School’s Out, What are Your Kids Doing Online?

June 24, 2008 Family and Kids 3 Comments

This is something I wrote about last year but was lost when I converted to WordPress. I figured it would be good to revise/rewrite it now.

Now that school is out, what are your kids doing online? Summer months are always a time that is exciting for us and also poses some challenges. The school year brings a natural structure to the day and activities that surround it such as soccer, baseball, art club, music, etc.

I like to provide my kids as much freedom as possible on the computer and the Internet that is age appropriate. Of course “policing” this is a challenge. There are filtering and monitoring applications that are available, however just like in corporations you need to lay down your house rules (corporate policy) before you select and/or implement “parenting software.”

All of my kids are under 12, so our method is to keep the computers within sight at all times. The shared laptop is kept near the kitchen and is always used with one of us around to know what sites they are visiting or what applications they are running. We do use the built in Parental Controls on the laptop where we white list web sites as they need them and I utilize some of the rudimentary filtering in OpenDNS.  Again, part of the problem with software or services that do this is that if your kids want to find away around it they will.  This is why we keep the computer within sight.

How about when they go to their friends’ homes?

Good question. We will ask our kids to tell us where the computer is in their friends’ homes and if the computer is out of sight such as in a play room that’s in the basement or in their bedroom, then they cannot use it. I trust my kids and all I can do is hope that they do the right things.  In the past, my kids have walked out of their friend’s rooms or done something else.  The only way I know is that the other kid’s parent has told me.  So, so far so good.

The other part is of course educating your children on issues related to privacy, proper use of social networks (if at all), and online safety. My guess is that most of you who are tech savvy probably end up doing this for all of the children in your family. The “virtual” world is anything but that. The Internet, social networks, chat rooms are all part of the real world and encouraging that brings the point home. Although I was negative early on on social networks for younger kids, sites like Webkinz and Club Penguin have allowed us to ease into social networking with a safer environment and teach our kids how to interact with people they know and those they don’t know online. Our hope is that carries into more “mature” social networks. Review your kid’s social network profiles, preferably with them there.

There are a lot of great resources online regarding online safety

Here are a few:

Know where they are going and what they are doing, whether its online or not.  Good parenting in the online world is just good parenting. At the end of the day, the best thing you can do is to talk with your kids.

What do you do with your own kids?

[del.icio.us] [Digg] [Google] [Reddit] [Slashdot] [StumbleUpon] [Email] More »
Powered by Bookmarkify™

Weird Problem with Vista User Access Control (UAC)– solved

June 19, 2008 Enterpise, Vista No Comments

I came across an issue with Windows Vista recently at a client that had been dogging me for quite some time.

Fortunately, most of the client’s PCs here in New York run Windows XP, but one of the principles wanted a Tablet PC and I figured that Vista’s Tablet integration was much better than the specialized Windows XP Tablet Edition.

Although the client admin rights on his own laptop, each time he tried to install an application, the typical UAC dialog box would come up. The installation would continue and then would quit with an error trying to access the H: drive.

Well, the only H: drive that the client had was his network home directory. Why would the installer need access to that drive? The client had that drive mapped so it should have worked right?

The workaround for the past few months was to log in as a secondary local account on the computer in order to install applications. Of course this was a pain, but it minimized my time on the computer and at the client’s site so it was a win/win for both of us. Finally one day I was determined to figure out what was going on.

I couldn’t find anything in the registry, so I ran the Command Prompt as Administrator by Right-Clicking the Command Prompt shortcut and selecting “Run As Administrator.” This explicitly tells the computer that you’re running as full admin without the UAC stuff going off. However, this
“Run as Administrator” acts like a new account. The install still failed, but while looking around in this environment through the command prompt, I found the drive letter H: was not mapped. After mapping the drive letter, the install worked.

Ok, so now I know why it the install fails. When the privilege escalation takes place, the profile no longer has access to that H: drive. But why does it need the H: drive? It turns out the client was redirecting his My Documents to his home drive using a Drive Path setup (H:\My Documents) rather than UNC (\\server\homeshare\username\My Documents). By changing the redirection to use UNC paths, the problems went away for all installations.

Weird oddity, but interesting none-the-less. I’m wondering how this affects other installations particularly environment variable changes or registry changes.

[del.icio.us] [Digg] [Google] [Reddit] [Slashdot] [StumbleUpon] [Email] More »
Powered by Bookmarkify™

Apple’s Misstep with the iPhone Application Delivery

June 13, 2008 Enterpise 9 Comments

After watching the WWDC stuff this week I came to a realization that perhaps Apple did, but doesn’t care.  In working in IT Infrastructure for 12 years for a mid-tier financial firm.

From the Palm to the Blackberry, desktop syncing software was used early on to keep devices up to date.  When RIM went to a full wireless sync, this was a boon to IT administrators because not only was syncing done wirelessly, but so was application distribution and policy enforcement.

So why did Apple decide, after building a wireless application delivery infrastructure for consumers to utilize iTunes for iPhone application sync in the Enterprise?

iTunes, like other consumer media application, is largely banned in the enterprise.  The reasons are many including the fact its not a business applications, uses mDNS (bonjour) which has been exploited, issues with QuickTime, etc. Besides, any additional software increases the attack surface for an end-user.

So I see this a problem for those Enterprises that will embrace the iPhone as an application delivery platform.  Apple could have easily built an mini-AppStore application that could be sold or provided to Enterprises for application delivery or utilized the emailing feature that they have for developers. Or they can provide templates for managing the iTunes installations to pair down features via Group Policy (similar to what Skype has done).

My recommendation to my smaller clients will be related to the risk level they are willing to take.  Many will want to use iPhones and do not need the application delivery. But for those that want to use applications on the iPhone will need to determine if iTunes will be a necessary risk they are willing to take.

Damaged iPhone

For me, I’m looking for a way to turn my iPhone into a virtual iPod Touch (i.e. kill the phone service). Why? Well, one of my kids decided that sunscreen might help protect my phone from the sun and it seeped underneath the LCD.

Which gives me a good reason to get the 3G iPhone…I am a fanboy aren’t I? nuts….