It forces Google SafeSearch on and restricts the major porn sites. It's not foolproof though - you can still find stuff if you know what you're looking for, particularly discovering games on itch and via reddit.
Only recommendation I have is to stay the hell away from Google's parental controls. Once you've turned it on, there is no way to remove it. It is a trap, pure and simple.
Great recco! I'd set it up on the network their devices connect to, as well as the device.
FYI - Kids are way smarter and have so much time. I enjoyed working around my parents, who resorted to a wireless VGA mirroring device that put what was on my screen on a display in the living room (which I found a workaround for with my 3500 AGP card, see what I mean?)
If your young kids use Apple devices, I'd also consider setting an MDM (you need a Mac, to erase the iOS device, and an app called Apple Configurator 2)
Here are some settings I'd be sure to deploy:
- Disable "Allow Manual VPN creation"
- Disable "Allow modifying account settings" (creative kids will change iCloud accounts which syncs preset Wifi details from another device)
- Disable "Allow modifying cellular data app settings" / "Allow cellular plan changes"
+ Enable "Connect to MDM-configured Wi-Fi networks only" after you're sure you've considered common access points you need to add
I would also use a monitoring tool at home for bluetooth and wifi devices and access points that pop up. Export the log now and then and see if any devices appear around your house when your kids get home and their registered devices appear. I found vapes on my 8 year old nephew because he was using a Bluetooth app on his phone to choose profiles. 8 years old.
Gotta be way proactive if you want to protect these young minds. It's nearly impossible to shield anyone for any length of time without being disconnected, which is also unhealthy for growing minds.
In the end, it's all balance. But you need way more than just parental controls. Parental controls is like the little gate latch you lift to open the gate, it will be worked around.
* The best way to roll this out since you must erase the iOS device is to do an upgrade swap and have them trade in their old device.
Thanks. It’s great insight. Yeah trying to balance for sure but wanted to see how extensive folks get to. The parental controls that individual apps/sites seem terribly weak. And yes, kids are incredibly smart at figuring stuff out but it sounds like the DNS layer might be the simplest. I wonder if I have to lock things down like how InfoSec teams do.
Will check out an MDM. Is that like Kandji that gets deployed on corporate devices?
Cloudflare Family DNS and then a PiHole on top of that.
The biggest one though is not giving the kid a cellphone.
Cloudflare family for those unaware: https://one.one.one.one/family/
It forces Google SafeSearch on and restricts the major porn sites. It's not foolproof though - you can still find stuff if you know what you're looking for, particularly discovering games on itch and via reddit.
NextDNS.io plus the NextDNS app, and Screen Time and Restrictions on Apple platforms.
Only recommendation I have is to stay the hell away from Google's parental controls. Once you've turned it on, there is no way to remove it. It is a trap, pure and simple.
What do you mean by that?
It's quite invasive and meant to be so. I do use it and it's quite effective, but this is coming from someone in the trap.
nextdns.io
Great recco! I'd set it up on the network their devices connect to, as well as the device.
FYI - Kids are way smarter and have so much time. I enjoyed working around my parents, who resorted to a wireless VGA mirroring device that put what was on my screen on a display in the living room (which I found a workaround for with my 3500 AGP card, see what I mean?)
If your young kids use Apple devices, I'd also consider setting an MDM (you need a Mac, to erase the iOS device, and an app called Apple Configurator 2)
Here are some settings I'd be sure to deploy:
- Disable "Allow Manual VPN creation"
- Disable "Allow modifying account settings" (creative kids will change iCloud accounts which syncs preset Wifi details from another device)
- Disable "Allow modifying cellular data app settings" / "Allow cellular plan changes"
+ Enable "Connect to MDM-configured Wi-Fi networks only" after you're sure you've considered common access points you need to add
I would also use a monitoring tool at home for bluetooth and wifi devices and access points that pop up. Export the log now and then and see if any devices appear around your house when your kids get home and their registered devices appear. I found vapes on my 8 year old nephew because he was using a Bluetooth app on his phone to choose profiles. 8 years old.
Gotta be way proactive if you want to protect these young minds. It's nearly impossible to shield anyone for any length of time without being disconnected, which is also unhealthy for growing minds.
In the end, it's all balance. But you need way more than just parental controls. Parental controls is like the little gate latch you lift to open the gate, it will be worked around.
* The best way to roll this out since you must erase the iOS device is to do an upgrade swap and have them trade in their old device.
Thanks. It’s great insight. Yeah trying to balance for sure but wanted to see how extensive folks get to. The parental controls that individual apps/sites seem terribly weak. And yes, kids are incredibly smart at figuring stuff out but it sounds like the DNS layer might be the simplest. I wonder if I have to lock things down like how InfoSec teams do.
Will check out an MDM. Is that like Kandji that gets deployed on corporate devices?