Securing Faith, Sacrificing Safety

David August

David August

6 min read
Hands holding a smartphone with the camera open, positioned next to an ornate book with a decorative cover.
by Ashkan Forouzani on Unsplash

Digital Risks of Faith-Based Content Filters

Centralized filtering systems often collect user data to function, raising real privacy and security issues as they are often not properly secured or anonymized. It is a one-stop shop to comprise the security and safety of an entire religious community, and each member of the community's digital lives. This includes their real-time locations, banking data, health information, relationships and more.

For example, Rimon Internet Provider, which provides Internet filtering services for the religious and Haredi sectors, was breached by an Iranian cyberattack group in August 2025. The report of this single breach highlights some of the unmitigated and unmitigable risks of such filtering.

"Rimon Internet filters content by routing all traffic through its servers, acting as an Internet provider with full oversight. Using a legitimate MITM (Man-in-the-Middle) method, it decrypts HTTPS traffic, scans it by user rules, blocks unwanted content, and then restores browsing.

This gives the company access to sensitive data: site addresses, page content, and even login details. A breach could expose not only credentials but also personal information such as preferences, filtered content, and correspondence."

Faith-based content filters are, at their core and foundation, centralizing people's individual digital lives, and the digital activity of entire communities, and then leaving them under-protected or unprotected by modern cybersecurity standards.

Digital Vulnerabilities

As these these filtering systems are often partly or all volunteer-run, and they use unavoidably under-resourced systems (when compared to major tech companies), they often lack comprehensive professional cybersecurity oversight. This increases the risk of vulnerabilities of all types, and especially for groups that may be targeted. Limited IT expertise in smaller religious institutions can lead to misconfiguration or unpatched security flaws as well.

Having one's internet activity compromised can lead to financial loss, identity theft, privacy loss (CyberGlossary Eavesdropping Definition) and, according to the FBI, internet connected devices when compromised "if accessed, could result in physical safety threats."

Physical Vulnerabilities

The dozens of offices the faith-based content filtering organizations often run, in multiple countries, are often woefully lax in physical security as well. From physically unsecured digital hardware to access points like doors that lack adequate protection, the possibility for penetration of their systems is real. This allows anyone with bad intentions to compromise the digital systems every user of that faith-based content filter worldwide. Those users relying on the faith-based content filter to keep their communications, health data, banking, financial and all other data secure (including data and contacts of their friends, families, colleagues and companies as well) are left exposed.

This is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. Please Subscribe Here.

Fundamental Security Risks in Ad Hoc (Not Built-In) Content Filtering

Many of the companies and organizations offering faith-based content filter solutions are "Data Rich, Defense Poor: Like any other organization, religious institutions [and faith-based content filters] store [and transmit] the personal data of their members [and users] – names, addresses, contact details, donation records...financial information. However, many of these institutions may not have the robust cybersecurity measures corporate entities do, making them soft targets" (Cybercrime and Religious Institutions: A Wake-Up Call for the Faithful).

Data breaches, like the August 2025 Rimon breach, are damaging to people and their communities. A December 2024 breach of Young Life, a Colorado-based religious organization, disclosed names, Social Security numbers, financial account details, and payment card information which "underscores the high stakes of cyberattacks on faith-based institutions." The people hurt in that instance face the consequences of identity theft and financial fraud. An August 2024 breach of a Turkish religious studies app meant "exposed data [which] included geolocation details [where physically you are and when you are there], SIM serial numbers, network identifiers, MAC addresses, and IP addresses. Such information, if exploited, poses severe risks of identity theft, cyber fraud, and unauthorized surveillance" (Faith Under Cyber Fire: How Cyberattacks Exploit Religious Communities).

Global Risk vs. Reward Assessment

The risks of placing one's entire digital footprint through an under-provisioned, digitally and physically vulnerable system like a faith-based content filter are grave. And these risks simply cannot be mitigated by the non-profit and often volunteer organizations supporting such filters. Motivated, skilled, well-resourced and motivated cyber attackers target religious organizations as either easy soft financial targets or out of ideological and geopolitical motives.

According to the Annual Threat Assessment of the U.S. Intelligence Community (PDF) from March 2025 and prepared by the Director of National Intelligence, "Financially motivated cyber criminals continue to prey on inadequately defended U.S. targets..." and "Iran’s growing expertise and willingness to conduct aggressive cyber operations also make it a major threat to the security of U.S. and allied and partner networks and data...also [Iran] will continue to directly threaten U.S. persons globally and remains committed to its decade-long effort to develop surrogate networks inside the United States."

Israel's National Institute for Security Studies concurs. Iran "...has developed the institutions and infrastructure to ensure its proxy war could disrupt, sabotage and even destroy civil and commercial targets, critical national infrastructure and military capabilities" (Iranian hacking group steps up global cyber war).

Therefore, no faith-based content filters can be recommended as safe to use at this time. The built-in parental controls available as built-in filtering systems on phones, tablets and computers can likely accomplish what is wanted to enforce restrictions and filter out religiously unwanted material, and can do so without comprising personally identifiable information (PII) or opening new major security vulnerabilities. Google, Apple and others have guidance on how to use their built-in solutions.

If the built-in parental and content control systems seem to interfere with other desired device features, that can be managed through individual troubleshooting of issues that may reveal how to solve such conflicts. Many times individual sites and/or apps can be exempted to one degree or another from the restrictions of built-in parental controls, allowing those to function as they would without any filter in place.

DNS Level Blocking Options and Caveats

All websites (and most apps) lookup what machine a given domain like www.example.com is currently on by using a DNS server. Sort of like a phone-book allows one to look up the phone number for a person or a business, DNS servers allow your devices to look up what machine or machines they need to access for a given site or app to work. A DNS server translates domain names into IP addresses.

While not a full-featured filter, using a purpose built DNS lookup can allow one to block access to most objectionable content. Examples are as follows (I have not used or evaluated these two; buyer beware):

Public Faith-Based DNS Filtering Services:

  1. CleanBrowsing - offers a "Family Filter" that blocks adult content, mixed content, and malicious sites. It aligns with "conservative family values" and is widely used by religious communities. DNS Addresses:
    Family Filter: 185.228.168.168 and 185.228.169.168
    Adult Filter: 185.228.168.10 and 185.228.169.11
  2. OpenDNS FamilyShield - while not faith-specific, OpenDNS FamilyShield blocks adult content and is often used by families and religious groups seeking a safer browsing environment. DNS Addresses: 208.67.222.123 and 208.67.220.123

Users can manually set their device’s DNS settings to use the provided DNS server addresses (on iOS, on Android or on MacOS, on Windows). This can be done on routers (to protect all devices on a network) or on individual devices (computers, smartphones, tablets). These services typically block offending sites by returning a "blocked" page or redirecting to a safe page, rather than allowing the connection to proceed.

No filter is perfect; some legitimate sites may be blocked, and some inappropriate sites may slip through. This is true of all filters. Using third-party DNS services means trusting the provider with your browsing data (at least as far as DNS lookups). Always review the privacy policy of the DNS provider and be aware they may retain whatever data they collect on your internet use.

This is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. Please Subscribe Here.

© Copyright November 3, 2025, David August, all rights reserved davidaugust.com

David August is an award-winning actor, acting coach, writer, director, and producer. He plays a role in the movie Dependent’s Day, and after its theatrical run, it’s now out on Amazon (affiliate link). He has appeared on Jimmy Kimmel Live on ABC, on the TV show Ghost Town, and many others. His artwork has been used and featured by multiple writers, filmmakers, theatre practitioners, and others to express visually. Off-screen, he has worked at ad agencies, start-ups, production companies, and major studios, helping them tell stories their customers and clients adore. He has guest lectured at USC’s Marshall School of Business about the Internet.

Read more