I wouldn't feel comfortable making an "official" statement on VMware's behalf about exactly what would or would not break the rules, but I'll comment on this particular item (my opinion only, of course).

The appliance may not, "...surreptitiously intercept

or expropriate any system, data or personal

information."

and

The appliance may not be, "...infringing,

threatening, invasive of another’s privacy..."

IMHO the appliance idea as described above by de8o does not violate these rules. It blocks some content, but it does not intercept personal information or invade privacy. If it sent a list of URLs you tried to visit to the appliance author's email address, that would be a different question. But if it just sits there and blocks certain websites, that doesn't seem like a problem to me.

Bear in mind also that you have to configure your network to use this appliance in the first place -- it's not the kind of thing that someone can set up and surreptitiously capture traffic, because you have to replace whatever existing network infrastructure is currently providing web access.

Just my opinion.

You should be able to add/remove protocol/URL filters on the fly, ideally using a HTML interface, or if you're so inclined, after the VM is offered, allow people to add their own black/whitelists after recieving the VM, but if you were to intercept and filter in this manner, your entry would probably be denied.

Just a thought...

but if you were to intercept and filter in this manner, your entry would probably be denied.

Why? The rules state that the appliance cannot be "invasive of another’s privacy" or "surreptitiously intercept or expropriate any system, data or personal information". By allowing the user to filter URL's on the fly, you are not intercepting and filtering surrpertitiously - you are doing it explicitely. The user is making the decision to block that URL.

I'm just guessing here, but I think the purpose of those statements in the rules is to prevent people from adding virus/spyware-type programs into the appliciances which would grab the user's personal info without their knowledge and use or post it somewhere without the user's knowledge. By creating a filtering proxy server appliance, and allowing the user to specify what should or shouldn't be filtered, the rules are not violated. The user knows that they are being blocked and they are deciding what to or not to block - nothing is being done without the user's knowledge.

Just my opinion. Any thoughts? (esp from the VMWare people)

I'm just guessing here, but I think the purpose of

those statements in the rules is to prevent people

from adding virus/spyware-type programs into the

appliciances which would grab the user's personal

info without their knowledge and use or post it

somewhere without the user's knowledge. By creating

a filtering proxy server appliance, and allowing the

user to specify what should or shouldn't be filtered,

the rules are not violated. The user knows that they

are being blocked and they are deciding what to or

not to block - nothing is being done without the

user's knowledge.

Just my opinion. Any thoughts? (esp from the VMWare

people)

That's my take on this as well. As far as I can tell, the point is that the VM should not be doing anything sketchy that the user of the VM[/i] doesn't know about. Filtering traffic seems perfectly legitimate and if the VM does what it advertises to do then I see no problem.

I'm not the one running the contest so I can't speak officially on this, but that's my interpretation of it.

Curiously enough I am already doing this.

I have used SmoothWall with DansGuardian for some time as a standalone firewall.

In order to make T&D easier I ended up running Smoothwall in a VM environment.

Since then it has been a perfectly usable environment. However for lots of reasons I still prefer to keep the separate physical box.

JConroy

I'm not sure how the k12ltsp appliance is set up, but squidguard and dansguardian are easily installable with yum if they aren't already there.