Windows has Limited User account, Family Safety in the control panel, and a advanced Firewall. 3rd party Net Nanny was\is a net filtering\alerting software that had visiting-server-side support in case the kid knew how to onion route or obfuscate a url or ip.
limited, as in, not an administrator? that does not help much with limiting a kids computer use.
family safety only works for the microsoft edge browser, which is not at all private. and it seems it requires a microsoft account, and accepting its shitty terms of service and privacy policy.
netnanny seems to require a microsoft account too.
Androids can install firewall software like PersonalDNSFilter, AdGuardDNS, or RethinkDNS (the premium version creates for you a custom dns server – no software needed.
and they can’t be just disabled by the user of the device, right?
these and pihole… are useful but not for this. even if they can’t disable the system VPN app, the kid just enables secure DNS in either firefox or chrome, and bam! its worked around.
Correct. A (non-admistrator) user of a Android cannot disable software. This too also applies to a Windows Limited user.
Pi-Hole + packet inspection + whitelisting + switch routing = universal lockdown against every known form of data obfuscation. This is now a server machine.
Switch routing is network hardware that manages only one side\subnet\layer of clients – it’s like one layer of an onion will only ever see the next layer.
limited, as in, not an administrator? that does not help much with limiting a kids computer use.
family safety only works for the microsoft edge browser, which is not at all private. and it seems it requires a microsoft account, and accepting its shitty terms of service and privacy policy.
netnanny seems to require a microsoft account too.
and they can’t be just disabled by the user of the device, right?
these and pihole… are useful but not for this. even if they can’t disable the system VPN app, the kid just enables secure DNS in either firefox or chrome, and bam! its worked around.
Correct. A (non-admistrator) user of a Android cannot disable software. This too also applies to a Windows Limited user.
Pi-Hole + packet inspection + whitelisting + switch routing = universal lockdown against every known form of data obfuscation. This is now a server machine.
switch routing? what is that? and what solution do you use for packet inspection?
Switch routing is network hardware that manages only one side\subnet\layer of clients – it’s like one layer of an onion will only ever see the next layer.
This reddit thread cites a real-world parent’s example of packet inspection solutions…
https://www.reddit.com/r/selfhosted/comments/piarcj/selfhosted_parental_control/