While I understand the frustrations of the author, their proposed solution is extremely short-sighted and comes with a huge list of potential pitfalls that would be extremely damaging to...
While I understand the frustrations of the author, their proposed solution is extremely short-sighted and comes with a huge list of potential pitfalls that would be extremely damaging to individual freedoms - Frankly, 'server-side' in-depth age verification should not be a requirement for anything.
Almost any age verification can easily be bypassed (I mean, people can get scannable fake IDs for like $40)
We should not trust any company to use or store any validation information responsibly. We already know they abuse and poorly protect personal info as it stands. There's no reason that would change.
It's a huge blow to privacy. For example - say you're an adult and frequent some LQBTQ sites. Now, you need to verify your age, which means there's a written record of you visiting these sites. Given the political climate in the US today, there's a genuine risk that record could harm you if the wrong people get their hands on it.
As a parent myself, this is definitely a huge problem. But there are better ways to solve it. Better device-side parental controls, working on improving parental knowledge (not many parents know you can easily set filters on your home wifi network), strict smartphone bans during school hours, educating your children about the potential dangers of social media, etc.
There will never be a 'one-size-fits-all' solution. As with anything, we just need to stay educated and adaptive.
Fully agree on your points about age verification. There just isn't a foolproof way to implement it that can't be bypassed somehow. Hell, even the examples of kids with alcohol and driving doesn't...
Fully agree on your points about age verification. There just isn't a foolproof way to implement it that can't be bypassed somehow. Hell, even the examples of kids with alcohol and driving doesn't hold up because plenty of teens still get their hands on alcohol. Kids find ways around rules, some will even see them as a challenge. It's a fact of life.
It's also an undue burden for people who run smaller or independent sites to enforce such a check. I'd also be worried about those sites getting hacked, or someone setting up such a site with malicious intent depending on how the age verification is implemented. If it's via scans of a driver's license, and the owner of a site has the power to view them... Yeah, that's really bad.
We can't expect anything to be 100% kid-proof, so we need to work with that expectation in mind. To that end, I think educating kids about the dangers of social media is a HUGE factor that needs more emphasis. If they can understand why it's dangerous and bad, they'll be less likely to dive into talking to strangers as part of an act of rebellion than just being told "it's forbidden".
My parents drilled stranger danger into me hard. I used the internet largely unsupervised (thankfully I mostly just wanted to play Neopets or hang out on gaming forums that were fairly strict about keeping things appropriate), but I knew to never give out personal info as a kid. To this day I'm pretty sure a fair number of people still think my name is Kristen.
Education is incredibly important. All these measures only add an illusion of safety, there is still plenty of danger online that these measures won't address but make people more complacent....
Education is incredibly important. All these measures only add an illusion of safety, there is still plenty of danger online that these measures won't address but make people more complacent. Social media has been terrible for this, with people sharing a lot of information about themselves publicly without knowing how easy that makes it for bad actors to find even more sensitive information.
I want to echo this. As a kid, little upset me as much as a flat-faced “no” without explanation or even worse, appeal to authority (“because I said so”). Kids aren’t fully formed and lack...
We can't expect anything to be 100% kid-proof, so we need to work with that expectation in mind. To that end, I think educating kids about the dangers of social media is a HUGE factor that needs more emphasis. If they can understand why it's dangerous and bad, they'll be less likely to dive into talking to strangers as part of an act of rebellion than just being told "it's forbidden".
I want to echo this. As a kid, little upset me as much as a flat-faced “no” without explanation or even worse, appeal to authority (“because I said so”).
Kids aren’t fully formed and lack experience, but they’re still people and have the intelligence to understand and internalize almost anything given that the logic behind it is explained carefully. It’s worth the time and care to give them solid, grounded reasons whenever practical.
Completely agree about server side verification. While there are zero knowledge ways to handle age verification, they’re all complicated and difficult to manage. They’re not really suitable for...
Completely agree about server side verification. While there are zero knowledge ways to handle age verification, they’re all complicated and difficult to manage. They’re not really suitable for non-techies. And as you said, the list of downsides and potential to expose people is far too great. One hack or zero day would be all it took to expose everyone’s private lives.
Every time I see an article like this, I feel like it's in complete denial of the fact that minors actively will find ways to circumvent things, and that no solution is, or could be, perfect. In...
Every time I see an article like this, I feel like it's in complete denial of the fact that minors actively will find ways to circumvent things, and that no solution is, or could be, perfect. In contemporary times, children routinely have had access to plenty of NSFW material and social media online for the last 20 years, if not the last 30. What I see here is another fearful, controlling parent seeking to preemptively police their child.
I think the reality is, static pornography and social media are certainly not an excessive threat to children. Or, at the very least, not as threatening as Dr. Twenge feels. I think that anyone born since roughly 1995 has statistically had the ability to view these materials, and the vast majority of people who consumed these materials has not been negatively affected to a substantial amount.
I think the taboo nature of pornographic material, motivates unnecessary levels of concern from parents. In the past, these materials were simply obtained/consumed through other means. Adult content is still available on news racks across the country, and was more readily available in the past. It used to be common that it was 'found in the woods' or was lifted from an older family member. Since the advent of the availability of mass printed media, pornographic material is has always been far more commonly available than any parent wants to consider.
I will concede that there are arguments to be made about how specific media can create the wrong ideas of how the world works for young people. However, there's an entire slew of topics related to the birds and the bees that probably need to be explained to children that aren't, and issues often arise from society leaving young people to simply search out adult material to learn it themselves.
Simultaneously, "pornographic" is often thrown around to denigrate transgender and other queer people. I don't trust that parental controls aren't going to be immediately used to closet and restrict access to media that could help trans kids learn to understand themselves.
Additionally, while I do think that social media is an awful, dangerous thing to our society, I also think that social media is uniquely incorrectly framed when discussing children. Genuinely, I can't determine if the author has an issue with social media, or with the ability to send images via digital device. These are fundamentally two separate issues, and the author would rather fume about the matter, than elaborate.
Is SnapChat social media? Yes, for some people, but it's also an app where people can send messages back and forth. The entire 'self deleting' aspect is just an automatic version of manually erasing conversation messages via SMS. While I can see the issue private messaging raises, it's still disingenuous to lump children having age inappropriate conversations via encrypted messaging in with participating in online social media.
While having social media is absolutely a thing parents should restrict for their children, one really shouldn't expect to their kids to naturally understand why it's being restricted. Simply blocking the content leads to efforts to circumvent it.
Another time, I noticed Instagram had appeared on the list of allowed websites. I blocked it again and asked my daughter about this mysterious development. She eventually admitted that she’d sneaked into my home office, pulled up the Qustodio website and changed the control settings.
I feel like the author, a person with a doctorate, is embarrassed that their child figured out how to 'hack' the parental controls. I digress.
Finally, children are regularly groomed on roblox, which is explicitly for kids. Most CSA cases involve a trusted family member / adult. Most child abductions are custodial.
I think that there's a lot more to be said about what's dangerous for kids online. Elsagate comes to mind, as does AI slop created for a child audience, or mobile games that kids can spend money on. However, these are fundamentally different issues than the ones the author brings up.
Unfortunately, the fact is, while some online content is really dangerous for kids, it's probably more the fact that it exists at all, rather than specific, controllable aspects of the web. Maybe parents should just not let their children have unfettered access to devices until it's age appropriate? Or just log what they consume, and be ready to discuss some really, really uncomfortable things.
I’m far from the only parent who has run into these issues. Online forums like Reddit are full of parents complaining that parental controls, especially Apple device controls, aren’t meeting their needs or that their kids are finding new work-arounds faster than they can keep up. When Louisiana state representative Kim Carver (R) tried to pass a law requiring Apple and other phone software providers to enforce age restrictions on apps, the company’s lobbyists told him that Apple devices already included parental control tools. When Carver later tried to set them up on his 14-year-old’s new iPhone, though, he concluded they “aren’t the panacea they’re promised to be,” he told the Wall Street Journal, echoing the experience of countless others I’ve spoken with at school parent nights on kids and technology.
They're often expensive, some of them don't work well across devices, they may not include things that seem obvious (like Snapchat as social media vs messaging), your kid can sneak onto your...
They're often expensive, some of them don't work well across devices, they may not include things that seem obvious (like Snapchat as social media vs messaging), your kid can sneak onto your computer and grant themselves access, and you have to know the tools exist to find them, buy them and then find out they don't work on a laptop.
Essentially parents who are non-experts are being expected to be and that's just not realistic.
I don't have any kids, but if I had, I'd probably set up white lists for them. Every domain (and IP) is blocked until they come to me and ask permission to use it. Additionally, they could use the...
I don't have any kids, but if I had, I'd probably set up white lists for them. Every domain (and IP) is blocked until they come to me and ask permission to use it. Additionally, they could use the unfiltered web while I'm around, for example I'm cooking and they're at the kitchen table watching YouTube.
Are there any parents around that can explain why this wouldn't work?
Works on your network only. I've dealt with it for years and even with the best intentions it still is a cat and mouse game. iOS vs Android vs Windows vs Chromebook. It is all stuff you have to...
Works on your network only. I've dealt with it for years and even with the best intentions it still is a cat and mouse game. iOS vs Android vs Windows vs Chromebook. It is all stuff you have to manage independently and I am very tech savvy. I don't blame parents who don't bother, it is a huge pain in the ass.
Devices with their own internet connection (I.e. Smart phones) you have to manage separately, but for home computers/lan this can be done at the router. You set the default outbound policy to...
Devices with their own internet connection (I.e. Smart phones) you have to manage separately, but for home computers/lan this can be done at the router.
You set the default outbound policy to deny, hole punch for a specific upstream dns resolver, set dnsmasq to populate a ipset which will be used for whitelisting with query responses (allow rule if dest in ipset).
Not required, but it makes the whole thing more seamless, setup DNS hijacking transparently pass all normal dns queries through the router's dnsmasq instance. You can also throw in a transparent intercepting proxy to protect against cases were good domains and bad domains share the same IPs because they're hosted by the same provider/reverse proxy (e.g. Cloudflare).
I do this to my various IoT devices, mostly as a learning exercise but it has some perks like ad blocking, update blocking, etc.
On my network yeah I have full control. Devices can travel and as such won't be constrained to your network. What happens when your kid needs to study with their Chromebook at school or at a...
On my network yeah I have full control. Devices can travel and as such won't be constrained to your network. What happens when your kid needs to study with their Chromebook at school or at a grandparents house? Locking down the network is valid and has its place, but is only part of the overall strategy. It also is a much higher barrier for non-technical parents.
Once it's outside the network, it's game over. If you threat model it, the adversary has physical access on unsecured networks. Even still, I don't know the age children get chromebooks at school,...
Once it's outside the network, it's game over. If you threat model it, the adversary has physical access on unsecured networks. Even still, I don't know the age children get chromebooks at school, but that's probably an age where you can't realistically protect them from the internet. They'll have access at friends houses, their friends phones, libraries, etc etc.
My comment is mostly a thought experiment, geared towards younger children that don't have their own devices, but perhaps you want to give them some autonomy to safely interact with the web.
At a certain age, it can't be helped, it's a matter of trust and having conversations, like most parenting.
Edit: I suppose, to more directly answer your question, I'd setup wireguard to route all traffic through the home router + firewall. This makes the per device configuration minimal, you just need to figure out how to install wireguard as an always on VPN and lock it down so the user can't disable it.
While I understand the frustrations of the author, their proposed solution is extremely short-sighted and comes with a huge list of potential pitfalls that would be extremely damaging to individual freedoms - Frankly, 'server-side' in-depth age verification should not be a requirement for anything.
As a parent myself, this is definitely a huge problem. But there are better ways to solve it. Better device-side parental controls, working on improving parental knowledge (not many parents know you can easily set filters on your home wifi network), strict smartphone bans during school hours, educating your children about the potential dangers of social media, etc.
There will never be a 'one-size-fits-all' solution. As with anything, we just need to stay educated and adaptive.
Fully agree on your points about age verification. There just isn't a foolproof way to implement it that can't be bypassed somehow. Hell, even the examples of kids with alcohol and driving doesn't hold up because plenty of teens still get their hands on alcohol. Kids find ways around rules, some will even see them as a challenge. It's a fact of life.
It's also an undue burden for people who run smaller or independent sites to enforce such a check. I'd also be worried about those sites getting hacked, or someone setting up such a site with malicious intent depending on how the age verification is implemented. If it's via scans of a driver's license, and the owner of a site has the power to view them... Yeah, that's really bad.
We can't expect anything to be 100% kid-proof, so we need to work with that expectation in mind. To that end, I think educating kids about the dangers of social media is a HUGE factor that needs more emphasis. If they can understand why it's dangerous and bad, they'll be less likely to dive into talking to strangers as part of an act of rebellion than just being told "it's forbidden".
My parents drilled stranger danger into me hard. I used the internet largely unsupervised (thankfully I mostly just wanted to play Neopets or hang out on gaming forums that were fairly strict about keeping things appropriate), but I knew to never give out personal info as a kid. To this day I'm pretty sure a fair number of people still think my name is Kristen.
Education is incredibly important. All these measures only add an illusion of safety, there is still plenty of danger online that these measures won't address but make people more complacent. Social media has been terrible for this, with people sharing a lot of information about themselves publicly without knowing how easy that makes it for bad actors to find even more sensitive information.
I want to echo this. As a kid, little upset me as much as a flat-faced “no” without explanation or even worse, appeal to authority (“because I said so”).
Kids aren’t fully formed and lack experience, but they’re still people and have the intelligence to understand and internalize almost anything given that the logic behind it is explained carefully. It’s worth the time and care to give them solid, grounded reasons whenever practical.
Completely agree about server side verification. While there are zero knowledge ways to handle age verification, they’re all complicated and difficult to manage. They’re not really suitable for non-techies. And as you said, the list of downsides and potential to expose people is far too great. One hack or zero day would be all it took to expose everyone’s private lives.
I wouldn’t trust any government to run this ever.
Every time I see an article like this, I feel like it's in complete denial of the fact that minors actively will find ways to circumvent things, and that no solution is, or could be, perfect. In contemporary times, children routinely have had access to plenty of NSFW material and social media online for the last 20 years, if not the last 30. What I see here is another fearful, controlling parent seeking to preemptively police their child.
I think the reality is, static pornography and social media are certainly not an excessive threat to children. Or, at the very least, not as threatening as Dr. Twenge feels. I think that anyone born since roughly 1995 has statistically had the ability to view these materials, and the vast majority of people who consumed these materials has not been negatively affected to a substantial amount.
I think the taboo nature of pornographic material, motivates unnecessary levels of concern from parents. In the past, these materials were simply obtained/consumed through other means. Adult content is still available on news racks across the country, and was more readily available in the past. It used to be common that it was 'found in the woods' or was lifted from an older family member. Since the advent of the availability of mass printed media, pornographic material is has always been far more commonly available than any parent wants to consider.
I will concede that there are arguments to be made about how specific media can create the wrong ideas of how the world works for young people. However, there's an entire slew of topics related to the birds and the bees that probably need to be explained to children that aren't, and issues often arise from society leaving young people to simply search out adult material to learn it themselves.
Simultaneously, "pornographic" is often thrown around to denigrate transgender and other queer people. I don't trust that parental controls aren't going to be immediately used to closet and restrict access to media that could help trans kids learn to understand themselves.
Additionally, while I do think that social media is an awful, dangerous thing to our society, I also think that social media is uniquely incorrectly framed when discussing children. Genuinely, I can't determine if the author has an issue with social media, or with the ability to send images via digital device. These are fundamentally two separate issues, and the author would rather fume about the matter, than elaborate.
Is SnapChat social media? Yes, for some people, but it's also an app where people can send messages back and forth. The entire 'self deleting' aspect is just an automatic version of manually erasing conversation messages via SMS. While I can see the issue private messaging raises, it's still disingenuous to lump children having age inappropriate conversations via encrypted messaging in with participating in online social media.
While having social media is absolutely a thing parents should restrict for their children, one really shouldn't expect to their kids to naturally understand why it's being restricted. Simply blocking the content leads to efforts to circumvent it.
I feel like the author, a person with a doctorate, is embarrassed that their child figured out how to 'hack' the parental controls. I digress.
Finally, children are regularly groomed on roblox, which is explicitly for kids. Most CSA cases involve a trusted family member / adult. Most child abductions are custodial.
I think that there's a lot more to be said about what's dangerous for kids online. Elsagate comes to mind, as does AI slop created for a child audience, or mobile games that kids can spend money on. However, these are fundamentally different issues than the ones the author brings up.
Unfortunately, the fact is, while some online content is really dangerous for kids, it's probably more the fact that it exists at all, rather than specific, controllable aspects of the web. Maybe parents should just not let their children have unfettered access to devices until it's age appropriate? Or just log what they consume, and be ready to discuss some really, really uncomfortable things.
From the article:
Can’t read the article. Does it go into specifics why the parental controls don’t work or what they don’t cover?
This is an archive link.
If that doesn't work for folks try this https://archive.is/MNnAa
They're often expensive, some of them don't work well across devices, they may not include things that seem obvious (like Snapchat as social media vs messaging), your kid can sneak onto your computer and grant themselves access, and you have to know the tools exist to find them, buy them and then find out they don't work on a laptop.
Essentially parents who are non-experts are being expected to be and that's just not realistic.
I think I hit the summary alright.
Mirror: https://archive.is/MNnAa
I don't have any kids, but if I had, I'd probably set up white lists for them. Every domain (and IP) is blocked until they come to me and ask permission to use it. Additionally, they could use the unfiltered web while I'm around, for example I'm cooking and they're at the kitchen table watching YouTube.
Are there any parents around that can explain why this wouldn't work?
Knowledge of how to set up a whitelist and protect it from a kid with more time than sense?
Works on your network only. I've dealt with it for years and even with the best intentions it still is a cat and mouse game. iOS vs Android vs Windows vs Chromebook. It is all stuff you have to manage independently and I am very tech savvy. I don't blame parents who don't bother, it is a huge pain in the ass.
Devices with their own internet connection (I.e. Smart phones) you have to manage separately, but for home computers/lan this can be done at the router.
You set the default outbound policy to deny, hole punch for a specific upstream dns resolver, set dnsmasq to populate a ipset which will be used for whitelisting with query responses (allow rule if dest in ipset).
Not required, but it makes the whole thing more seamless, setup DNS hijacking transparently pass all normal dns queries through the router's dnsmasq instance. You can also throw in a transparent intercepting proxy to protect against cases were good domains and bad domains share the same IPs because they're hosted by the same provider/reverse proxy (e.g. Cloudflare).
I do this to my various IoT devices, mostly as a learning exercise but it has some perks like ad blocking, update blocking, etc.
On my network yeah I have full control. Devices can travel and as such won't be constrained to your network. What happens when your kid needs to study with their Chromebook at school or at a grandparents house? Locking down the network is valid and has its place, but is only part of the overall strategy. It also is a much higher barrier for non-technical parents.
Once it's outside the network, it's game over. If you threat model it, the adversary has physical access on unsecured networks. Even still, I don't know the age children get chromebooks at school, but that's probably an age where you can't realistically protect them from the internet. They'll have access at friends houses, their friends phones, libraries, etc etc.
My comment is mostly a thought experiment, geared towards younger children that don't have their own devices, but perhaps you want to give them some autonomy to safely interact with the web.
At a certain age, it can't be helped, it's a matter of trust and having conversations, like most parenting.
Edit: I suppose, to more directly answer your question, I'd setup wireguard to route all traffic through the home router + firewall. This makes the per device configuration minimal, you just need to figure out how to install wireguard as an always on VPN and lock it down so the user can't disable it.