Protecting Children on the Internet

Do we really know what they are exposed to? How do we keep them safer online?

Protecting Children on the Internet

Do we really know what they are exposed to?

Recently a friend posted this article on facebook:

https://www.scarymommy.com/porn-is-not-the-worst-thing-on-musical-ly/

I read it with horror. If you have children I encourage you to read it, you will gain an understanding that the internet isn't a safe place, and protected social media accounts aren't enough.

There are a few key points in the article that stood out for me:

  • The Warehouse analogy
  • The thoughts of the mum of Dylan Klebold one of the Columbine shooters
  • The realisation I am clueless, bordering on ignorant to these issues
  • I am arrogant in my thinking that I know how the internet works so it won't happen to us. I am wrong.

What about my children

I want to know that my children are protected online and being behind the curve on this stuff isn't really my style. I want my children to be safe as all parents do. If taking control means they have to deal with the jibes from uneducated children at school for not being popular and having the latest social app then so be it. It's temporary.

I have 3 children, a girl who is almost 8 and two boys, 6 and 4, and of course I love them very much. They love youtube, they love consuming content and going down the rabbit holes it can take you down. We allow it in moderation and want to continue to allow them to explore the internet and all the wonderful things it can offer in terms of education, entertainment and opening up a world of positive possibilities.

Realisation I should be doing more

I thought the controls we have put in place are pretty sensible. They each have an Apple iPod touch, we have the family setting turned on, they can't install anything without approval, I more often than not I say no (games exploiting kids for money is wrong but that is another post). Youtube has good parental settings too if you install the youtube kids app, I set each of the children' devices into age appropriate sandbox's.

The schools our children attend are already doing things to educate parents about the dangers of being online which is a good step too, but I don't feel like they are tackling how parents can address the issues themselves, this stuff is really complex though so I empathise with them.

Taking Control

I am going to make this as non technical as I possibly can as the aim here it to help others take action, this stuff isn't easy but I think anyone can have this running in an hour or two, it's well worth the effort to educate yourself and a fun project to setup. It will work in most homes that have their own internet router.

First a little lesson in how the internet works. When you call your mum with your phone, the chances are you don't simply dial their phone number. You probably open your favourites, recent calls or the phonebook. That is because it's difficult for us to remember so many numbers in our heads and who they are for. The internet is the same, names like youtube.com, facebook.com are translated to numbers using a system called DNS (Domain Name Service).

In the screenshot you can see I am using a tool called nslookup to ask for the IP address (number) of facebook.com and youtube.com my server which is found at 192.168.10.200 provides the response.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/f8869111-947b-43f5-a151-4a1831b21f6c/Screenshot_2020-02-28_at_10.44.37.png
Screenshot showing how facebook and youtube are accessed via DNS

So what if we wanted to manage the phonebook our computers have access to?

Enter the raspberry pi and a popular project named pi-hole a black hole for internet advertisements which changes the way your computers on your Wi-Fi network will request and use internet services. This includes any service such as Tik Tok, Facebook, Snapchat, Google, News or any other thing you can imagine, find in the App Store or on the internet.

Lets try accessing tiktok.com and see what we get back now we have the pi-hole in place

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/34a3b41c-3400-4873-8eed-35b59806c51c/Screenshot_2020-02-28_at_10.43.18.png
Screenshot showing tiktok.com being blocked by Pi-Hole DNS Service

The pi-hole knows this is on my blacklist and returns 0.0.0.0. which will prevent the app from working. The other cool thing is there are loads of lists out there with all the bad really bad things listed on them that can be imported in one go like gambling, pornography and other nasties. Advertising banners on web sites are also blocked which is the main reason the project was created in the first place.

Troy Hunt has a great write up on how this impacts the performance of your internet connection in general, I can confirm the gains are huge and you feel them straight away.

There are two ways of doing this for yourself, buy or self build.

Buy the solution

If you chose to buy there is everything you need over at https://www.stakebox.org/products/pi-hole-kit of which I have no affiliation with, it just seems like a neat little solution. This kit is £79 which seems reasonable to keep everyone safe online and give you some serious insights into what is going on in your network, even for non technical people.

Once this is plugged in you will need to setup your router to tell the computers and phones to use it, the simplest way I can think to do this is search google for 'change dhcp dns servers on router <insert you router make/model>'

Screenshot of the setting that needs to be changed on my router

DIY the solution

If you go this route it is a little more involved, the things you are going to need are:

  • Raspberry Pi computer
  • SD Card
  • Power Cable
  • Network Cable

I followed the article that Troy linked which is by Scott Helme exactly and it works perfectly.

To give you some indication this is how much traffic (advertising etc) is blocked in my network. 12.8% of all requests are blocked, and a lot of that is tracking what you do online.

There are other solutions to this but I can vouch that this is a very good one for our use cases. It won't protect devices that aren't on your home network though, so more needs to be done but this is a good first step. If you want to know more about how this works reach out to me on twitter @tonyyates