Keeping Your Kids Safe Online
Keeping an eye on what your kids do online is your responsibility as a parent. But that doesn’t mean it’s easy. Just as kids are getting old enough to be interested in some of the darker parts of the internet they’re also getting more tech savvy and willing to push the boundaries of their freedom. Kids today are talking to their friends at school and online about what’s forbidden and how to get access to it. Even so-called “good” kids are curious and willing to keep secrets from their parents. As a parent, you get to decide what’s appropriate or not for your kids. But regardless of where you set your boundaries, you need to know what they’re doing and seeing online.
There are a lot of ways to get on the internet these days. The days of a shared family computer located in a public area are over. In the Stinkbrain household we have:
- Several Windows 7 and 10 desktop computers
- A couple iMac desktops
- A Windows 10 laptop
- A Chromebook and a ChromeBox
- A linux server with graphical desktop
- Several Android tablets
- an iPad
- an iPhone
- an Android phone
- an Xbox
- an Amazon FireTV connected to each TV in the house
That’s in a house with 4 people. This Fall, Stinkbrain Jr’s school will issue him his own laptop. His friends regularly bring their own laptops, tablets, and phones over to the house and hook up to the home network. These days it’s just not possible to know what your kids are doing online by just “keeping and eye on them”.
Ok, you’re suitably freaked out. Good. What can you do about it? You’ve got options.
Device Access Control Software
Products like NetNanny takes the approach of installing software on each device which track or block access to various apps or websites based on lists of inappropriate content called blacklists. They also allow parents to define exceptions and selectively block various apps like Snapchat which are popular with teens.
- Potentially the most flexible in terms of blocking specific apps and websites, depending on the software you choose.
- Targeted toward non-technical parents as an easy solution.
- Usually relies on a subscription model where you will pay per device per year
- Only provides coverage for devices that are supported by the software. this typically covers computers, tablets, and phones, but not game consoles and media streamers like Roku, FireTV, etc. and smart TVs.
- Does not restrict access on devices brought in by friends.
Note: I haven’t used any of this software and can’t recommend or endorse any of them.
A proxy is a network service that sits on your home network and acts as a gatekeeper for internet traffic flowing into your home. When any device in your home network visits a web page, the following happens:
- Someone types in URL or clicks a link in their search results
- The computer/tablet/whatever sends the request to your home router, often a wireless access point
- The home router forwards the request to your ISP (internet service provider)
- Your ISP sends the request out across the internet to the appropriate server
- The appropriate server sends the web page content back along the same path in reverse
A proxy adds an additional step between #1 and #2. The computer/device/whatever sends the request to the proxy, which can choose to block the request or let it through. It can also log each request and generate a report you can use to see which device requested which page at what time.
- Picks up most or all of the devices in your house automatically
- Good free options available, such as Squid Cache
- Centrally installed and managed
- Typically can’t block non-web traffic like apps
- Can be complicated to set up
- May be ignored by some devices and need to be configured manually
- Can be bypassed with a bit of manual configuration
Squid Cache. Free, open source, and highly customizable. Complicated and difficult to implement for a non-techincal user.
WinGate Proxy. Windows-based, free version available for up to 10 users. Designed for office use instead of home. I have no direct experience with the software.
Other Uses for Proxy Software
Proxy software provides some other benefits that you may want to take advantage of. The first is content caching. Caching stores a copy of pages you visit frequently on the cache server so they can be served up from a local source rather than downloading them from the internet each time you visit a page. If you tend to visit the same sites over and over, or have multiple people in your home visiting the same pages, a cache server can both speed up your page load time and lower your bandwidth usage over time.
Another benefit is ad filtering. Online ads can clutter up your webpages and use a lot of bandwidth when browsing the web. You can use your proxy server to block ads from loading anywhere in your home network.
A transparent proxy is a variation of proxy server that sits between your devices and router and forces all web traffic through the filter. It requires no configuration on the client devices and is difficult to bypass. The devices on your home network won’t even know they’re passing through the proxy, which is why it’s called a transparent proxy. If you’re up to the task of setting one up this is your most powerful option.
- Automatically used by all devices on your home network
- No client configuration needed
- Difficult to discover that the proxy is even in place
- Difficult to bypass
- Must be physically located between your devices and home router
- Complicated setup
- Can cause problems with some devices
One last option to consider is DNS-based filtering. Whenever a device on your network requests a webpage, the device has to look up the network address of the computer that hosts the website. It’s similar to using a person’s name to look up their phone number in a phone book. For you younger readers, a phone book is a printed directory of the phone numbers of everyone in your local community. Sounds ridiculous, I know.
The internet equivalent of a phone book is called a DNS (Domain Name System) server. Your device sends the web server name (for example, facebook.com) to a DNS server and gets back the network address of the computer serving the website (220.127.116.11). Then it sends a request to 18.104.22.168 to get the webpage you requested.
DNS was designed to serve as a reference tool for the internet, but by changing the rules a bit it can track the sites you visit and even block access to certain sites. It does this by refusing the share the address for sites you want to block.
OpenDNS is a service that provides free DNS-based filtering for home use. It’s fairly easy to set up and reasonably effective, but it’s also easy to bypass if you know what you’re doing. I recommend it for parents who want to provide some filtering and reporting but don’t have the technical skills to set up a more robust solution.
- Free and relatively easy to set up
- Provides reports of sites visited
- Allows blocking of categories of content (pornography, gambling, etc.) or individual websites
- Works for all devices in your home
- Can show websites that are visited but not individual pages
- Relatively easy to bypass