Cyber Security: How to protect your kids online

Cyber Security: How to protect your kids online

To be blunt  (no insult intended),  most parents are not very computer literate and as a result are also oblivious the dangers of letting their kids loose on the Internet. This is not specifically because you are parents but simply a statistic based on research that shows that 69% of the population are not very computer literate and 26% cannot use a computer at all. In most cases, your kids are probably more computer literate than you are.

But while your kids might be better with technology, they have ZERO knowledge or experience of staying safe online, and will probably happily look at much of the stuff you would rather they didn’t.

Are you aware of the most common dangers that the Internet and social media (Facebook, twitter etc) present?  children are regularly bullied online, your little darling could even be the one doing the bullying and this cyber-bullying has led to many children committing suicide. They can be easily manipulated into performing any number of dangerous or perverted acts, or groomed into meeting a sexual predator.

Using the internet without protection can also cause you a lot of damage, and if you are allowing your child to use your computer or tablet, then you could end up being the target of cyber-crime. Everything from malware and ransomware attacks, trojans and bots using your computer to attack other people to identity theft, and emptying your bank account.

Just as you do in the real world, you need to offer guidance, set boundaries, and, depending on your child’s age and maturity level, carry out some safeguards.

You also need to be aware of where the threats are coming from, so it is your responsibility as a parent to educate yourself about online security.

I do of course lock down my home internet connection and my kids phones, but if the parents of your kids friends do not do the same, then they can simply go to their friend’s houses to use their insecure internet connection to look at porn and whatever else unencumbered, thus bypassing your efforts. So these are practices you not only need to put into place yourself but ideally encourage your school to promote them as well, post them on social media for other parents to see as well.

If you need help in getting your home network and devices secure, then I can provide this as a service, which in most cases I can do remotely, but can also offer on site support if you are based in Thanet.

 

10 Things You Can Do Right Away to Protect Your Children


1.  Make YouTube safe for your kids

YouTube is the new children’s TV.

It is one of the most popular sites out there, but not all of those videos might be appropriate for your children. even those innocent-seeming Minecraft videos are sometimes full of swearing.

But the site does have some safety features, and you should take advantage of them, although be warned that there is nothing to stop a savvy child from turning this setting off again.

On the desktop site, if you scroll down to the bottom of the screen, there’s a “Restricted Mode” setting that hides videos that have been flagged as containing inappropriate content.

In the mobile apps, click on the three dots at the top right and click on Settings > General and scroll down until you see the “Restricted Mode” option.

2.  Help your kids set the privacy controls on their social media accounts

Most social media sites have an age limit of 13, but kids sign up regardless and lie about their age, and frankly, if they have the ability to do this behind your back anyway, then you are better off at least letting them do it so you can monitor their activity.

If your children share messages, pictures or videos on Facebook, Instagram and other social media platforms, they might not be aware of who can see their posts, in fact, many adults do not realise that everything they post/share is public by default.

Most apps do have privacy settings, however, letting your children control who they let into theirrealize

Here are the links to information about the privacy settings on the most popular apps:

 

3.  Install anti-virus on your computers and mobile devices

Children are just as vulnerable as the rest of us, if not more so, to clicking on bad links and downloading malicious software. Every device that is connected to the internet needs to be protected from malware.

There are some of the most popular free products available from trustworthy brands. Bear in mind that the FREE versions are limited.

If you are happy to pay for your protection and security product, then I recommend the premium edition of BitDefender, which has consistently been the #1 in the industry. If you have multiple devices in your household, then the BitDefender family pack is a great deal to protect them all.

4.  Set up separate accounts for your kids on your computers

If you share a device with your children, then you need to setup a separate account/user for them. Each account would have its own home screen and, depending on the device and platform, a different selection of features, apps, and permissions.

Not only does this help you protect your own data — or video recommendations — but you can also set up customized security and privacy settings for each child.

On Windows computers, you can set up a new user account for you children. Go to Settings > Accounts > Add a family member > Add a child.

Windows 10 Kids Account

You can blog specific apps, games, or websites, or set screen time limits. Visit https://account.microsoft.com/family for more information. Although I would not rely on this alone, as Microsoft family safety has proved to be notoriously unreliable and randomly breaks.

On Apple computers, you can set up Parental Controls for some user accounts, where you can, for example, restrict access to adult websites. Learn more here: https://support.apple.com/en-us/HT201813

5.  Set up separate accounts for your kids on your mobile devices

Android parental controlTablets and smartphones also allow multiple user accounts on the same device.

On Android tablets, you can create a restricted account for your child, with limits on which apps they can use.

On Android phones, you can create a new user account for your child, but the only account restriction currently available is to turn off the ability to make phone calls and send text messages. However, you can restrict their Google Play account. Go to Settings > Parental controls and turn them on. You will able to set specific content restrictions on apps and games, movies, TV, books, and music.

On the Apple side, iPhones and iPads have controls for apps and features, content, and private settings. Launch the Settings app and go to General > Restrictions and tap on “Enable Restrictions.”

6.  Secure your gaming systems

Don’t forget that your gaming console is also an Internet device these days. Children can download games and make in-game purchases, and even surf the Web.

Most devices have parental control features that allow you to restrict the kind of content your children can get, limit their purchases, and restrict or turn off their Web browsing.

7.  Consider using kid-safe browsers and search engines

For added control, you can install a kid-safe web browser for your children to use.

Zoodles, for example, offers a child-safe environment, and there’s a free version for Windows PCs and Macs, and for Android and iOS tablets and smartphones. The premium version, which costs $8 a month, includes ad blocking, time limits, and other features.

Another alternative kid-safe browser is Maxthon.

There are also some built-in tools in the browsers you’re already using.

If you use the Chrome browser, you can set up a “supervised profile” that will block explicit search results, show you what websites your children visited, and even restrict what websites they can go to. The way the restrictions work is that you can either have a list of approved websites, where your children can only visit the sites on this list, or a list of restricted websites where they can visit any website except for the ones you’ve banned.

More information here: https://support.google.com/chrome/answer/3463947/?hl=en

Also check out these kid-safe search engines:

 

8.  Lock in apps for youngest children

If you want to be able to hand your phone to your child to play with in the back seat of the car without worrying about them messing up your phone or surfing the web for creepy content, what you can do is open up an app for the child and then set it up so that they can’t exit the app.

On phones running Android 5 and higher, it’s called “screen pinning.” First, go to Settings > Security > Screen pinning and turn it on and also enable “Ask for PIN before unpinning.” Then load your app, hit the overview button — the little square on the bottom right — and swipe up until you see a pin icon come up in the lower right corner. Now your child will need your PIN in order to switch apps.

Screen Pinning on Android

On iPhones and iPads, this is called “Guided Access.” First, go to Settings > General > Accessibility > Guided Access to set up Guided Access. Then when you’re in the app you want to lock in, triple-click the home button to bring up the Guided Access settings. You can turn off Guided Access either with a PIN or by setting it up to work with your Touch ID through Settings > General > Accessibility > Guided Access > Passcode Settings.

9.  Consider using an app that limits the time your child spends online

According to the Pew Research Institute, 50 percent of parents have used parental control tools to block, monitor, or filter their child’s online activities.

The ScreenTime app is available for Apple, Android and Amazon devices. The app is free for one child and includes the ability to monitor the device remotely and to see your child’s web and search history. A $4-per-month premium version adds daily time limits, the ability to block apps, and block the use of the device during school hours or after bedtime.

Alternative apps:

There are also some James Bond-type apps out there that will let you track your child’s location, read their emails and text messages, and spy on their Snapchats and other communications.

Be careful with these. Do you want to lose your child’s trust? And do you really want to engage in a cyber war with a teenager, where they escalate to using anti-spyware applications and burner phones?
When dealing with older children, explain to them why you are using these parental control apps, that you are only protecting them, and tracking them in case something happens to them so you can find them. Remember that you would not be happy with this level of control, especially if it was forced on you with no explanations.

10.  Make sure your kids are only using safe chat rooms

Some kid-friendly platforms offer chat rooms where kids can talk to other kids. Vet the sites first, to make sure that the chat rooms are monitored.

In addition, teach your kids not to share their real identities on such platforms, and use anonymous screen names, instead.

Teach, Educate and Talk with Your Children


11.  Teach your children not to respond to messages from strangers

If they get a text message, instant message, email or social media message from someone they don’t know — they should just delete it.

Make sure they know not to open it, not to respond to it, and, of course, not to click on any links or attachments.

If those girls from Pretty Little Liars followed that advice, the show would have been over after one episode.

12.  Educate your children about the risks of “sexting”

Last year, in a report to the U.S. Congress, the Justice Department revealed that the most significantly growing threat to children was something called “sextortion.”

It’s bad enough when minors send nude images of themselves to boyfriends or girlfriends, and those images then get distributed to others.

In addition to the psychological damage, children who both send and receive the “sexts” are breaking the law — and could result in prosecution and even registration as a sex offender.

And it gets worse.

According to the FBI, the “sextortionists” have gone pro, with individual criminals targeting hundreds of children each. They pretend to be the same age as their victims, trick or coerce them into producing child pornography for them — and even get them to recruit friends and siblings.

In a review of 43 such cases, the FBI found that two victims committed suicide, and ten others attempted to kill themselves. Victims also have their grades decline, drop out of school, get depressed, and engage in cutting or other types of self harm.

According to the National Center for Missing and Exploited Children, reports of sextortion were up 150 percent during the first several months of 2016 compared to the same time period in 2014. 

In 4 percent of the sextortion reports, the children engaged in self-harm, threatened suicide or attempted suicide as a result of the victimization, the Center said.

13.  Warn your kids about file sharing

Uploading illegal files is, of course, illegal.

And so is downloading, though fewer media companies seem to be prosecuting kids these days.

But downloading illegal files also carries other risks, such as viruses.

Fortunately, there are now many free and low-cost services out there where kids and teens can get videos and music.

14.  Warn your kids about online polls and surveys

There are lot of fun, harmless polls out there, like the one that tells you what kind of poodle you are.

Others ask for too much personal information, and could land your kids on spammers’ email lists, or open them up to identity theft.

Many adults have a separate, throw-away email account for when they need to provide an email address in order to register for something. If your child have a legitimate reason to fill in questionnaires that require an email address, consider helping them set up a throw-away email account of their own.

15.  Warn your kids about getting too close to strangers

When you’re meeting someone for the first time after, say, communicating with them via an online dating app, you know to set the meeting in a public location, such as a coffee house, and to let friends know where you are.

This is common sense.

But children and teenagers often lack that basic common sense — or might be tricked into keeping their online relationships secret.

Of course, predators can also communicate with potential targets via traditional mail, or meet them at bus stops. But the Internet allows them to scale up their activities dramatically.

Attackers can use online relationships to lure children to meet them in person. Or, more frequently, they will try to trick children into making unnecessary purchases, or sharing information, photos, or videos.

Know your children’s online friends. And, just as with regular friends, confirm their identities, and talk to those kids’ parents. If those “kids” are, in fact, kids.

16.  Help your children deal with cyberbullying

Cyberbullying affects up to 15 percent of children, according to a report released last year by the National Academies of Sciences, Engineering, and Medicine.

And the rates are even higher for children who are overweight, disabled, or LGBT, or members of a minority group.

Victims have physical problems such as sleeping, upset stomachs, and headaches and also suffer psychological effects, such as depression, anxiety and alcohol and drug use.

Let your kids know that they can turn to you for help, and find out what resources are available from your local schools.

You should save messages and other evidence of the cyberbullying and report the bully to the social media platform, telephone or Internet service provider, school, or local law enforcement authorities. In addition, you should block the bully from your child’s social media, telephone, or email accounts.

More information here:

17.  Set a good example

How many baby pictures and vacation photos have you posted online? Before lecturing your kids about staying safe, make sure that you yourself are a good model. Learn about the privacy settings in the social media apps you use most, then check that you aren’t sharing private, personal moments with the whole Internet.

Also, don’t drive while texting or talking on the phone.

Wait until we all have those self-driving cars, and do your texting then.

18.  Set rules about what your kids can share online

As an adult, you know to be careful about what information you post online. You know not to share your financial information or social security numbers with strangers.

Make sure your kids know the rules and understand the reasons behind them. Even seemingly innocuous information, like vacation pictures, can let criminals know when your house is empty.

Some information, like funny picture of your cat in the snow, can be shared with everyone. Some information, like vacation plans, can be shared with family and close friends. And some things should never be shared online at all.

In addition, the recommended age for children to have their own social media accounts is 13.

The Family Online Safety Institute has a sample family online safety contract here: https://www.fosi.org/good-digital-parenting/family-online-safety-contract/

19.  Add your kids as “Friend”

If your children have their own accounts on Twitter, Facebook, Google Plus, Instagram, Snapchat or other social media sites, follow or friend them.

Don’t let your kids tell you that other parents don’t do this. According to the Pew Research Center, 83 percent of parents are friends with their teenage child on Facebook.

You’ll be able to see if they are posting inappropriate things online and can step in before problems escalate.

It’s not foolproof — there are ways that children can keep their communications hidden from you. And if you are too heavy-handed in your monitoring, it may cause your children to be more secretive.

20.  Set limits on how much time your children can spend online

According to a recent national survey, tweens spend an average of six hours a day with their devices, and that’s not including the time spent on school or homework. And teens spend an amazing nine hours a day staring at their screens..

Sure, some of that is listening to Spotify while exercising. But the bulk of the time is spent watching videos, playing games, and using social media.

The American Academy of Pediatrics used to recommend that children under two should not have any screen time at all, and had very conservative limits for screen time for older children. In late 2016, the organization re-evaluated current research and loosed its recommendations.

Some screen time, such as video chats with relatives, or educational applications, can be very valuable, even for the youngest children.

Now, the organization suggests that families create a Family Media Plan.

However, the organization recommends that parents limit the use of screens during meals, and for an hour before bedtime. Also, phones and tables shouldn’t be charged overnight in the child’s bedroom, to limit the temptation to check the devices at all hours of the night.

21.  Additional resources

Internet Matters: Resources for parents looking to keep children safe online, with age-specific how-to guides, free apps, and device safety checklists. https://www.internetmatters.org/

Family Online Safety Institute: Parenting guides and news and reports about online safety issues. https://www.fosi.org/

Safe, Smart & Social: Social media training guides and safety tips for parents and educators. https://safesmartsocial.com/

Thanks go to John Mason for most of this content, who conveniently emailed me which reminded me I had this article in draft, so saved me a lot of typing.

Linux can be hacked using only the backspace key

As any I.T. person will know, Linux geeks consider Linux to be the most secure OS on the planet, and many will even claim it is so secure and un-hackable that they do not need any malware protection or such. So it is ironic that a Linux hack has now been discovered which is probably the worst and simplest hack ever discovered, far worse than any hack or vulnerability ever discovered for Windows. If you press the backspace key 28 times on a locked-down Linux machine you want to access, a Grub2 bootloader flaw will allow you to break through password protection and wreck havoc in the system.

Researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at Universitat Politècnica de València recently discovered the vulnerability within GRUB, the bootloader used by most Linux distros.

As reported by PC World, the bootloader is used to initialize a Linux system at start and uses a password management system to protect boot entries — which not only prevents tampering but also can be used to disable peripheries such as CD-ROMs and USB ports.

Without GRUB password protection, an attacker could also boot a system from a live USB key, switching the operating system in order to access files stored on the machine’s hard drives.

The researchers discovered the flaw within GRUB2, of which versions 1.98 to 2.02 are affected. These versions were released between 2009 and today, which makes the vulnerability a long-standing and serious problem.

In a security advisory, Marco and Ripoli said the bootloader is used by most Linux distributions, resulting in an “incalculable number of affected devices.”

Exploiting the flaw — and checking if you are vulnerable — is simple. When the bootloader asks for a username, simply press the backspace button 28 times. If vulnerable, the machine will reboot or you will encounter a Grub rescue shell.

The shell grants a user a full set of admin privileges — within the rescue function only — to load customised kernels and operating systems, install rootkits, download the full disc or destroy all data on a machine.

The researchers say the fault lies within two functions; the grub_password_get() function and the andgrub_password_get() script which suffer integer overflow problems. Exploiting the flaw causes out of bounds overwrite memory errors. When a user presses backspace, the bootloader is erasing characters which do not exist — damaging its memory enough to trigger an exception in authentication protocols.

Not only does the vulnerability give attackers the chance to steal data and tamper with peripherals and passwords, but Linux entries can be modified to deploy malware.

While there is an emergency patch available on Github for Linux users, the main vendors have been made aware of this security flaw. It is recommended that users update their machines as soon as patches have been deployed, but it is worth noting an attacker needs physical access to the machine to exploit the flaw.