Ask a parent of an underage child if they are concerned about their child being exposed to inappropriate Internet content, and most parents will, predictably, say yes. Then ask if they use some type of parental control software to protect their kids online, and the majority of parents will say no. Surprised? I was.
In our global survey of 15 countries, 78% of parents reported being concerned about their kids being exposed to content like porn, violence, racism and drugs online. But only 40% said they actually use software tools that ensure safe Internet use on computers their children use.
As the parent of a toddler, I don’t yet have to worry about such questions, but if my kid were school-age, I certainly would. Software with Internet filters and time controls is an easy way to make sure kids aren’t getting into trouble online. So why the disconnect?
Looking for answers
To get a better understanding of the thinking behind the statistics, I thought I’d ask some parents about their use or nonuse of parental control software. Living in Finland, the country with the lowest number of parents who use parental controls on computers their kids use (only 24%) and being from the US, with the highest number (59%), it made for some interesting conversations. I asked mainly Finns and Americans, but people from a few other countries as well.
What I found was that yes, parents do care about their kids accessing inappropriate content. But approaches for dealing with it range widely. I would loosely categorize my interview subjects into three camps.
First camp: Parental controls a must
One mother of an eight-year-old said she plans to use parental controls on her son’s new laptop, and doesn’t allow Internet access on his mobile phone. A mother of four children under ten uses an Internet filter in addition to accompanying her kids while they’re online. And another mom said in addition to using parental control software, she drove her teenage daughters (now grown) crazy with frequent lectures about the dangers of the Internet.
Second camp: Parental control, but not with software
One parent pointed out that parental control software isn’t the only way to protect kids online. For example, placing the computer in a high-traffic area of the home is a good way to make sure kids aren’t getting into trouble. Similarly, a parent of a five-year-old said she doesn’t use parental control software, but her child isn’t allowed to access the Internet without a parent by his side.
Third camp: The liberal approach
Some parents took a more liberal approach. A father of teenagers said he no longer uses parental controls, instead relying on a trust relationship with his children. A mother of a 14-year-old forgoes parental controls also, since her son doesn’t seem to show interest yet in anything aside from a few online games.
A common thread between these parents was that even if they restrict access at home, their kids could still access bad content away from home. And that restricting access might make forbidden fruit all the more tempting. One father stressed that he is always available to talk to his children should they see something distressing online.
Which approach is best?
Parents’ answer to that question depends on, among other factors, cultural attitudes and the age of their children. My personal conclusion? When it’s time I need to think about it, I’ll err on the stricter side by restricting access time, monitoring usage and just to be extra-safe, use some form of content filter for my child.
To me, there’s way too much bad stuff out there that’s way too easily accessible. A lot of it’s not fit for anyone, let alone kids – case in point, Facebook’s recent controversy over videos of extreme violence. Even if you trust your kids, they may stumble onto harmful content without meaning to. Or they may let curiosity get the best of them and see things their young minds just shouldn’t have to think about.
Communication is key
But even the strictest parental controls aren’t enough. In talking to different parents, whatever their stance, the theme that kept recurring for me was communication. Open, realistic age-appropriate communication between parent and child. About what kind of websites are and aren’t okay. About what kind of behavior online is and is not okay.
So even when the child is away from home, he or she will have a basis for making the best choices. And if a child does happen to see something harmful, you can hopefully find out about it and discuss it.
Plus, not every risky thing your kids do online can be caught by parental control software. The lecturing mom who aggravated her daughters? They are now grateful for the talks because they haven’t made the embarrassing mistakes their friends have made, posting compromising selfies and the like.
Family protection for computers and mobile devices
So talk to your kids. And if you’re looking for parental control software, allow me to recommend F-Secure Internet Security.
F-Secure Internet Security allows parents to filter out websites based on what sort of content they want to protect their kids from:
And it lets parents set browsing time limits:
F-Secure Internet Security also protects computers from viruses and other digital threats and safeguards while banking and shopping.
There’s also protection for kids’ mobile devices. F-Secure Mobile Security, in addition to protecting from digital threats and in case of loss or theft, offers parental controls, with the added feature of shielding kids from inappropriate apps.
And for under one euro per year, parents can install F-Secure Child Safe to iPads and iPhones. Child Safe is a browser that keeps kids safe from harmful content when browsing the web.
What about you – do you use parental control software? If not, how do you make sure your kids are safe online? Let us know in the comments!
Girl with laptop image courtesy of Clare Bloomfield / FreeDigitalPhotos.net
Parents with kids image courtesy of photostock / FreeDigitalPhotos.net
The recent statements from FBI director James Comey is yet another example of the authorities’ opportunistic approach to surveillance. He dislikes the fact that mobile operating systems from Google and Apple now come with strong encryption for data stored on the device. This security feature is naturally essential when you lose your device or if you are a potential espionage target. But the authorities do not like it as it makes investigations harder. What he said was basically that there should be a method for authorities to access data in mobile devices with a proper warrant. This would be needed to effectively fight crime. Going on to list some hated crime types, murder, child abuse, terrorism and so on. And yes, this might at first sound OK. Until you start thinking about it. Let’s translate Comey’s statement into ordinary non-obfuscated English. This is what he really said: “I, James Comey, director of FBI, want every person world-wide to carry a tracking device at all times. This device shall collect the owner’s electronic communications and be able to open cloud services where data is stored. The content of these tracking devices shall on request be made available to the US authorities. We don’t care if this weakens your security, and you shouldn’t care because our goals are more important than your privacy.” Yes, that’s what we are talking about here. The “tracking devices” are of course our mobile phones and other digital gadgets. Our digital lives are already accurate mirrors of our actual lives. Our gadgets do not only contain actual data, they are also a gate to the cloud services because they store passwords. Granting FBI access to mobile devices does not only reveal data on the device. It also opens up all the user’s cloud services, regardless of if they are within US jurisdiction or not. In short. Comey want to put a black box in the pocket of every citizen world-wide. Black boxes that record flight data and communications are justified in cockpits, not in ordinary peoples’ private lives. But wait. What if they really could solve crimes this way? Yes, there would probably be a handful of cases where data gathered this way is crucial. At least enough to make fancy PR and publically show how important it is for the authorities to have access to private data. But even proposing weakening the security of commonly and globally used operating systems is a sign of gross negligence against peoples’ right to security and privacy. The risk is magnitudes bigger than the upside. Comey was diffuse when talking about examples of cases solved using device data. But the history is full of cases solved *without* data from smart devices. Well, just a decade ago we didn’t even have this kind of tracking devices. And the police did succeed in catching murderers and other criminals despite that. You can also today select to not use a smartphone, and thus drop the FBI-tracker. That is your right and you do not break any laws by doing so. Many security-aware criminals are probably operating this way, and many more would if Comey gets what he wants. So it’s very obvious that the FBI must have capability to investigate crime even without turning every phone into a black box. Comey’s proposal is just purely opportunistic, he wants this data because it exists. Not because he really needs it. Safe surfing, Micke
Is this China's digital riot police? A "particularly remarkable advanced persistent threat" has been compromising websites in Hong Kong and Japan for months, according to Volexity. The pro-democratic sites that have been infected include "Alliance for True Democracy – Hong Kong" and "People Power – Hong Kong" along with several others identified with the Occupy Central and Umbrella Revolution student movements behind the massive protests against the Chinese government. Visitors to the sites are being targeted by malware designed for "exploitation, compromise, and digital surveillance". In an analysis on our Labs Blog, Micke notes that it's possible that cybercriminals could be simply piggybacking on the news without any political motivation. However, the Remote Access Trojans (RATs) being used could provide serious advantages to political opponents of the movement. "A lot of the visitors on these sites are involved in the movement somehow, either as leaders or at grassroot level," he writes. "Their enemy could gain a lot of valuable information by planting RATs even in a small fraction of these peoples’ devices." And even leaders aren't compromised, the publicity around the attack will drive users away from the sites. This is a tactic that would definitely benefit those who want these see protests to end ASAP. And it would be a far more effective tactic if not for social networks like Twitter that can be accessed to plan resistance,even if the government blocks them -- as long as you have a VPN solution like our Freedome. If the goal is to cripple the protests by targeting protesters, "you don’t have to be a genius to figure out that China is the prime suspect," Micke writes. The significance a state-sponsored RAT attack -- or even a state-condoned attack carried out by privateers -- would be immense. Criminals use malware to target individuals, businesses and governments themselves. Government-sponsored cyberattacks on citizens practicing civil disobedience could be considered an escalation beyond even likely government-sponsored surveillance malware like Flame, which forces businesses to consider malware attacks from their own governments. Over the last year we've learned just how far suspicious governments will go to play defense against internet users who haven't been accused of any crime. Now we're seeing hints that a government may be willing to play offense too.
Yet another massive user ID and password leak. This time it affects about 7 million DropBox users, even if DropBox denies they were hacked. As usual, such a hack means that the data these users have stored in DropBox is in jeopardy. It also means that those who use the same ID and password on many services have much bigger troubles. Let’s see what we can learn from this: Always use unique passwords on the services you use. This does not prevent password leaks, but it limits the damage when a leak occur. (A password manager you trust makes this much easier.) Be alert and change your password as soon as you hear about a leak like this. Right now, we don’t know which users are affected. But if you have an old and weak password, it’s a good idea to change it NOW anyway. Changing it one time too many is better than having your confidential data all over the Internet. Pay attention to the security-awareness of the cloud providers you use. This may not have been DropBox’s fault, but it could have been. This is a good opportunity to mention our own younited, which is built with security in mind from the ground up, and is located in a country where the authorities doesn’t do mass surveillance. BTW, Edward also thinks you should consider alternatives to DropBox. DropBox claims this leak happened in some other service that connect to DropBox. This is a plausible explanation and reminds us about the danger of connecting services to each other. If you enter the password of any service into another service, you must ask yourself two questions. Will this company refrain from misusing my data and does this company protect my password sufficiently? By replicating the password to several places you increase the risk that it leaks out. Don’t do that unless you get a significant benefit and trust all places where the password is stored. Two-factor authentication is a great feature that increase security. Use it whenever possible. It should by now be clear that this kind of massive password leaks aren’t rare incidents. We see a constant stream of these and there are probably many leaks that remain unnoticed, or are noticed but stay out of the headlines. We all have to realize that a leak like this will hit us sooner or later. Sorry for sounding like a broken record, if you still have the same password on several services, you should be busy changing them by now. Safe surfing, Micke Image: Screen capture from dropbox.com PS. Isn't that screenshot a bit funny? Yes, your data in DropBox could really be ANYWHERE right now. :)