girl with laptop

Kids and the Internet: Why parental controls aren’t enough

Ask a parent of an underage child if they are concerned about their child being exposed to inappropriate Internet content, and most parents will, predictably, say yes. Then ask if they use some type of parental control software to protect their kids online, and the majority of parents will say no. Surprised? I was.

family with laptop

In our global survey of 15 countries, 78% of parents reported being concerned about their kids being exposed to content like porn, violence, racism and drugs online. But only 40% said they actually use software tools that ensure safe Internet use on computers their children use.

As the parent of a toddler, I don’t yet have to worry about such questions, but if my kid were school-age, I certainly would. Software with Internet filters and time controls is an easy way to make sure kids aren’t getting into trouble online. So why the disconnect?

Looking for answers

To get a better understanding of the thinking behind the statistics, I thought I’d ask some parents about their use or nonuse of parental control software. Living in Finland, the country with the lowest number of parents who use parental controls on computers their kids use (only 24%) and being from the US, with the highest number (59%), it made for some interesting conversations. I asked mainly Finns and Americans, but people from a few other countries as well.

What I found was that yes, parents do care about their kids accessing inappropriate content. But approaches for dealing with it range widely. I would loosely categorize my interview subjects into three camps.

First camp: Parental controls a must

One mother of an eight-year-old said she plans to use parental controls on her son’s new laptop, and doesn’t allow Internet access on his mobile phone. A mother of four children under ten uses an Internet filter in addition to accompanying her kids while they’re online. And another mom said in addition to using parental control software, she drove her teenage daughters (now grown) crazy with frequent lectures about the dangers of the Internet.

Second camp: Parental control, but not with software

One parent pointed out that parental control software isn’t the only way to protect kids online. For example, placing the computer in a high-traffic area of the home is a good way to make sure kids aren’t getting into trouble. Similarly, a parent of a five-year-old said she doesn’t use parental control software, but her child isn’t allowed to access the Internet without a parent by his side.

Third camp: The liberal approach

Some parents took a more liberal approach. A father of teenagers said he no longer uses parental controls, instead relying on a trust relationship with his children. A mother of a 14-year-old forgoes parental controls also, since her son doesn’t seem to show interest yet in anything aside from a few online games.

A common thread between these parents was that even if they restrict access at home, their kids could still access bad content away from home. And that restricting access might make forbidden fruit all the more tempting. One father stressed that he is always available to talk to his children should they see something distressing online.

Which approach is best?

Parents’ answer to that question depends on, among other factors, cultural attitudes and the age of their children. My personal conclusion? When it’s time I need to think about it, I’ll err on the stricter side by restricting access time, monitoring usage and just to be extra-safe, use some form of content filter for my child.

To me, there’s way too much bad stuff out there that’s way too easily accessible. A lot of it’s not fit for anyone, let alone kids – case in point, Facebook’s recent controversy over videos of extreme violence. Even if you trust your kids, they may stumble onto harmful content without meaning to. Or they may let curiosity get the best of them and see things their young minds just shouldn’t have to think about.

Communication is key

But even the strictest parental controls aren’t enough. In talking to different parents, whatever their stance, the theme that kept recurring for me was communication. Open, realistic age-appropriate communication between parent and child. About what kind of websites are and aren’t okay. About what kind of behavior online is and is not okay.

So even when the child is away from home, he or she will have a basis for making the best choices. And if a child does happen to see something harmful, you can hopefully find out about it and discuss it.

Plus, not every risky thing your kids do online can be caught by parental control software. The lecturing mom who aggravated her daughters? They are now grateful for the talks because they haven’t made the embarrassing mistakes their friends have made, posting compromising selfies and the like.

Family protection for computers and mobile devices

So talk to your kids. And if you’re looking for parental control software, allow me to recommend F-Secure Internet Security.

F-Secure Internet Security allows parents to filter out websites based on what sort of content they want to protect their kids from:

content-blocker

And it lets parents set browsing time limits:

time-limits

F-Secure Internet Security also protects computers from viruses and other digital threats and safeguards while banking and shopping.

There’s also protection for kids’ mobile devices. F-Secure Mobile Security, in addition to protecting from digital threats and in case of loss or theft, offers parental controls, with the added feature of shielding kids from inappropriate apps.

And for under one euro per year, parents can install F-Secure Child Safe to iPads and iPhones. Child Safe is a browser that keeps kids safe from harmful content when browsing the web.

What about you – do you use parental control software? If not, how do you make sure your kids are safe online? Let us know in the comments!

.

Girl with laptop image courtesy of Clare Bloomfield / FreeDigitalPhotos.net

Parents with kids image courtesy of photostock / FreeDigitalPhotos.net

More posts from this topic

ransomware gangs, cybercrime unicorn

Could Criminals Make A Billion Dollars With Ransomware?

Bitcoin has not only changed the economics of cybercrime by providing crooks with an encrypted, nearly anonymous payment system autonomous from any central bank. It's also changed researchers' ability to track how much money criminals are making. "Bitcoin is based on Blockchain, and Blockchain is a public ledger of transactions. So all Bitcoin transactions are public," explains Mikko Hyppönen, F-Secure's Chief Research Officer. "Now, you don’t know who is who. But we can see money moving around, and we can see the amounts." Every victim of Ransomware -- malware that encrypts files and demands a payment for their release -- is given a unique wallet to transfer money into. Once paid, some ransomware gangs move the bitcoins to a central wallet. "We've been monitoring some of those wallets," Mikko says. "And we see Bitcoins worth millions and millions. We see a lot of money." Watching crooks rake in so much money, tax-free, got him thinking: "I began to wonder if there are in fact cybercrime unicorns." A cybercrime unicorn? (View this as a PDF) A tech unicorn is a privately held tech company valued at more than a billion dollars. Think Uber, AirBNB or Spotify -- only without the investors, the overhead and oversight. (Though the scam is so profitable that some gangs actually have customer service operations that could rival a small startup.) "Can we use this comparison model to cybercrime gangs?" Mikko asks. "We probably can’t." It's simply too hard to cash out. Investors in Uber have people literally begging to buy their stakes in the company. Ransomware gangs, however, have to continually imagine ways to turn their Bitcoin into currency. "They buy prepaid cards and then they sell these cards on Ebay and Craigslist," he says. "A lot of those gangs also use online casinos to launder the money." But even that's not so easy, even if the goal is to sit down at a online table and attempt to lose all your money to another member of your gang. "If you lose large amounts of money you will get banned. So the gangs started using bots that played realistically and still lose – but not as obviously." Law enforcement is well aware of extremely alluring economics of this threat. In 2015, the FBI’s Internet Crime Complaint Center received "2,453 complaints identified as Ransomware with losses of over $1.6 million." In 2016, hardly has a month gone by without a high-profile case like Hollywood Presbyterian Medical Center paying 40 Bitcoin, about $17,000 USD at the time, to recover its files. And these are just the cases we're hearing about. The scam is so effective that it seemed that the FBI was recommending that victims actually pay the ransom. But it turned out their answer was actually more nuanced. "The official answer is the FBI does not advise on whether or not people should pay," Sean Sullivan, F-Secure Security Advisor, writes. "But if victims haven’t taken precautions… then paying is the only remaining alternative to recover files." What sort of precautions? For Mikko, the answer obvious. "Backups. If you get hit you restore yesterday’s backup and carry on working. It could be more cumbersome if it’s not just one workstation, if your whole network gets hit. But of course you should always have good, up to date, offline backups. And 'offline' is the key!" What's also obvious is that too few people are prepared when Ransomware hits. Barring any disruptions to the Bitcoin market, F-Secure Labs predicts this threat will likely persist, with even more targeted efforts designed to elicit even greater sums.  If you end up in an unfortunate situation when your files are held hostage, remember that you're dealing with someone who thinks of cybercrime as a business. So you can always try to negotiate. What else do you have to lose?

August 24, 2016
BY 
Father lecturing son in bedroom

F2P can cost parents thousands of Euros – read this to avoid it

This is really an old problem, but it’s in the headlines again. Pokémon Go is yet another example of a “free” game with a business model based on in-app purchases. These games are also known as F2P, standing for free-to-play. You can start playing, and get hooked, for free. But soon you run into a situation where you can’t proceed without buying virtual stuff in the game. The stuff you buy is virtual but the payment is very real money. This is no doubt a profitable model. Pokémon Go went straight to the top and for example Finland-based Supercell, maker of Clash of Clans, has constantly reported nice profits. This can naturally cause trouble for addicted adults, but the real problems arise when kids get hooked. There are numerous public stories about kids making purchases for hundreds or even thousands of Euros, often without even understanding how much they have spent. And the sinister part is that this can go on for a while until you get the credit card bill, and it’s too late. Your chances to get a refund are somewhere between slim and none. But how can this happen? Let’s take a look at the most common scenarios. Your kid has set up the new device and created the needed account with Apple or Google. Everything is fine until he or she needs an app that isn’t free. You enter your credit card on the kid’s device and make the purchase, but you don’t pay any attention to the security settings. This may give your kid carte blanche to buy anything he or she likes, and you pay the bill. You have entered your credit card but set up the kid’s store account so that a password only you know is required for every purchase. But there are some convenient settings that allow purchases without a password within a limited time window after the password has been entered. Kids learn very quickly to utilize this opportunity. Let’s assume the same setup as in the previous point, but with the correct security settings. Now the password is needed for every purchase. But the store account is still owned by the kid and the password can be reset. The password reset link will be sent to the kid’s mail or phone number. It’s carte blanche again with the new password. Ok, you create an account you own for the kids phone. It’s tied to your mail and phone number, so the password reset trick shouldn’t work anymore. You put down your phone and head for the toilet. Your kid has been waiting for the opportunity and initiates the password reset request. Your phone is there on the table wide open, with the reset link in the mail. You can figure out the rest yourself. And of course the simple alternative. You think the store password on your kid’s device is secret. But in reality it is either too easy to guess or someone has been looking over your shoulder. So there’s many things that can go wrong, but what can we do to avoid it? There are many ways to fight this problem, but this is in my opinion the best approach: Let the kid set up the store account on the device and set own passwords. Just like an adult would use a phone, except that there’s no payment method registered. Never enter your credit card number on the kid’s device. On Android, get familiar with Google Play Family. This feature enables you to purchase stuff for your kid on your own device. On iPhone, send apps or money as gifts. There may be applications that bypass the store and handle credit card transactions directly. This can typically be handled with vouchers or other prepaid payment methods instead. The application usually guides the users and list all supported methods. Let’s also take a look at the hard way. Follow these instructions if you for some reasons must have your credit card registered as a payment method on the kid’s device. Make sure the store is protected with a good password that only you know. Make sure the kid isn’t watching too closely when you enter it. Make sure the store is set up to require the password every time a purchase is made. Make sure the store account is attached to an e-mail only you have access to. Make sure the e-mail password is decent and not known to your kid. Make sure your phone’s security settings are decent. Use a PIN or password your kid doesn’t know and make sure it locks automatically quickly enough. Even better, do not have the e-mail of your kids store account on your phone. Access it through web mail when needed. So this is after all a quite complex issue. There are many variations and other ways to deal with the problem. Did I miss some simple and clever way? Write a comment if you think I did. And finally. Yes, there’s also many ways to lock the kids out of the store completely. This does no doubt solve some problems, but I don’t think it’s a good idea. They will after all live their lives in a world where digital devices and services are as natural as breathing. They deserve the opportunity to start practicing for that right now. Let them browse the store and discover all the fun stuff. And be part of the group and use all the same apps as their friends. Let them have fun with the phone and learn, even if they will learn some things the hard way. Don’t ruin it for them.     Safe surfing, Micke  

August 16, 2016
BY 
Check your router with F-Secure Router Checker

QUICK TIP: Make sure your internet connection is clean

This has got to be the quickest Quick Tip of all. Literally. With just one click, it's too easy not to do. You know your computer can be infected. But did you know your router can, too? And because most people just aren't aware of it, if your router is compromised, it could stay that way a long time without you ever knowing. Unless, of course, you use our free Router Checker. No need to download anything. Just visit the page and click to start the check. Hacking your router is just one more method attackers use to display fraudulent advertising, spread malware, or steal your private account credentials. It's called DNS hijacking. When you type in a website name, say "cooldomain.com," you're directed to a DNS server that will find the website's IP address - say "44.567.54.69" for example, and display the website you need. But in a DNS hijack, hackers change your router's settings to direct you to a rogue DNS server. The rogue server will give a malicious IP address, purposely directing you to a website that may look like the one you want, but it's not. Here's an example: Let's say you want to log into your bank account. But unbeknownst to you, you're directed to a look-alike website that's not really your bank. You enter in your bank username and password. Now the attacker has your credentials, which he (or she) can use. F-Secure Router Checker makes sure the settings on your computers, phones, and routers connect to safe DNS servers. So what are you waiting for? Visit the F-Secure Router Checker page and click on "Check Your Router." It's too easy not to do.

August 12, 2016