Posts by Omniver

I don't want to "talk to my kids", yet.

For those commenting that the answer is to "talk to your kids", there is a time and place for this. I think the context of this post is *how* one could create a safer environment for kids to explore the Internet reducing the likelihood that they will come across material that they my not be yet emotionally and psychologically developed enough to deal with. There is a lot of great age appropriate content and learning tools on the Internet, and I want to kindle their curiosity and sense of discovery. IT IS NOT CENSORSHIP to want to protect my six-year-old daughter from seeing Pokemon's Misty naked, hog tied and being gang-raped by Ash and Brock when she is looking for a Pokemon coloring page to print out. My daughter is not emotionally mature enough to "talk to" about this, yet access to the Internet has definitely added to her development The Internet has brought her Khan's Academy (her first-grade teacher says she has "mad math skills" and Dinosaur Train (she will happily talk ad nauseam why pteranodons are not dinosaurs and currently wants to be a Paleontologist) among other great sites. She also watches her older brother doing research online is is always asking questions and searching for similar topics to "help" him. I think this is all great.

What I'm currently doing:

1) OpenDNS for basic domain filtering

2) The "general" family use two Macs where I have OS X's "parental controls" (essentially a OS-based transparent proxy) enabled for basic website filtering (like most proxy-based filters it fails miserably on SSL sites, which I have to unblock domain by domain myself). To make it a bit easier to administer I have one setup with OS X server and I'm using directory services to manage the URLs so that they apply across the kids' and the guest accounts.

3) On my kids' Safari and Firefox browsers on the desktops, I've "locked" Google's SafeSearch on and YouTube's safe mode by logging in with my google account, enabling the setting, and then logging out. (your kids DON'T need to have a google account to do this, only you)

4) I've configured my son's email account (google apps domain with my own Postfix mail server for inbound processing) to copy my wife on all inbound/outbound messages, he is aware of this too.

5) On my son's (9) iPod touch, I've disabled Safari, and use Mobicip browser to filter and report on his access (he is well aware of the reporting and is accountable for his actions). My daughter's hand-me-down iPhone (no phone) has browsing disabled entirely at this point.

What doesn't work well: SSL sites. For good security reasons, more and more sites are using SSL and even if used in a limited manner (cookies, login pages, etc.) each one of these needs to be excepted by hand in OSX's proxy or accepted globally which I don't want to do. Also, google's SafeSearch lock is a hack and a pain to setup for each kid's account and each browser - but with google's new SSL defaults, you can't just append the safesearch options in the GET request anymore.