LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices



Reply
 
Search this Thread
Old 07-13-2013, 06:25 PM   #1
dmchess
Member
 
Registered: Jan 2005
Posts: 73

Rep: Reputation: 20
Child Safety on the Internet


I just did a series of posts on using Linux to keep children safe on the internet. My Blog is at http://knightstar.blogspot.com/

I don't know if it is any good though.
 
Old 07-13-2013, 09:28 PM   #2
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: infinity; (randomly born:) Milwaukee, WI, US, Earth
Distribution: any UNIXish that works well on my cheapest with mostly KDE, Xfce, JWM or CLI but open ;-)
Posts: 1,468
Blog Entries: 2

Rep: Reputation: 382Reputation: 382Reputation: 382Reputation: 382
good work Thanks. will read more as my nephews grow now i let them use only some sites (WebFilter Pro - The web content filtering addon!)...
 
Old 07-14-2013, 12:03 PM   #3
jefro
Guru
 
Registered: Mar 2008
Posts: 12,087

Rep: Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521
I think it is kind of a shame that parents can't easily buy a product or isp offering that remotely or securely sets child safe levels. I'd think there would be a huge market if some company offered such a service. What parent wants to fool with this issue? How many could possibly set up a secure safe system that the kid can't get past? Live cd borks most of their work.
 
Old 07-14-2013, 01:15 PM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
If the kid wants to get past the kid will get past. Case it point, myself

The best thing to do is to have a good relationship with the child, and explain to them exactly why they shouldn't talk to complete strangers over the internet, especially using webcams, and especially giving out personal info or setting up a meeting. You can use real life cases as instructional material. Kids are smarter than many give them credit. Treating them as if they are stupid, incompetent prisoners is not parenting (not that I am accusing anyone in particular of doing this).

Certainly some internet filtering will be required for a while depending on their age. There already exist configurable proxies than can filter information.

Last edited by H_TeXMeX_H; 07-14-2013 at 01:16 PM.
 
Old 07-14-2013, 09:29 PM   #5
dmchess
Member
 
Registered: Jan 2005
Posts: 73

Original Poster
Rep: Reputation: 20
I am not going to say it is impossible to get around what I recomended, because I know it's not. It would be difficult and since there are several levels of security and if the parent is monitoring as I recomended, the child would get caught.

T.
 
Old 07-17-2013, 04:34 PM   #6
H4CK2013
LQ Newbie
 
Registered: Jul 2013
Location: NC
Distribution: Mint 15
Posts: 10

Rep: Reputation: Disabled
Quote:
Originally Posted by H_TeXMeX_H View Post
If the kid wants to get past the kid will get past. Case it point, myself
Exactly. These companies think kids are naive. But some kids have a hacker mentally or are computer hobbiest and this is a no barrier to them.

On the flip side, if the kid can't tell the difference from a floppy drive to a hard drive than it is another story
 
Old 07-17-2013, 09:19 PM   #7
jefro
Guru
 
Registered: Mar 2008
Posts: 12,087

Rep: Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521
I understand that maybe 12 year olds might get past some stuff but below that a secure isp would be possible. All sorts of companies can block stuff, why can't a common isp do it for a fee?
 
Old 07-17-2013, 10:51 PM   #8
dmchess
Member
 
Registered: Jan 2005
Posts: 73

Original Poster
Rep: Reputation: 20
Ok, this is what the child would have to do to get free unfettered access, if the parents followed my instructions.

1. The only sudo rights they have are to mount file systems and shutdown. So, inorder to install any software including programming tools, chat tools, ect. is they have to figure out what password there parents have to their laptop. If they could do this, they could also change the local computers dns server and install any app they like.

2. They would have to figure out what the router password is to change the dns server and change the security level, so that any and all network traffic is passed.

The easiest soloution for the child is to boot from a memory stick and to use another wireless network. The problem is they will get caught, because the aware parent will not be able to ssh in and would immediatly become suspicious. The parent is also likely to notice a drop in web and email activity and would become suspicious. I would also be suspicious as a parent if the history was deleted from the web browser. If you think they are taking the laptops to a local hotspot and going around you, lock the laptops down so the can't. Or just get them desktops and hope there isn't a open network within range.

The only way I could think of the child completely fooling the parent is if one of the installed apps has a serious bug that allows the child to become root. Not too likely in todays world. The chances of the child breaking one of the parents passwords, if the parent has chosen good solid passwords is insignificant with these older slow laptops.

Also, you don't need a isp with a halo, just use the OpenDNS Family Shield Addresses. This will keep 98% of the bad stuff off of your network. If you are more industrious, use DansGuardian.

T.
 
Old 07-18-2013, 02:55 AM   #9
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
1. They could use a live CD and then they don't need any passwords.

2. Many routers have backdoors and easy default passwords.
 
Old 07-18-2013, 08:00 AM   #10
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,653
Blog Entries: 2

Rep: Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096
Quote:
Originally Posted by dmchess View Post
Ok, this is what the child would have to do to get free unfettered access, if the parents followed my instructions.

1. The only sudo rights they have are to mount file systems and shutdown. So, inorder to install any software including programming tools, chat tools, ect. is they have to figure out what password there parents have to their laptop. If they could do this, they could also change the local computers dns server and install any app they like.

2. They would have to figure out what the router password is to change the dns server and change the security level, so that any and all network traffic is passed.

The easiest soloution for the child is to boot from a memory stick and to use another wireless network. The problem is they will get caught, because the aware parent will not be able to ssh in and would immediatly become suspicious. The parent is also likely to notice a drop in web and email activity and would become suspicious. I would also be suspicious as a parent if the history was deleted from the web browser. If you think they are taking the laptops to a local hotspot and going around you, lock the laptops down so the can't. Or just get them desktops and hope there isn't a open network within range.

The only way I could think of the child completely fooling the parent is if one of the installed apps has a serious bug that allows the child to become root. Not too likely in todays world. The chances of the child breaking one of the parents passwords, if the parent has chosen good solid passwords is insignificant with these older slow laptops.

Also, you don't need a isp with a halo, just use the OpenDNS Family Shield Addresses. This will keep 98% of the bad stuff off of your network. If you are more industrious, use DansGuardian.

T.
All you would need to circumvent that would be a few minutes alone with a live-cd to add yourself to the sudoers list with less restrictions. Or you just set up one of the free proxies in Firefox for network connection, no root access needed.
Technical possibilities are no substitute for education. Teach your child how to responsibly work with the Internet, if it is to young to grasp that you should either watch your child when it does things on the net or you set up a sandbox with only white-listed websites you have tested yourself (of course assuming that the child is to young to circumvent that).

Last edited by TobiSGD; 07-18-2013 at 08:03 AM.
 
Old 07-18-2013, 08:49 AM   #11
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: infinity; (randomly born:) Milwaukee, WI, US, Earth
Distribution: any UNIXish that works well on my cheapest with mostly KDE, Xfce, JWM or CLI but open ;-)
Posts: 1,468
Blog Entries: 2

Rep: Reputation: 382Reputation: 382Reputation: 382Reputation: 382
i'd still whitelist LQ lol
 
Old 07-18-2013, 09:35 AM   #12
dmchess
Member
 
Registered: Jan 2005
Posts: 73

Original Poster
Rep: Reputation: 20
Your points are valid, but it is an easy check. You can check for addons right from Firefox.
The parent can easily cat sudoers file and note any changes. It's a small file.

I'll add this info to the blog.
 
Old 07-18-2013, 09:45 AM   #13
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,653
Blog Entries: 2

Rep: Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096Reputation: 4096
Quote:
Originally Posted by dmchess View Post
Your points are valid, but it is an easy check. You can check for addons right from Firefox.
The parent can easily cat sudoers file and note any changes. It's a small file.

I'll add this info to the blog.
And the child can easily create a file in /etc/sudoers.d, which would go unnoticed when only checking the sudoers file. The point remains that education is better than technical solutions, since you will always find a way to circumvent then.
 
Old 07-18-2013, 11:49 AM   #14
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: infinity; (randomly born:) Milwaukee, WI, US, Earth
Distribution: any UNIXish that works well on my cheapest with mostly KDE, Xfce, JWM or CLI but open ;-)
Posts: 1,468
Blog Entries: 2

Rep: Reputation: 382Reputation: 382Reputation: 382Reputation: 382
Quote:
Originally Posted by TobiSGD View Post
...The point remains that education is better...
should definitely be in the blog unless i missed it and technical solutions are good too

i wouldn't do this (?) but you know kids\*,,, spy cam or key\*\logger...

The War on Kids: The Definitive Documentary on the Failure of the Public Education System: https://www.youtube.com/watch?v=i-tAQ56-gaA

Last edited by jamison20000e; 07-18-2013 at 12:01 PM.
 
Old 07-18-2013, 12:17 PM   #15
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
For a more secure router, I install dd-wrt on it, if it is supported.

At a hotel I saw that they had a proxy installed that would restrict access to broad categories of sites. It did this so much that it became obnoxious at one point. I mean it blocks CGI proxies, so you can't use that to go around it. I was looking up card games, because I wanted to learn some new ones and it blocked some of the sites as under the category "psychic / paranormal" or something like that, because it contained Tarot cards. It was seriously annoying and useless. (Luckily there were plenty of insecure wifi hotspots around).

If you decide to filter the internet, do it wisely. As said above, it is better to focus on education.

Last edited by H_TeXMeX_H; 07-18-2013 at 12:18 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Difference between Child THREAD and Child PROCESS whho Linux - Newbie 10 08-02-2009 08:24 PM
LXer: 5 Myths about Internet Safety LXer Syndicated Linux News 0 03-09-2009 07:20 AM
New Internet Safety Act, what is required for us to save? abefroman General 29 03-01-2009 02:59 PM
How to kill a Child and all its subsequent child process in C shayer009 Programming 3 12-04-2007 01:40 AM
Time in a bottle w/o child safety cap please! Morbid Linux - Software 4 04-12-2005 08:12 PM


All times are GMT -5. The time now is 09:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration