone IoT gadget ($ 35) or a service embedded in higher-end Netgear routers and mesh kits, such as Orbi RBK50 ($ 300) or Nighthawk R7000P ($ 160).

Twenty years ago, the problem was trying to keep an up-to-date database of everything on the Internet and whether it was naughty or not. In 2019, we’ve got the Big Data chops for that, but a larger problem has cropped up—end-to-end encryption. The HTTPS standard treats everything in between the website itself and the device you’re viewing it on as potentially hostile. It keeps those potential hostiles from seeing or altering what you’re doing. So while your router (or any other device in the middle) might be able to tell—or at least effectively guess—what website you’re visiting, it has no idea what you’re actually doing there.

That means filtering based on the actual content you’re looking at isn’t possible, and family filtering is a semi-blind guessing game. Many companies and devices claim to do it, but Circle is the first one I’ve seen that does it even tolerably well.

The Circle application

The biggest bone I have to pick with Circle is that it must be managed from an Android or iOS app, whether you’re using Circle embedded in a Netgear router or via the standalone IoT device. If you prefer a Web interface—or want to control Circle using a full-sized computer, display, and keyboard at all—you’re out of luck.

That said, Circle is reasonably solid, as mobile apps go. In addition to a default filtering level, Circle offers filter sets on a person-by-person basis. This allows you to offer separate profiles for each family member and ensure that each person’s experience is consistent across all their devices.

The majority of the negative Circle Home app reviews on the Google Play Store complain that it’s hard to identify devices by BSSID (the Wi-Fi equivalent of a MAC address). This complaint is understandable but not entirely fair—trying to identify dozens of devices this way is absolutely a pain in the butt, but many devices don’t show anything but their BSSID. If your device broadcasts a NetBIOS name, Circle will show it to you; if your device doesn’t, there just isn’t anything else to identify it with.

Once you’ve found and identified all your devices and added them to personal profiles, Circle offers filtering control as deep or as broad as you’d like. The app also offers age-based presets ranging from “pre-K” to “adult” as well as the ability to filter (or allow) popular sites and services such as Reddit, HBO, Netflix, etc. directly. You can also enable category-based filtering on topics ranging from “Mature,” to “Explicit Content,” to “Science & Technology.” (Yes, you can specifically choose to block your children’s access to science. But please don’t.) Circle also offers, should you scroll down far enough, the ability to enter specific URLs for either blacklisting or whitelisting.

In addition to filtering the Internet, Circle allows you to schedule access to it. Much like the filtering, the access schedules are per-profile; you can set regular times for Internet disconnection (bedtime) as well as daily time limits, with configurable “weekend” and “weekday” periods so the kids can have more playtime on weekends and less on school nights. You can also check out each family member’s usage patterns and history, both site by site and by the same broad categories available in the filtering section.

Effectiveness (or not) of Circle filtering

As we already mentioned, family Internet filtering isn’t a completely reasonable proposition. Filtering can do a good job keeping your middle-schooler from stumbling into things he or she is neither ready for nor trying to find, but it absolutely won’t prevent a determined adolescent or adult from circumventing it.

When testing Circle to see how difficult its filters were to escape, the first and most annoying discovery I made was that even “Kid”-level filtering did not automatically put Google and Bing searches in safe mode. While Circle does offer that functionality, I had to manually hunt it down at the very bottom of the enormous laundry list of sites, services, and categories in the filter section to enable it. Forcing safe search mode is the single most important part of family filtering, and it should be on by default—if you forget to do so, a relatively innocent Google Image Search can turn into a very explicit eyeful in a hurry.

After eight years of billboard advertising on heavily trafficked routes in major cities, you'd think Circle would have noticed DuckDuckGo existed. Apparently not.
Enlarge / After eight years of billboard advertising on heavily trafficked routes in major cities, you’d think Circle would have noticed DuckDuckGo existed. Apparently not.

The biggest weakness I found in Circle’s filtering was its apparent ignorance of DuckDuckGo. With no “force safe search mode” offered for DuckDuckGo, Circle leaves filtered people a single image search away from instant and very hardcore pornographic images. DuckDuckGo isn’t a secret; it’s been advertising itself on billboards in major US cities for the last eight years straight. Its absence from Circle’s otherwise comprehensive controls—despite offering its own “forced-safe” functionality—is perplexing.

This is every bit as bad as you think it is—and no, the mosaic filter is not a DuckDuckGo feature.
Enlarge / This is every bit as bad as you think it is—and no, the mosaic filter is not a DuckDuckGo feature.
Jim Salter

Since there’s no entry for DuckDuckGo in Circle’s search engine controls, a horrified parent might try to disable the “Search Engines” category entirely. That will block DuckDuckGo—but it kills off Google, Bing, and Yahoo, too, resulting in something most people wouldn’t recognize as “the Internet” at all. The right (and undocumented) way to deal with this is to scroll all the way down to custom filters, block duckduckgo.com and www.duckduckgo.com, but enable safe.duckduckgo.com.

With all these caveats, you’d think I hated Circle filtering. I don’t. I’ve spent a serious amount of time directly testing family filters, and I think Circle’s filtering is best of breed. It works by injecting TCP RST into streams from any sites or services it thinks you shouldn’t be browsing, so you can’t trick it just by changing or avoiding DNS servers.

I also found Circle’s “Explicit Content” filter surprisingly difficult to fool. I tried following links from Twitter and other sources to oddball pornographic sites nobody’s ever heard of, and a couple of times the first click went through—but the images on the site didn’t load, and an attempt to refresh the page resulted in an immediate RST injected into the stream. This leads me to believe that there’s probably a neural network monitoring new traffic and automatically adding new sites to category lists on the fly as users browse to them. This was impressive, and it’s a definite leg up on any of the competing platforms I’ve tested.

The one big problem Circle has no way of getting around is its inability to detect where a user goes once inside any given site. If you allow sites that contain both innocent and explicit content (e.g. Reddit, Flickr, Imgur), you allow the entire site—both the “clean” and “dirty” parts. As a result, all of the default filter levels above “Pre-K” allow pretty easy access to hardcore pornography for anyone relatively familiar with the Internet. “Pre-K” itself seems safe as houses, but it’s only a small set of whitelisted sites and services—not what most people would consider “Internet access” at all.

Circle worked well as an embedded service

There are two ways to get Circle filtering: you can purchase a Circle standalone device, or you can get it embedded in a Netgear product such as the Orbi RBK50. I tested Circle both as a standalone IoT device and as an Orbi feature. Embedded in Orbi, I had no complaints about Circle; it resulted in little or no observable performance degradation. The free tier of Circle service included with Netgear products includes filtering—both per-individual and per-device—but doesn’t include the time limits, scheduled bedtimes, or “pausing” (disabling) Internet access for only a single device or user. If you want those features, you’ll need a Premium subscription, at either $ 5/mo or $ 50/yr. You do get Premium features for life included in the standalone device, but the standalone device itself is double-plus ungood—more on that in the next section.

Enabling Circle filtering in my Orbi RBK50 did not result in any perceptible performance change—the difference barely shows up even on a chart.
Enlarge / Enabling Circle filtering in my Orbi RBK50 did not result in any perceptible performance change—the difference barely shows up even on a chart.

The performance impact of enabling Circle filtering in my test Orbi RBK50 was negligible. While I only tested Orbi RBK50, I would not expect to find performance issues in the other Orbi kits and Nighthawk routers that support Circle, either. Even the oldest and least expensive of those—the R6400v2—has a dual-core 1 GHz ARM A9 CPU, which compares favorably to RBK50’s quad-core 700 MHz A7.

Circle did not work well as a standalone device

No matter how you place the standalone device, it feels like you did it wrong. Four of the almost-cube’s six faces are blank; the remaining two are adjacent and labeled in such a way that one is upside-down when the other is right-side up. There is no recess for the Ethernet or power jacks on one of those two faces, so you can’t place them on the bottom. This leaves you with having cables sprout from the top, with the side label clearly upside down—or tipping it on one side, with its few visual styling cues making it appear very clearly that it has been “tipped over.”

The power and ethernet jacks feel like they're on the "bottom" due to that label—but you can't put it down that way. Awkward.
Enlarge / The power and ethernet jacks feel like they’re on the “bottom” due to that label—but you can’t put it down that way. Awkward.
Jim Salter

The manual insists that you absolutely must not plug an Ethernet cable into the device during setup—which isn’t exactly true, but you cannot get through the setup process without successfully joining the Circle device to a 2.4GHz Wi-Fi network. This leaves you forever wondering whether it’s actually using any wired network connection at all. (It does, but you can only find that out by diagnosing its performance both with and without the cable plugged in.) Oh, and it’s got a Li-On battery in it, for some reason, much like the equally bizarre BullGuard Dojo “cyber security” IoT device. So if you are dead set on having your family’s Internet filter sitting out in the middle of the living room with nothing at all plugged into it, you can do that, for a little while.

The device doesn’t actually sit between your router and the Internet or between your devices and your router. It connects to the router the same way as the rest of your devices do and just hijacks all of their Internet-bound traffic via ARP spoofing. Effectively, the Circle device disguises itself as not just a router, but very specifically your router, advertising the same MAC address(es) as your router’s LAN and/or wLAN interfaces as belonging to it. Presto, all (or at least most) of your Internet-bound traffic has to go through the Circle first! This might sound convenient if you don’t know much about networking, but it presents several real problems.

While most consumer gear will blindly accept this ARP-spoofing behavior, many business-grade “smart” switches and some routers will correctly recognize this as an attack and immediately block the Circle from the network. Even when it works properly, ARP spoofing to gain access to outbound traffic means that everything has to pass through your local network several times along the way. This makes for an enormous impact on speed and latency due not only to the processing power of the device itself, but also—and unavoidably—due to the multiple trips across the LAN.

On a gigabit connection that tests out to 941Mbps bare, the best-case scenario with Circle hardware—Ethernet coupling to the router and all filtering disabled—still slowed things down to 266Mbps. But a typical experience will be much worse than that. With Circle hardware coupled to the router over the same Wi-Fi channel my test laptop used—exactly the scenario a typical user who followed the setup instructions would end up with—throughput plummeted to only 12Mbps.

Adding a standalone Circle device to your network slows things down dramatically, even for devices you aren't applying filtering to. Most people would end up in that bottom 12Mbps bar, which is what you get when your device and the Circle are both connected to your router on the same Wi-Fi channel.
Enlarge / Adding a standalone Circle device to your network slows things down dramatically, even for devices you aren’t applying filtering to. Most people would end up in that bottom 12Mbps bar, which is what you get when your device and the Circle are both connected to your router on the same Wi-Fi channel.
Jim Salter

We tested the first-generation Circle, but a newer version is available now. The newer device boasts better hardware, which may or may not solve some of the issues we encountered with the 1st-gen device, but it costs $ 100 more and does not include Premium features.

Circle’s competition in the filtering space

There are a lot of ways to get your Internet filtered, and I’ve tested most of them. Prior to Circle, Netgear embedded OpenDNS filtering functionality in its Nighthawk router series. That filter was, as the name suggests, DNS-based only. It was extremely easy to bypass and not very effective. In my experience, it also tended to screw up traffic to a degree that made its use impossible in a business setting. Eero also offers family filtering for its Wi-Fi mesh kits, branded (along with security filtering) as Eero Plus, at $ 10/mo. Eero Plus has more bypass problems than Circle’s filters, unfortunately, and I wasn’t particularly impressed with its security filtering either.

For most people, it will probably make more sense to look into filtering at the individual-device level than the whole-device level. Although filtering at the end-user device leaves some possibility for the end users themselves to escape the filter by shutting it down or uninstalling it, it does allow for direct content filtering since it can filter after HTTPS decryption occurs. Recommending any such product as a one-size-fits-all solution is difficult; Net Nanny ($ 90/yr, for up to 20 devices) probably comes the closest, since it offers protection for Windows, Mac, Android, and iOS all in one plan.

My own family uses Google Family Link—it’s free and works reasonably well, but it won’t help with anything but Android devices. (Google Family Link has other frustrating limitations, such as only working with up to six total accounts, including parents—large families need not apply.)

The good, the bad, and the ugly

The good

  • Circle’s actual filtering service is the best I’ve seen in any consumer-facing product.
  • There was no noticeable performance impact as tested embedded in a Netgear Orbi RBK50.
  • Fine-grained individual controls let you adjust the filtering impact differently for individuals and devices.

The bad

  • The standalone Circle hardware is one of the worst (least?) thought-out designs I’ve ever seen.
  • Reliance on ARP spoofing means tanking Internet performance—even on “unfiltered” devices—if you connect a standalone Circle device to your network.

The ugly

  • You shouldn’t have to buy a Netgear router to get Circle filtering without tanking your Internet performance—but until its designers take hardware and network design seriously, you do.

Editor’s note: This story has been updated to reflect the fact we’ve reviewed the first generation Circle device. 

Let’s block ads! (Why?)

Tech – Ars Technica

Leave a Reply

Your email address will not be published. Required fields are marked *