Securing my home network against my 7 year old.
September 21, 2014 7:02 PM   Subscribe

My son recently turned 7, how do I filter my home network (and my phone) to keep him away from hardcore porn and such for a few more years?

He's had his own laptop since he was 1.5, also has an iPad and uses my iPhone. He already knows how to search, etc, though for now it's mostly minecraft videos. I'm worried his interests might change soon, IYKWIM. I don't have anything against breasts and butts, but would rather keep him in the dark about bukkake for a few more years, if possible.
We have mostly MacBooks, though he also has and uses a Windows XP machine. We have a Time Capsule that we use as a router. He doesn't have his own google account yet, shares mine. We mostly use Chrome.
He's at home with a nanny most afternoons, and she doesn't supervise him all the time (and I wouldn't want her to).
Should I install some sort of software on our laptops, use a proxy on the Time Capsule, install some app on the iOS devices?
posted by signal to Computers & Internet (14 answers total) 14 users marked this as a favorite

In a diverse environment like that in don't see how you filter effectively other than at the router level. I would imagine there's DNS based services you can use if you'd like to keep the apple router product.
posted by phearlez at 7:15 PM on September 21, 2014

OpenDNS offers web filtering.
posted by Johnny Wallflower at 7:28 PM on September 21, 2014 [2 favorites]

At that age you can probably filter using a service with a login. When they get older it's more difficult to control this by a filtering service [And I was proud when the kids evaded me, though I knew what they were up to].

This might be more a talk to them situation as years go by.
posted by vapidave at 7:46 PM on September 21, 2014

I know with my Verizon FiOS, I can set limits based on mac address by logging into the router.
posted by 724A at 8:17 PM on September 21, 2014

One non-technical way of helping with this sort of thing is to require computers be used in the public areas of the house, only. So, not his bedroom. Yes, at the dining room table, living room coffee table and/or any other public place where he will not have an expectation of privacy...which may curtail his potentially inappropriate explorations. My son's laptop lives in our den, where it is basically available for me to look at whenever I like. The family iPad, his iPod touch, etc. -- all of these "live" in the public areas. Everything remains logged in -- kid's gmail, his instagram, etc. so it's always available for parental perusal.

Kid's Mac laptop: parental settings are on.

We don't keep a hawk eye on him -- it's just that the possibility of parental review is always there.
posted by BlahLaLa at 8:18 PM on September 21, 2014 [14 favorites]

Seconding OpenDNS.
posted by clearlydemon at 10:13 PM on September 21, 2014

Seconding requiring computer use in public areas. I recently read a study done in schools where pupils were allowed unfiltered access to the web, but only in an environment where teachers and other puplls could see what they were looking at. The amount of looking-at-porn that went on was almost zero (and in the cases where it did happen, their peers pulled them up on it before the teacher did). Social pressure is far more effective than technological solutions; he will eventually (and probably quicker than you'd expect) find ways around the latter. And if he does look at porn, you'll have a good opportunity to talk to him about it rather than it being a mum-and-dad-know-what-I-did conversation, which can be full of shame (intended or otherwise).

That said, OpenDNS web filtering seems to work quite well. Just don't expect it to work forever.
posted by gmb at 2:35 AM on September 22, 2014

My son is 10 & has his own iPad. Other computer use is pretty much supervised. So for the iPad I went for Diladele Web Safety, which is a filtering proxy based on Squid. I run it on a Raspberry Pi. Basic config is pretty easy, but to filter HTTPS traffic also (e.g. for google search) I followed the instructions here. That part was a bit trickier, you need know your way round Debian & SSL to some degree.

So once that was set up, I configured it as the network proxy on my son's iPad. If he clicks on something suspect, it's caught by the filter & he gets a warning screen with an access-denied type message - and I get an alert in the log file. Once he figures out how proxies work, I'll probably need something else. Maybe my next move is something based on pfSense.

For me, the plus points are that it's free, it will work on any device / OS, and it only applies to the devices that need protection - other devices (which don't have that specific proxy setup) work as normal. The negatives are that the filtering is sometimes too strict (although it's configurable to some degree), and that the initial config is quite complex. Also if my son takes his iPad to a friend's house & connects to a different network, it's wide open. I don't know if there's much I can do about that in someone else's house.

Obviously all of this technical stuff is only a small part of a whole conversation around risk & safety. But you know that already.
posted by rd45 at 2:37 AM on September 22, 2014 [1 favorite]

I would go with technological solutions if you're that concerned--we had our computers in public areas and me and my brothers were still looking at porn-type materials in our early teens.
posted by chaiminda at 3:51 AM on September 22, 2014

Years ago when we had Verizon as our ISP they provided a free filtering service that was run by Yahoo. I didn't use it long as I found it too restrictive and got tired of granting 10 exceptions a day for my son. However, that was 10 years ago so I suspect the filtering services are better. You might want to poke around your ISP's web site to see if you've already got access to something.
posted by COD at 5:38 AM on September 22, 2014

If your son is surfing the web on an iOS device, there are parental controls built into iOS 7. They are quite restrictive. You can whitelist sites, but they must be done one-by-one.
posted by elmay at 6:10 AM on September 22, 2014

I have my kids (PC) running Peanut Butter PC, which is a little too restrictive for my son, who is also 7.

In my research, NetNanny seemed to be the best add-on.

One thing that I've been trying to do with my son is to make it ludicrously clear that I know way more about computers (I'm a lifelong software engineer) and that it is way easier to follow the rules and talk to me than it is to work through the aftermath.
posted by plinth at 6:41 AM on September 22, 2014 [2 favorites]

Restricting computer use to public areas is good for multiple reasons but it doesn't prevent accidental exposure to inappropriate content. For that you need some sort of filtering.
posted by alms at 9:21 AM on September 22, 2014

iOS/Mac parental controls do offer time-based lockdown too, so you can block the kid from tooling around online in the middle of the night when you aren't there to look over his shoulder...

You can also add blocking at the router level. I set up an adblock script on my home router (Tomato/DDWRT) that uses an automatically updated blacklist. Would be easy to adapt it to a porn-blocker if you had addresses to include, but not so much for keyword-based searches. Of course matches to these searches would likely be blocked.

Long list of regularly updated blacklists (by type) can be found here (paid) or here (free). You'd need to search the downloaded scripts and just extract the domain name lists for the blacklist; they are set up to use Dan'sGuardian.

Instructions I used to set up the blocker script are here. I recall there were a few issues I ran into with the adblock script but once I got it working it has been solid. If you try it and have issues, memail me and I can send you the exact script I am using to make it work.
posted by caution live frogs at 1:32 PM on September 22, 2014

« Older Seeking an online forum for dating and identifying...   |   The eternal shoe search Newer »
This thread is closed to new comments.