Understanding the reports

Contents

Introduction

For Net Responsibility (NR) to be as effective as possible, it is important that an accountability partner (AP) understands the reports they receive. When a user registers on the NR website they are able to choose a variety of settings, which will determine how often reports are sent out, as well as their format and content. One format is to have only a basic report included in the email itself, and another is to have an additional more detailed report in a file attached to the email. If there is something you don't understand about a report you received, you should take the time to read this and other relevant guides, ask the NR user, or contact the NR developers, so that you can be an informed and helpful AP.

Sections of the report

Depending on the NR user's settings, their report will include one or more of the following sections.

Introductory material

At the beginning of the email report, the NR user is identified by the name they used when they registered online, and there is a link to the NR website, where you can find more information or help as needed. There is also a list of any 'suspicious' words or phrases that NR found as it monitored the website addresses (URLs) the user visited. These are set up as internal links, so clicking on them will take you to the Warnings section, where you can see a list of the URLs visited that contained that particular word or phrase. This section is included in the email report only.

Bypasses

This section shows any activity that might indicate an attempt to bypass the NR software, such as manually shutting down the program, changing certain files on the user's computer, etc. If there are any items in this section, it could mean that the user was attempting to bypass the NR software in order to use the internet inappropriately, but it is also possible that it was caused by a problem on their computer, or by them doing some testing of the software. It is best for the AP to check with the user any time there are items listed in this section. This section may be included in both the email report and the attached report.

Warnings

It is strongly recommended that this section be included in the report, since it shows any URLs the user's computer accessed that NR flags as inappropriate. If an AP sees links here that they think are not false positives, it is best for them to check with the user about them. This section may be included in both the email report and the attached report. Here is an example from a regular email report:

Warning item from email report

Each item includes a clickable link that can be used to confirm what the web page is, but it is good to be aware that some of these web pages may contain inappropriate content and/or malware that can be harmful to a computer. Each item also includes a color-coded number, which is NR's attempt at indicating the likelihood of it being an inappropriate site (with the higher number intended to mean a greater likelihood). Because this is a fairly new report feature that hasn't been tested extensively, it's likely that some of the number rankings given are not accurate, so an AP should not rely that heavily on these numbers at the current time. However, there are ongoing efforts to improve its accuracy. In fact, if you would be willing to give just a little bit of your time to help us improve this feature, we would be grateful! For more information about how you can help, see the Improving the reports section of this page. Eventually we hope that these number rankings will accurately rate URLs according to the following points or markers on a 0-100 continuum:

  • 0 (zero): This is definitely a false positive. The keyword might be present, but it's obvious it wasn't any harm. Example string from URL:

cas.be.eu.criteo.com/..._SIMBHNUZBLkvp90fZwLESeXvVkp5MPrZms71bFwm8o...

  • 25: This was a match, but is unlikely a really dangerous site. Example string from URL:

a.tribalfusion.com/...50&addBlockingCategories=Adult,Political,Flashing...

  • 50: You should probably look at the URL to ensure this isn't something to be concerned about. It's a match, but not necessarily dangerous. Example string from URL:

upload.wikimedia.org/...150px-MariahCarey13EdwardsDec1998.jpg

  • 75: This is most probably something to worry about. If several of these URLs are listed you should get in touch with the user to check if everything is okay. Example string from URL:

www.google.com/...&geo&q="sunny+leone+sex"&gprop&date=today+3-m&...

  • 100: This is not only a match, it's definitely a bad site; you don't even have to think twice, it's really that obvious. Most often a combination of several keywords are found in the same URL. We'd rather not give an example for this level.

Note that in this section you may see terms such as 'Porn', 'Pornstars', 'Models', 'Celebrities', 'Pornstars extended', 'Models extended', Celebrities extended', etc. These are just the names of the particular 'blacklist' that contained the word(s) that triggered the warning. Also note that some website addresses in the report may not have actually been visited by the user. For instance, when some websites load, they access other websites in order to load icons or images, possibly for advertisements or for a person's avatar on a forum, etc. A common example is that a user's history of all websites visited might show that they visited the Facebook website multiple times when they actually never did; they simply visited other websites that had loaded one or more images from the Facebook domain. As a result, some items might show up as warnings that might be confusing for both the AP and the user as to why they are there. Normally a closer examination of the URL and its domain will help you and the user determine whether or not the item was generated by a visited website rather than by the user themselves.

Whitelist

This section shows any URLs the user's computer accessed that NR would normally consider inappropriate, but which NR or the user have marked as being okay. Putting something on this list is one way to avoid false positives in the 'Warnings' section. It is best for the AP to at least scan this section to see if there is anything that is actually inappropriate, and to check with the user if necessary. This section may be included in both the email report and the attached report.

History

This section gives a history of the user's internet use by recording the URLs of websites and web pages that their computer has accessed. Hostnames (main website addresses) may be listed, such as 'google.com'. Underneath a hostname other sub-hostnames may be listed, such as 'clients1.google.com' and 'www.google.com'. Under these hostnames and/or sub-hostnames, each individual web page may be listed. This allows the AP to scan just the hostnames, and then look in more detail at the web pages under a particular hostname as desired. If there is no internet history shown or it is not as detailed as the AP desires, they should contact the user so that they can change their configuration settings accordingly. This section is included in the attached report only.

The attached report

A NR user can choose to have a more detailed version of the report sent with the basic email report as an attached file. This attached report is an HTML file that any JavaScript-enabled web browser should be able to open. This may be an easier way of viewing the report, since it uses a tree structure (similar to some file managers) that enables the AP to easily choose more or less detail as desired. According to its size and/or the NR user's online configuration settings, the report may be compressed and attached as a ZIP file. When the ZIP file is extracted, it will create the HTML file. For best viewing results, an AP should do the following with an attached report:

  • If it is a ZIP file, extract or 'unzip' it, making a note of where the HTML file has been extracted to. (You may first need to save the ZIP file somewhere on your computer outside of the web browser or email client.)
  • If it is an HTML file, save it somewhere on the computer outside of the web browser or email client.
  • Make sure an installed web browser has JavaScript enabled.
  • Go to where the HTML file was extracted or saved, and open it with the JavaScript-enabled web browser.

If the above steps were successful, the AP should see a web page in their browser that has a few 'Options' links at the top, and the report sections organized as 'branches' in a 'tree' structure under them. An item in the tree that has a '+' sign next to it can be 'expanded' by clicking on the '+' sign. The 'History' section contains the URLs that were accessed by the user's computer. Clicking on the 'Display time' link will cause the time and date to be shown next to each event and each URL that was accessed. Once this link is clicked, the text of the link will change to 'Hide time', which can then be clicked at any time to turn this feature off. Clicking on the 'Expand all nodes' link will completely expand every part of the tree. Depending on how much information is in the report, this may feel somewhat overwhelming, but it is a relatively fast and easy way to show all the information at once.

Things to remember

Here are a few things for an AP to remember when they are looking at a NR report:

  • Things that look suspicious may actually be okay. Everything should be looked at in context and the NR user should be contacted about anything that is not understood.
  • When some links in the report are clicked, they will lead to another web page. These links are listed because they are suspicious, so the AP will want to be especially cautious if clicking them.
  • For problems related to reports, see the Troubleshooting the Reports guide.

Improving the reports

Even though a lot of work has already gone into improving NR's reports, we recognize that much more can be done to make them as helpful to the user and as convenient for the AP as possible. One of the ways that an AP and/or a user can assist with this is by giving a little bit of their time to evaluate and rate URLs in the Warnings section in regards to the likelihood that they are an accurate report of possible inappropriate internet use, or whether they are false positives. If you are interested in doing this, here is what you need to do:

  • First make sure that you are receiving an attached report, rather than only the regular email report. If you are an AP and are not receiving an attached report, you will need to request the NR user to change his online settings so you will start receiving it. (The size of the attached file can sometimes be somewhat large, so if that is an issue, you may want to request the user to adjust their settings so you get a zipped (compressed) copy of the attached report.) If you are a NR user and are not receiving a report at all, you can start receiving your own reports by simply adding your email address as an AP in your online settings.
  • When you get an attached report, open it. See The attached report section of this page for the best way to do this. If you are running into problems, you can also check out the Troubleshooting the reports guide.
  • If there is a Warnings section, expand it by clicking on the plus sign beside it. There may be one or more keywords listed in this section; if there are any, expand one or more of them. Here is an example of what this might look like:

Warning item in attached report

You'll see that each item in the Warnings section has the same color-coded numbers as are shown in the regular email report, but here there is also a drop-down menu for each of the numbers that can be opened by clicking on the number or the arrow to the right of it. Here's how it looks with this menu open for the first item in the above image:

Warning item menu in attached report

In the drop-down menu, the first number is simply the current ranking that NR has given this item. The numbers after that (0, 25, 50, 75, 100) represent various points or markers along the 0-100 continuum that represent levels of the likelihood of an URL being a cause for concern or not. See the Warnings section on this page to see a description of what each of these levels is meant to represent.

  • So the way to help out is to look at each item, evaluate which of the levels it best fits into (according to the above-mentioned description), and then choose the corresponding number from the dropdown menu. When you do this, the URL and its related information, along with your rating of it, will be sent to the NR server. (Note that this information is then stored on the NR server even if the user has not selected 'Provide improvement data' in their online settings.) This will then help the developers know how to make any necessary adjustments to NR's filtering methods. (Once you have rated an URL, the number you chose will show up on a white background and the drop-down menu will no longer be available for that item. However, if you close and re-open the report, it will appear as it did at first.) Note that it is helpful to assign a rating to an URL regardless of whether it's current ranking is accurate or whether it is way off. Also, the more people that are regularly reporting ratings of URLs in this way, the more accurate the reports will become. So your help would definitely be appreciated!