Ask a parent of an underage child if they are concerned about their child being exposed to inappropriate Internet content, and most parents will, predictably, say yes. Then ask if they use some type of parental control software to protect their kids online, and the majority of parents will say no. Surprised? I was.
In our global survey of 15 countries, 78% of parents reported being concerned about their kids being exposed to content like porn, violence, racism and drugs online. But only 40% said they actually use software tools that ensure safe Internet use on computers their children use.
As the parent of a toddler, I don’t yet have to worry about such questions, but if my kid were school-age, I certainly would. Software with Internet filters and time controls is an easy way to make sure kids aren’t getting into trouble online. So why the disconnect?
Looking for answers
To get a better understanding of the thinking behind the statistics, I thought I’d ask some parents about their use or nonuse of parental control software. Living in Finland, the country with the lowest number of parents who use parental controls on computers their kids use (only 24%) and being from the US, with the highest number (59%), it made for some interesting conversations. I asked mainly Finns and Americans, but people from a few other countries as well.
What I found was that yes, parents do care about their kids accessing inappropriate content. But approaches for dealing with it range widely. I would loosely categorize my interview subjects into three camps.
First camp: Parental controls a must
One mother of an eight-year-old said she plans to use parental controls on her son’s new laptop, and doesn’t allow Internet access on his mobile phone. A mother of four children under ten uses an Internet filter in addition to accompanying her kids while they’re online. And another mom said in addition to using parental control software, she drove her teenage daughters (now grown) crazy with frequent lectures about the dangers of the Internet.
Second camp: Parental control, but not with software
One parent pointed out that parental control software isn’t the only way to protect kids online. For example, placing the computer in a high-traffic area of the home is a good way to make sure kids aren’t getting into trouble. Similarly, a parent of a five-year-old said she doesn’t use parental control software, but her child isn’t allowed to access the Internet without a parent by his side.
Third camp: The liberal approach
Some parents took a more liberal approach. A father of teenagers said he no longer uses parental controls, instead relying on a trust relationship with his children. A mother of a 14-year-old forgoes parental controls also, since her son doesn’t seem to show interest yet in anything aside from a few online games.
A common thread between these parents was that even if they restrict access at home, their kids could still access bad content away from home. And that restricting access might make forbidden fruit all the more tempting. One father stressed that he is always available to talk to his children should they see something distressing online.
Which approach is best?
Parents’ answer to that question depends on, among other factors, cultural attitudes and the age of their children. My personal conclusion? When it’s time I need to think about it, I’ll err on the stricter side by restricting access time, monitoring usage and just to be extra-safe, use some form of content filter for my child.
To me, there’s way too much bad stuff out there that’s way too easily accessible. A lot of it’s not fit for anyone, let alone kids – case in point, Facebook’s recent controversy over videos of extreme violence. Even if you trust your kids, they may stumble onto harmful content without meaning to. Or they may let curiosity get the best of them and see things their young minds just shouldn’t have to think about.
Communication is key
But even the strictest parental controls aren’t enough. In talking to different parents, whatever their stance, the theme that kept recurring for me was communication. Open, realistic age-appropriate communication between parent and child. About what kind of websites are and aren’t okay. About what kind of behavior online is and is not okay.
So even when the child is away from home, he or she will have a basis for making the best choices. And if a child does happen to see something harmful, you can hopefully find out about it and discuss it.
Plus, not every risky thing your kids do online can be caught by parental control software. The lecturing mom who aggravated her daughters? They are now grateful for the talks because they haven’t made the embarrassing mistakes their friends have made, posting compromising selfies and the like.
Family protection for computers and mobile devices
So talk to your kids. And if you’re looking for parental control software, allow me to recommend F-Secure Internet Security.
F-Secure Internet Security allows parents to filter out websites based on what sort of content they want to protect their kids from:
And it lets parents set browsing time limits:
F-Secure Internet Security also protects computers from viruses and other digital threats and safeguards while banking and shopping.
There’s also protection for kids’ mobile devices. F-Secure Mobile Security, in addition to protecting from digital threats and in case of loss or theft, offers parental controls, with the added feature of shielding kids from inappropriate apps.
And for under one euro per year, parents can install F-Secure Child Safe to iPads and iPhones. Child Safe is a browser that keeps kids safe from harmful content when browsing the web.
What about you – do you use parental control software? If not, how do you make sure your kids are safe online? Let us know in the comments!
Girl with laptop image courtesy of Clare Bloomfield / FreeDigitalPhotos.net
Parents with kids image courtesy of photostock / FreeDigitalPhotos.net
The Android vulnerability known as StageFright has revealed the Android operating system's "heart of darkness." In theory, a simple MMS could take over your phone. The F-Secure Labs is actively monitoring for threats that target the exploit. The good news is that while the theoretical risk of attack is high and Android is consistently the target of nearly all mobile malware, we have not seen any active attacks that target it yet. But this is still a huge event that should trigger a major reconsideration of Android security in general. Our Micke explained: Android is the most widespread operating system on this planet. 48 % of the devices shipped in 2014 were Androids (Gartner). And that includes both phones, tablets, laptops and desktop computers. There’s over 1 billion active Android devices (Google’s device activation data). Most of them are vulnerable to Stagefright and many of them will never receive a patch. This is big! The ability to keep software updated is the essential task that makes security possible. Android's adaptability has helped lead to its remarkable growth. But it's also led to remarkable fragmentation in the ecosystem. "Recent data from Google suggests there are 6 different versions of Android that are widely used, with KitKat (Android 4.4) being the most popular. But it’s used by less than 40% of devices," Adam wrote on the F-Secure Business Insider blog. "The remaining 60% or so are spread out among the other five versions of the OS, and each is customized differently and receives varying levels of support from operators and OEMs." Many users cannot update at all. "Apparently the best supported method of updating your Android phone is to buy a new Android phone," F-Secure Chief Research Officer Mikko Hypponen tweeted. Obviously that option isn't available to millions of Android users. "Fragmentation also has socioeconomic implications," the EFF's Cooper Quintin wrote. "Older and cheaper phones tend to run older versions of the Android operating system, and vendors often give up supporting them or updating the software running on them. On the other hand newer and more expensive phones tend to receive updates faster and more reliably (especially Google Nexus devices)." So what should you do until then -- besides update your OS if possible and run mobile security that targets threats that take advantage of exploits like StageFright? 1. Examine the app that handles your MMS messages. Check out your Android device's default messaging app or Google Hangouts. Make sure to disable their automatic retrieve/fetching options. This will prevent automatic execution of potential exploits on any received messages. 2. Avoid viewing or opening any pictures or videos from untrusted sources. We'll keep you updated about this situation as it develops. Cheers, Sandra [Photo by Photo Cindy | Flickr]
New versions of windows used to be like an international holiday. PC users around the world celebrated by sharing what they liked -- much of Windows 7 --- and hated -- all of Windows 8 and Vista -- about the latest version of the world's most popular operating system. In this way, Windows 10 is the end of an era. This is the "final version" of the OS. After you step up to this version, there will be continual updates but no new version to upgrade to. It's the birth of "Windows as a service," according to Verge. So if you're taking free upgrade to the new version, here are 5 things you need to know as you get used to the Windows that could be with you for the rest of your life. 1.Our Chief Research Office Mikko Hypponen noted Windows 10 still hides double extensions by default. “Consider a file named doubleclick.pdf.bat. If ‘hide extensions’ is enabled, then this will be shown in File Explorer as ‘doubleclick.pdf’. You, the user, might go ahead and double-click on it, because it’s just a PDF, right?” F-Secure Security Advisor Tom Gaffney told Infosecurity Magazine. “In truth, it’s a batch file, and whatever commands it contains will run when you double-click on it.” Keep this in mind when you do -- or DON'T -- click on unknown files. 2. You could end up sharing your Wi-Fi connection with all your contacts. There's some debate about whether or not Windows 10's Wi-Fi Sense shares your Wi-Fi connection with social media contacts by default, as Windows Phone has for a while now. ZDNet's Ed Bott says no, noting that "you have to very consciously enable sharing for a network. It's not something you'll do by accident." Security expert Brian Krebs is more skeptical, given how we're "conditioned to click 'yes' to these prompts." "In theory, someone who wanted access to your small biz network could befriend an employee or two, and drive into the office car park to be in range, and then gain access to the wireless network," The Register's Simon Rockman wrote. "Some basic protections, specifically ones that safeguard against people sharing their passwords, should prevent this." Gaffney notes that Wi-Fi Sense is “open to accidental and deliberate misuse.” So what to do? Krebs recommends the following: Prior to upgrade to Windows 10, change your Wi-Fi network name/SSID to something that includes the terms “_nomap_optout”. [This is Windows opt-out for Wi-Fi Sense]. After the upgrade is complete, change the privacy settings in Windows to disable Wi-Fi Sense sharing. 3. There are some privacy issues you should know about. Basically "whatever happens, Microsoft knows what you're doing," The Next Web's Mic Wright noted. Microsoft, according to its terms and conditions, can gather data “from you and your devices, including for example ‘app use data for apps that run on Windows’ and ‘data about the networks you connect to.'” And they can also disclose it to third parties as they feel like it. You should check your privacy settings and you can stop advertisers from know exactly who you are. Want a deep dive into the privacy issues? Visit Extreme Tech. 4. The new Action Center could be useful but it could get annoying. This notification center makes Windows feel more like an iPhone -- because isn't the point of everything digital to eventually merge into the same thing? BGR's Zach Epstein wrote "one location for all of your notifications is a welcome change." But it can get overwhelming. "In Windows 10, you can adjust notifications settings by clicking the notifications icon in the system tray," he wrote. "The click All settings, followed by System and then Notifications & actions." 5. Yes, F-Secure SAFE, Internet Security and Anti-Virus are all Windows 10 ready. [Image by Brett Morrison | Flickr]
You have all heard the classic mantra of computer security: use common sense, patch your system and install antivirus. That is still excellent advice, but the world is changing. We used to repeat that mantra over and over to the end users. Now we are entering a new era where we have to stress the importance of updates to manufacturers. We did recently write about how Chrysler reacted fairly quickly to stop Jeeps from being controlled remotely. They made a new firmware version for the vehicles, but didn’t have a good channel to distribute the update. Stagefright on Android demonstrates a similar problem, but potentially far more widespread. Let’s first take a look at Stagefright. What is it really? Stagefright is the name of a module deep inside the Android system. This module is responsible for interpreting video files and playing them on the device. The Stagefright bug is a vulnerability that allows and attacker to take over the system with specially crafted video content. Stagefright is used to automatically create previews of content received through many channels. This is what makes the Stagefright bug really bad. Anyone who can send you a message containing video can potentially break into your Android device without any actions from you. You can use common sense and not open fishy mail attachments, but that doesn’t work here. Stagefright takes a look at inbound content automatically in many cases so common sense won't help. Even worse. There’s not much we can do about it, except wait for a patch from the operator or phone vendor. And many users will be waiting in vain. This is because of how the Android system is developed and licensed. Google is maintaining the core Linux-based system and releasing it under an open license. Phone vendors are using Android, but often not as it comes straight from Google. They try to differentiate and modifies Android to their liking. Google reacted quickly and made a fix for the Stagefright bug. This fix will be distributed to their own Nexus-smartphones soon. But it may not be that simple for the other vendors. They need to verify that the patch is compatible with their customizations, and releasing it to their customers may be a lengthy process. If they even want to patch handsets. Some vendors seems to see products in the cheap smartphone segment as disposable goods. They are not supposed to be long-lived and post-sale maintenance is just a cost. Providing updates and patches would just postpone replacement of the phone, and that’s not in the vendor’s interest. This attitude explains why several Android vendors have very poor processes and systems for sending out updates. Many phones will never be patched. Let’s put this into perspective. Android is the most widespread operating system on this planet. 48 % of the devices shipped in 2014 were Androids (Gartner). And that includes both phones, tablets, laptops and desktop computers. There’s over 1 billion active Android devices (Google’s device activation data). Most of them are vulnerable to Stagefright and many of them will never receive a patch. This is big! Let’s however keep in mind that there is no widespread malware utilizing this vulnerability at the time of writing. But all the ingredients needed to make a massive and harmful worm outbreak are there. Also remember that the bug has existed in Android for over five years, but not been publically known until now. It is perfectly possible that intelligence agencies are utilizing it silently for their own purposes. But can we do anything to protect us? That’s the hard question. This is not intended to be a comprehensive guide, but it is however possible to give some simple advice. You can stop worrying if you have a really old device with an Android version lower than 2.2. It’s not vulnerable. Google Nexus devices will be patched soon. A patch has also been released for devices with the CyanogenMod system. The privacy-optimized BlackPhone is naturally a fast-mover in cases like this. Other devices? It’s probably best to just google for “Stagefright” and the model or vendor name of your device. Look for two things. Information about if and when your device will receive an update and for instructions about how to tweak settings to mitigate the threat. Here’s an example. Safe surfing, Micke Image by Rob Bulmahn under CC BY 2.0