If one or more of those terms don't mean anything to you, don't worry about it. Take "virtual machines" for example. The average American doesn't use (and doesn't need to use) them. I'm simply pointing out that we don't fit the average American technology profile in training, equipment, or software.
And to get to the point, our lack of "normality" means that many Internet Safety devices and software just do not fit our needs.
I worry a lot about Internet safety for our kids. I'm primarily worried about pornography. So far, we just don't let the kids use I/M or Facebook, and I feel like those issues can be largely concerned with appropriate training. But pornography, like a drug, can be life altering after just one accidental exposure.
Our solution has been to limit the kids use of the Internet to very limited, targeted sites when monitored directly by a parent. All portable Internet devices are reserved to parents, and non-portable devices are in wide-open, public spaces.
But the fact of the matter is, Alex is reaching an age where the Internet would be useful for research and academics, and it will be unrealistic for us to monitor him every minute. I've known for the last year, or so, that we needed Internet protections in one form or another, and I was frustrated by how our technology situation did not seem to be addressed.
Finally, the other day, I found something that looked really promising. I heard about "http://esafekids.com" from the "http://www.internetsafetyproject.org/" (run by my old advisor Dr. Charles Knutson). It looked like exactly what I needed. I thought that the device they were selling would sit between my home network and the outside world, filtering sites and monitoring traffic. I assumed that, like many home network devices, it would have a web interface.
So, I ordered it to the tune of $120. It arrived a few days later and I opened it up to plug it in.
Well, I was shocked to find out that the device has no local web interface. Curious, I looked into it further and was even more shocked to find out that you were supposed to control it from the esafekids website! That seemed really strange to me and I called their tech support.
Not only did their rep confirm that you control the device from their servers, but he also told me that all your information is sent over the Internet to their servers WITHOUT ENCRYPTION. That is a privacy risk that blows my mind! I couldn't imagine such an insane, dangerous device and I told the rep that they were risking a lawsuit.
The device is boxed up, and I'm sending it back for a refund tomorrow.
The take away message is, be extra careful with people who are going to monitor your network. Malice should not be your biggest worry because Incompetence will almost always do the lion's share of the damage. But your private information is very valuable and you should always look twice (or more!) at people offering to handle your valuables.
Just some follow up on your post:
ReplyDelete1. eSafekids now uses full SSL on all data communications.
2. All data seen by eSafekids already travels on the Internet in clear text. eSafekids did not increase any risk, but simply gathered those information for parents to see.
Todd @ eSafekids
Todd,
ReplyDeleteYou are incorrect. eSafeKids does, in fact, increase the risk of privacy loss. There are three problems with moving data off the local network to your servers.
1. Aggregated data is more "private" than the sum of it's parts because the aggregate data reveals information itself.
2. Having all of your customers data in a single location is a honey pot for information thieves. I might not be targeted individually, but your customer records might be.
3. *you* have access to all of my data. No matter your privacy policy, I run the risk of a rouge employee getting curious.
I want nothing to do wiu your product.
(the openDNS solution I use runs some of the same risks, but it is mitigated. Curious parties can ask me for details.)