printf(Hello World!\n)
tech blog

views: 895

Simple Parental Controls

01-28-2023

(or, how to mess with the hosts file for fun and profit)

(no software installation required)

Understanding the problem

So, you're a web-savvy parent in the age of YouTube, TikTok, OnlyFans, PornHub and Twitter. You want to limit your child's access to websites and services that you deem harmful, until they are old enough to know better. What are your options?

  1. Install proprietary 3rd party software
  2. Rely on the parental controls for your OS of choice
  3. Take matters into your own hands

Each comes with upsides and downsides. If you decide to install 3rd party software on your child's machine (e.g. Net Nanny, Qustodio, Norton Family, etc), you will be shelling out money for the privilege of installing active spyware on your child's machine. The OS approach is hardly better -- turning on parental controls through Microsoft will result in your child's search history being recorded and the number of hours they spend on various apps dutifully logged. Also, in the US at least, an OS will turn OFF parental controls once a child reaches 13 years old, regardless of whether that child is ready to be using the internet unsupervised (see: the Child Online Privacy Protection Act or COPPA).

In either case, you have no control over what these companies choose to do with that information once they have it. Will they sell it? Keep it indefinitely? Use it to build a psychological profile of your child? The point is, you don't know.

That leaves one safe and sane option: take matters into your own hands.

Ideally, your internet saftely plan will:

We'll work on the last of these today. This, then, is how to roll your own blacklist.

How to restrict access on a single machine:

Whether your child uses Linux, Windows or MacOS, there is a single file that can be used to restrict websites on a per-machine basis.

The contents look something like this (sample taken from a Windows machine):

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost

As long as you have root-user privileges on your child's machine, you can modify the contents of this file to block any number of domains you choose.

To block TikTok, for example, add the following entry to the bottom of the file:

127.0.0.1        tiktok.com

(Remember to use the TAB key instead of spaces between the IP address and the domain url!)

What this is telling your child's computer to do is take any instance of tiktok.com and resolve it to 127.0.0.1, the loopback address. In layman's terms, it's pointing any request for TikTok back at your child's machine, rather than reaching out to the web for content. This effectively blocks all requests to TikTok.

Note: This will also block any services hosted on the domain in question. If you decide to block google.com, for example, all Google services installed on the machine and all calls out to Google from 3rd party software and websites will fail. Tread carefully here.

How to restrict access for the entire household:

The above method works fine if you're trying to restrict a single machine. It fails utterly on iOS, Android, and other devices (unless Jailbroken or otherwise modified), because you can't access the hosts file on these devices. You *can* add website restrictions to the Safari browser that comes with every iPhone/iPad, and I encourage you to do so, but this won't restrict apps and services.

For a large household, it may be appropriate to create a general blocklist at the network level. For this tutorial, you'll need to find the IP address of your router (see How to find the IP address of a router if you need help)

If you did it right, then visiting that URL from within your network simply will not work. I recommend testing this on ONE website initially, before going crazy with the blacklist. Make sure you do this right.

Also note that your router's blocklist will not work if your child disconnects from your home's WiFi and goes straight to cellular data. You can mitigate this by setting up restrictions directly with your cellphone's carrier (Verizon customers, for example, can set up website blocking through their My Verizon account).

The other side to internet safety

Blocking websites is an important tool for every parent to have, but it should not be the only thing you rely on. In this day and age, you can't afford to ignore your child's internet usage. None of this should be treated as "set it and forget it" -- you need to find time to talk with your child about internet safety and addiction.

I'm not advocating for constant monitoring of your children. However, they should know that you're watching and that you care. Do you know who your child's friends are? Do you know what social media your child engages in? What websites does she frequent? What YouTube videos does she watch? Does she know how to limit her own internet usage, or does she still need help in this area? Who does she text, who's asking her for pictures, and can she video chat with anyone you don't know?

If you do nothing else, I *strongly* recommend blocking all social media for children -- Reddit, TikTok, Facebook, Twitter, SnapChat, OnlyFans, etc. These sites influence how your children feel about themselves, and open the door for cyberbullying, adult grooming and worse. I don't think it's possible for our kids to be safe on these sites, regardless of how harmless they seem at first glance.

But, that's just my own 2c. What do you think? Let me know in the comments below!