LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (http://www.linuxquestions.org/questions/general-10/)
-   -   Child Safety on the Internet (http://www.linuxquestions.org/questions/general-10/child-safety-on-the-internet-4175469542/)

dmchess 07-13-2013 05:25 PM

Child Safety on the Internet
 
I just did a series of posts on using Linux to keep children safe on the internet. My Blog is at http://knightstar.blogspot.com/

I don't know if it is any good though.

jamison20000e 07-13-2013 08:28 PM

good work Thanks. will read more as my nephews grow ;) now i let them use only some sites (WebFilter Pro - The web content filtering addon!)...

jefro 07-14-2013 11:03 AM

I think it is kind of a shame that parents can't easily buy a product or isp offering that remotely or securely sets child safe levels. I'd think there would be a huge market if some company offered such a service. What parent wants to fool with this issue? How many could possibly set up a secure safe system that the kid can't get past? Live cd borks most of their work.

H_TeXMeX_H 07-14-2013 12:15 PM

If the kid wants to get past the kid will get past. Case it point, myself :)

The best thing to do is to have a good relationship with the child, and explain to them exactly why they shouldn't talk to complete strangers over the internet, especially using webcams, and especially giving out personal info or setting up a meeting. You can use real life cases as instructional material. Kids are smarter than many give them credit. Treating them as if they are stupid, incompetent prisoners is not parenting (not that I am accusing anyone in particular of doing this).

Certainly some internet filtering will be required for a while depending on their age. There already exist configurable proxies than can filter information.

dmchess 07-14-2013 08:29 PM

I am not going to say it is impossible to get around what I recomended, because I know it's not. It would be difficult and since there are several levels of security and if the parent is monitoring as I recomended, the child would get caught.

T.

H4CK2013 07-17-2013 03:34 PM

Quote:

Originally Posted by H_TeXMeX_H (Post 4990196)
If the kid wants to get past the kid will get past. Case it point, myself :)

Exactly. These companies think kids are naive. But some kids have a hacker mentally or are computer hobbiest and this is a no barrier to them.

On the flip side, if the kid can't tell the difference from a floppy drive to a hard drive than it is another story

jefro 07-17-2013 08:19 PM

I understand that maybe 12 year olds might get past some stuff but below that a secure isp would be possible. All sorts of companies can block stuff, why can't a common isp do it for a fee?

dmchess 07-17-2013 09:51 PM

Ok, this is what the child would have to do to get free unfettered access, if the parents followed my instructions.

1. The only sudo rights they have are to mount file systems and shutdown. So, inorder to install any software including programming tools, chat tools, ect. is they have to figure out what password there parents have to their laptop. If they could do this, they could also change the local computers dns server and install any app they like.

2. They would have to figure out what the router password is to change the dns server and change the security level, so that any and all network traffic is passed.

The easiest soloution for the child is to boot from a memory stick and to use another wireless network. The problem is they will get caught, because the aware parent will not be able to ssh in and would immediatly become suspicious. The parent is also likely to notice a drop in web and email activity and would become suspicious. I would also be suspicious as a parent if the history was deleted from the web browser. If you think they are taking the laptops to a local hotspot and going around you, lock the laptops down so the can't. Or just get them desktops and hope there isn't a open network within range.

The only way I could think of the child completely fooling the parent is if one of the installed apps has a serious bug that allows the child to become root. Not too likely in todays world. The chances of the child breaking one of the parents passwords, if the parent has chosen good solid passwords is insignificant with these older slow laptops.

Also, you don't need a isp with a halo, just use the OpenDNS Family Shield Addresses. This will keep 98% of the bad stuff off of your network. If you are more industrious, use DansGuardian.

T.

H_TeXMeX_H 07-18-2013 01:55 AM

1. They could use a live CD and then they don't need any passwords.

2. Many routers have backdoors and easy default passwords.

TobiSGD 07-18-2013 07:00 AM

Quote:

Originally Posted by dmchess (Post 4992289)
Ok, this is what the child would have to do to get free unfettered access, if the parents followed my instructions.

1. The only sudo rights they have are to mount file systems and shutdown. So, inorder to install any software including programming tools, chat tools, ect. is they have to figure out what password there parents have to their laptop. If they could do this, they could also change the local computers dns server and install any app they like.

2. They would have to figure out what the router password is to change the dns server and change the security level, so that any and all network traffic is passed.

The easiest soloution for the child is to boot from a memory stick and to use another wireless network. The problem is they will get caught, because the aware parent will not be able to ssh in and would immediatly become suspicious. The parent is also likely to notice a drop in web and email activity and would become suspicious. I would also be suspicious as a parent if the history was deleted from the web browser. If you think they are taking the laptops to a local hotspot and going around you, lock the laptops down so the can't. Or just get them desktops and hope there isn't a open network within range.

The only way I could think of the child completely fooling the parent is if one of the installed apps has a serious bug that allows the child to become root. Not too likely in todays world. The chances of the child breaking one of the parents passwords, if the parent has chosen good solid passwords is insignificant with these older slow laptops.

Also, you don't need a isp with a halo, just use the OpenDNS Family Shield Addresses. This will keep 98% of the bad stuff off of your network. If you are more industrious, use DansGuardian.

T.

All you would need to circumvent that would be a few minutes alone with a live-cd to add yourself to the sudoers list with less restrictions. Or you just set up one of the free proxies in Firefox for network connection, no root access needed.
Technical possibilities are no substitute for education. Teach your child how to responsibly work with the Internet, if it is to young to grasp that you should either watch your child when it does things on the net or you set up a sandbox with only white-listed websites you have tested yourself (of course assuming that the child is to young to circumvent that).

jamison20000e 07-18-2013 07:49 AM

i'd still whitelist LQ lol

dmchess 07-18-2013 08:35 AM

Your points are valid, but it is an easy check. You can check for addons right from Firefox.
The parent can easily cat sudoers file and note any changes. It's a small file.

I'll add this info to the blog.

TobiSGD 07-18-2013 08:45 AM

Quote:

Originally Posted by dmchess (Post 4992548)
Your points are valid, but it is an easy check. You can check for addons right from Firefox.
The parent can easily cat sudoers file and note any changes. It's a small file.

I'll add this info to the blog.

And the child can easily create a file in /etc/sudoers.d, which would go unnoticed when only checking the sudoers file. The point remains that education is better than technical solutions, since you will always find a way to circumvent then.

jamison20000e 07-18-2013 10:49 AM

Quote:

Originally Posted by TobiSGD (Post 4992551)
...The point remains that education is better...

should definitely be in the blog unless i missed it and technical solutions are good too ;)

i wouldn't do this (?) but you know kids\*,,, spy cam or key\*\logger...

The War on Kids: The Definitive Documentary on the Failure of the Public Education System: https://www.youtube.com/watch?v=i-tAQ56-gaA

H_TeXMeX_H 07-18-2013 11:17 AM

For a more secure router, I install dd-wrt on it, if it is supported.

At a hotel I saw that they had a proxy installed that would restrict access to broad categories of sites. It did this so much that it became obnoxious at one point. I mean it blocks CGI proxies, so you can't use that to go around it. I was looking up card games, because I wanted to learn some new ones and it blocked some of the sites as under the category "psychic / paranormal" or something like that, because it contained Tarot cards. It was seriously annoying and useless. (Luckily there were plenty of insecure wifi hotspots around).

If you decide to filter the internet, do it wisely. As said above, it is better to focus on education.


All times are GMT -5. The time now is 02:00 AM.