Debian User Forums

Hi,

To prevent children access porn, I had thought about following measures to create a linux system they can work with and not being able to access any porn.:

0.- Fix DNS with porn parental control:
edit resolv.conf with CleanBrwosing DNS

1.- Mount all not system devices with forbidden execute permissions, so they cant run any autoexecutable applications like Appimage
mount /tmp folder with not executable permissions as well

2.- Restrict sudoers to run only few scripts and synaptic, so we can monitor what they've installed from synaptic history
2.1 blacklist some packages in synaptic, so we can prevent them to install application can dowload porn such as (amule, kodi, tor...)
/etc/apt/apt.conf.d/01autoremove
or with chattr .: (creating an empty file so it crashes blacklisted installations touch /bin/kodi && chattr +i /bin/kodi)

3. Just in case, protect some sensible files by changing attibutes to only read by using chattr.
chattr +i sudoers, fstab, resolv.conf, sources.list

4- Lock Chrome extensions, so they cant bypass dns system or install any proxy browser.

5- Create a wrapup gksudo editor, so they can edit some configuration system files paths.. and not modify files like sudoers, fstab, etc

6- Filer Mac IP to use only parental computer, and protect router password so they cant download data porn wifi to smartphone without consuming their own data movil tarife

7- Protect BIOS with password so they cant boot to a device and make use of a livecd o liveusb
-------------------------------

I think with these all few measure, we can be sure, they wil be able to work properly and not being able to acces any porn at the same time unless, for a few years..


What do you think??, do you see any vulnerability in theses measures?

You cannot prevent your children to have access to porn. If they can't get it inside your house, they will get it from another location where you don't have control. Bet on it.
It's better to guide your children so that they know what they see is not proper loving sex like in a relationship. And that ALL girls and women they meet or will meet will not like to be treated that way. That's much more effective.

Doing stuff like that is a bit like putting a bell on your cat's collar — it doesn't stop them from killing things, it just makes them better at being stealthy.

And anyway there was no interweb at all when I was growing up but I still managed to find porn.

Head_on_a_Stick wrote:Doing stuff like that is a bit like putting a bell on your cat's collar — it doesn't stop them from killing things, it just makes them better at being stealthy.

And anyway there was no interweb at all when I was growing up but I still managed to find porn.

Ok,But Its just not the same have to being to be stealthy and seeking for ways to get porn, that just turn on computer and open gates to hell..

Its no the same things, having a botle of wine hidden below the bed, that having a drink's bar in your stayroom..there's big difference.. and the idea is to blind and prevent children access to porn, not to prevent adolescent growed..
porn is a huge sin that corrupts and curse souls, thought, those that belongs to devil doesnt experience these curses..

Bloom wrote:You cannot prevent your children to have access to porn. If they can't get it inside your house, they will get it from another location where you don't have control. Bet on it.
It's better to guide your children so that they know what they see is not proper loving sex like in a relationship. And that ALL girls and women they meet or will meet will not like to be treated that way. That's much more effective.

You gave me an idea, It happens to me that perhaps:
8.- A solution could be blacklist all video players but one , and give temporary access to that video player, when they require, so this way they could not wacth any movie throught an external source, such an usb disk.

Another interesting idea, would be to make use of virtual pc and a clien/server deploy, so this way, they would use terminal client to work with, that would make to watch movies very annoy, becouse of remote connexion would make video streaming very uncappable. They would have theirs terminals consoles in their bedrooms, and would work in remote. We could use someting like vmware vsphere

1: just give up. You won't be able to stop them, no matter what they do. A big IT team couldn't stop shop class kids back in 1998 from accessing porn at my school, so YOU won't be able to stop your kids from it.

2: try being a real parent and talking to your damn kids instead of this tortuous bullshittery just so you can "protect" them by sitting back and ignoring them while technology attempts to "keep them safe"

3: if the internet is "the gates to hell" get the **** off of it yourself. You've already proven to have no self control since you can't seem to stop yourself from making a frankendebian on everything. If you can't keep a Debian stable install pure, how the hell do you plan on keeping yourself "pure"?

4: yeah, I see vulnerabilities in your measures. YOU. If you have to ask, you don't understand security enough yet. Your kids will always find a way around anything you try and block. Period. Unless you've had networking / security as a JOB the last 10-20 years, your kids will likely understand more of the system than you do.

pendrachken wrote:1: just give up. You won't be able to stop them, no matter what they do. A big IT team couldn't stop shop class kids back in 1998 from accessing porn at my school, so YOU won't be able to stop your kids from it.

2: try being a real parent and talking to your damn kids instead of this tortuous bullshittery just so you can "protect" them by sitting back and ignoring them while technology attempts to "keep them safe"

3: if the internet is "the gates to hell" get the **** off of it yourself. You've already proven to have no self control since you can't seem to stop yourself from making a frankendebian on everything. If you can't keep a Debian stable install pure, how the hell do you plan on keeping yourself "pure"?

4: yeah, I see vulnerabilities in your measures. YOU. If you have to ask, you don't understand security enough yet. Your kids will always find a way around anything you try and block. Period. Unless you've had networking / security as a JOB the last 10-20 years, your kids will likely understand more of the system than you do.

heheh, I think you're exagerating a lot, aren't you?... Im not an expert at all, neither have big experience as networking security, thouth yet, I consider my measures purposed are kind of easy to deploy and very solid.. you have to understand they are planned for kids not for hackers.. ..
If you cant install any player, p2p program, and you cant modify resolv.conf, and you cant install any browser addon, neither a proxy, cant boot any usb/dvd I doubt a lot you can get any porn access in your computer.... so, Whats wrong with all of you!!..
they might get some magazines porn .. I wouldnt buy them any smartphone til they are 16yo or so, neither.... comeon!!!, we can find a midle point

by the way, after five years of dealing with debian and playing with packages installations, i consider my system installation an advanced and perfect one.. my franquendebian is debian stable certificate, in my point of view.. it just differs in using an ubuntu kernel engine.

The interesting, would be you to purpose some smart, clever , good and easy to deploy parental control measures.. that would be good instead
to criticize everithing..

+1 to education - there's no better way.

bester69 wrote: ↑2020-06-21 13:03huge sin that corrupts and curse souls, thought, those that belongs to devil doesnt experience these curses..

ROFL, and I thought you were crazy before.

Seriously dude, give it up. I was running rings around "parental controls" (both at home and the school IT department) when I was an adolescent, and I fully expect the same goes on today.
Young people like to rebel, and the harder you try to keep something from them the more time and effort they will put into getting it.
This game of cat-and-mouse you simply cannot win. You're far better off educating than restricting, and no amount of cunning technological trickery is going to do your parenting for you.

Bloom wrote: ↑2020-06-21 12:16 You cannot prevent your children to have access to porn. If they can't get it inside your house, they will get it from another location where you don't have control. Bet on it.
It's better to guide your children so that they know what they see is not proper loving sex like in a relationship. And that ALL girls and women they meet or will meet will not like to be treated that way. That's much more effective.

+ 10
most of the elicited reactions to this theme could almost (to fit in with the subject) be brought under “ sterile intellectual masturbation “

I think some of this is overkill, bester

0.- Fix DNS with porn parental control:
edit resolv.conf with CleanBrwosing DNS

No problems here.

1.- Mount all not system devices with forbidden execute permissions, so they cant run any autoexecutable applications like Appimage
mount /tmp folder with not executable permissions as well

How can they install appimage if you don't give them root?

If /tmp doesn't have execute permissions you can't list the contents of the directory, which you may want to do sometime.

2.- Restrict sudoers to run only few scripts and synaptic, so we can monitor what they've installed from synaptic history
2.1 blacklist some packages in synaptic, so we can prevent them to install application can dowload porn such as (amule, kodi, tor...)
/etc/apt/apt.conf.d/01autoremove
or with chattr .: (creating an empty file so it crashes blacklisted installations touch /bin/kodi && chattr +i /bin/kodi)

See #1 above

3. Just in case, protect some sensible files by changing attibutes to only read by using chattr.
chattr +i sudoers, fstab, resolv.conf, sources.list

Again, just don't give them root

4- Lock Chrome extensions, so they cant bypass dns system or install any proxy browser.

You can't bypass DNS without root.

5- Create a wrapup gksudo editor, so they can edit some configuration system files paths.. and not modify files like sudoers, fstab, etc

If they're not root that can't do any of this stuff

6- Filer Mac IP to use only parental computer, and protect router password so they cant download data porn wifi to smartphone without consuming their own data movil tarife

I thought we weren't giving them smartphones

7- Protect BIOS with password so they cant boot to a device and make use of a livecd o liveusb

Yup.

I don't think it's in this forum's scope to tell someone else how to parent, but I made a lot of mistakes with my own kids (youngest is now almost 40) and one of the mistakes I made all the time was restricting my kids instead of educating them. Of course, your kids, your business

cheers -

wizard10000 wrote: ↑2021-08-26 12:38 I think some of this is overkill, bester

0.- Fix DNS with porn parental control:
edit resolv.conf with CleanBrwosing DNS

No problems here.
...
I don't think it's in this forum's scope to tell someone else how to parent, but I made a lot of mistakes with my own kids (youngest is now almost 40) and one of the mistakes I made all the time was restricting my kids instead of educating them. Of course, your kids, your business

cheers -

protect your children, dont let evil comes in home throught their computers..

Updating my list 2.0 ..and making it easy and secure
- No Smartphones
- BIOS password protected: So they cant use any livecd to gain root acces
- DNS parental control filtering
- No sudo user : He will have to ask you for software to be installed
- Lock Chrome extensions: This way, He wont be able to install proxy addons to bypass parental control
- MAC rooter filtering: This way, They wont be able to connect different devices in their rooms without parental control
- Scheduled Timing router daily parental control: So, they cant use internet after middle night
- forbidden execute home, tmp permission (not sure how to achieve this): Cos they could use appimages like TOR downloaded from school in a usb and use it in home
- Dont install media players: so they cant put in any media porn and watch it in private

Extraordinary mesaures:
- Limit bandwidth download to MAC IP assined to 500Kb : This way they woulnt be able to watch media porn streaming easily (just in case!)

Education, for sure , I see those measures pretty solid and easy to implement Wizard1000

bester69 wrote: ↑2020-06-21 10:30 Hi,

To prevent children access porn, I had thought about following measures to create a linux system they can work with and not being able to access any porn.:

0.- Fix DNS with porn parental control:
edit resolv.conf with CleanBrwosing DNS

I used OpenDNS
Add the OpenDNS servers at your router level then it covers the whole house.
Lock down allowing the kids to change the DNS servers locally then you are good to go

Why would the OP think that parental control is anybodies problem but his. The Debian developers spend a lot of their personal time creating the best Linux distro. They have a lot more important things to work on than creating parental controls. IMO I think the OP is dragging a line behind a boat, and you all are taking the bait. If you catch my drift.

I can understand why Bester is trying to do it, but the methods seem completely unmanageable. If you want parental controls as a "safety net", and have made the decision to implement them, you need to approach this in two ways.

1) You will need to get in touch with your ISP and get them instated there.
2) You will need to be admin of all the devices you own and allow children to use, and prevent local bypassing of DNS.

Beyond that, once they get to a certain age - any further controls are what amounts to a cat and mouse game and are no substitute for supervision.

I wonder do you have the same level of concern with regards to violence?

cynwulf wrote: ↑2021-10-15 10:22 ...

I wonder do you have the same level of concern with regards to violence?

No at all!! violence is "good".. Ive never experience realm trought violence and Ive seen all violences movies that exist since I was a boy... so I act according to my own judge and experience life..dont consider violence scenes do any bad to healthy kids or youngs. Sex and porn is different cos puts your soul in contact with stuff we dont reach to understand, but for sure, evil comes behind (devil puts the seed) if you're not spiritually blind.. some of us, understand this but prefer dont share it.. cos most poeple dont see it or feel it like that..

Ive heard that kids imitates violence movies in college.. as i also was a kid and never acted like that, my conclusion is that perhaps these ones are "organic portals" kids..cos organic portals always imitates human being behaviors.