Re: Threat model: Parents
Honestly, people, some of these suggestions are like a parody of geek advice to civilians ;-) The kid will soon hit upon the same practical solution that his or her peers all use: the smartphone (preferably with a VPN like Freedome), plus browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will escalate the real-life threat, and the kid's defenses will fall quickly to the parental equivalent of that XKCD password cartoon. If the kid has a need for full size keyboard and screen, and has a few more technical chops than most, there are some alternatives: * Boot up Tails in Windows camouflage mode. Choose More Options at boot. Shoulder surfing will probably bust him/her anyway, sooner or later. * Make one of those WinPE Windows USB drives, if real Windows is required. Last time I looked this wasn't that easy. * Get a small, fast external drive and install the OS of choice. If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine to the external drive, or do a fresh installation there. For Linux, choose your flavor. * Get a Raspberry Pi and hook it to the keyboard and screen, at times when you don't expect interruption. * A virtual machine may be possible on the monitored host, if the required drivers are already present. Probably not. See http://www.vbox.me/. If anyone knows a VM that works without admin rights, speak up. Bart Barton Gellman @bartongellman bartongellman.con On May 31, 2015, at 12:00 PM, cypherpunks-request@cpunks.org wrote:
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic@gmail.com> wrote: Hi.
I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them.
Heh. Yeah, parents don't even need to try to find a 5$ wrench. There are smartphone-spying stuff, also, though. (*cough-mSpy-cough* http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-cus... ) Are there any strategies to detecting that? Also, money/resources is a major issue in this threat model -- I don't see it likely that a child/teenager will feel like 35$/year for a little more security is worth it. I'm not even sure if I wanna assume they'll be able to put down 50$ for a Raspberry Pi and USB mouse and Keyboard. Using some sort of VM sounds like the best solution, because it allows for just minimizing when parents come to look. Unless, again, there is screenshotting going on -- in which case, how would you detect that, maybe running Tails as a VM and doing something that would definitely draw the parents but not compromise much in terms of online friendgroup, gender/sexual orientation they might be hiding, etc. Maybe looking at porn? That would have to take into account the consequences of that vs. the value of knowing that parents aren't looking. But "VMs require specific drivers", I didn't know that. Shoot. I wonder how well you could avoid problems by just using something like a Tails LiveUSB at night... On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr@riseup.net> wrote:
Honestly, people, some of these suggestions are like a parody of geek advice to civilians ;-)
The kid will soon hit upon the same practical solution that his or her peers all use: the smartphone (preferably with a VPN like Freedome), plus browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will escalate the real-life threat, and the kid's defenses will fall quickly to the parental equivalent of that XKCD password cartoon.
If the kid has a need for full size keyboard and screen, and has a few more technical chops than most, there are some alternatives:
* Boot up Tails in Windows camouflage mode. Choose More Options at boot. Shoulder surfing will probably bust him/her anyway, sooner or later. * Make one of those WinPE Windows USB drives, if real Windows is required. Last time I looked this wasn't that easy. * Get a small, fast external drive and install the OS of choice. If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine to the external drive, or do a fresh installation there. For Linux, choose your flavor. * Get a Raspberry Pi and hook it to the keyboard and screen, at times when you don't expect interruption. * A virtual machine may be possible on the monitored host, if the required drivers are already present. Probably not. See http://www.vbox.me/. If anyone knows a VM that works without admin rights, speak up.
Bart
Barton Gellman @bartongellman bartongellman.con
On May 31, 2015, at 12:00 PM, cypherpunks-request@cpunks.org wrote:
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman < thetransintransgenic@gmail.com> wrote:
Hi.
I'm trying to help (probably badly, but..) a friend deal with parents
that
they expect are spying on them.
Has the kid been told about his/her legal right to privacy from his/her parents? The most useful suggestion up until now has been use of Tails LiveUSB w/ persistence. I'm not sure if Truecrypt is still bundled with Tails. If not, keeping the installer inside persistent volume isn't that inconvenient and use of steganographic volumes helps with the 5-dollar wrench problem. The kid has the right to be curious about computing, programming and whatnot, so it should be straightforward to explain why the distro needs to be installed. Avoiding the privacy side of discussion might also be beneficial. On 31.05.2015 22:35, Gadit Bielman wrote:
Heh. Yeah, parents don't even need to try to find a 5$ wrench.
There are smartphone-spying stuff, also, though. (*cough-mSpy-cough* http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-cus... ) Are there any strategies to detecting that?
Also, money/resources is a major issue in this threat model -- I don't see it likely that a child/teenager will feel like 35$/year for a little more security is worth it. I'm not even sure if I wanna assume they'll be able to put down 50$ for a Raspberry Pi and USB mouse and Keyboard.
Using some sort of VM sounds like the best solution, because it allows for just minimizing when parents come to look. Unless, again, there is screenshotting going on -- in which case, how would you detect that, maybe running Tails as a VM and doing something that would definitely draw the parents but not compromise much in terms of online friendgroup, gender/sexual orientation they might be hiding, etc. Maybe looking at porn? That would have to take into account the consequences of that vs. the value of knowing that parents aren't looking.
But "VMs require specific drivers", I didn't know that. Shoot.
I wonder how well you could avoid problems by just using something like a Tails LiveUSB at night...
On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr@riseup.net <mailto:otr@riseup.net>> wrote:
Honestly, people, some of these suggestions are like a parody of geek advice to civilians ;-)
The kid will soon hit upon the same practical solution that his or her peers all use: the smartphone (preferably with a VPN like Freedome), plus browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will escalate the real-life threat, and the kid's defenses will fall quickly to the parental equivalent of that XKCD password cartoon.
If the kid has a need for full size keyboard and screen, and has a few more technical chops than most, there are some alternatives:
* Boot up Tails in Windows camouflage mode. Choose More Options at boot. Shoulder surfing will probably bust him/her anyway, sooner or later. * Make one of those WinPE Windows USB drives, if real Windows is required. Last time I looked this wasn't that easy. * Get a small, fast external drive and install the OS of choice. If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine to the external drive, or do a fresh installation there. For Linux, choose your flavor. * Get a Raspberry Pi and hook it to the keyboard and screen, at times when you don't expect interruption. * A virtual machine may be possible on the monitored host, if the required drivers are already present. Probably not. See http://www.vbox.me/. If anyone knows a VM that works without admin rights, speak up.
Bart
Barton Gellman @bartongellman bartongellman.con
On May 31, 2015, at 12:00 PM, cypherpunks-request@cpunks.org <mailto:cypherpunks-request@cpunks.org> wrote:
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <thetransintransgenic@gmail.com <mailto:thetransintransgenic@gmail.com>> wrote: Hi.
I'm trying to help (probably badly, but..) a friend deal with parents that they expect are spying on them.
DO children have any legal right to privacy from their parents (on officially parent-owned devices)? On Sun, May 31, 2015 at 3:51 PM, Markus Ottela <oottela@cs.helsinki.fi> wrote:
Has the kid been told about his/her legal right to privacy from his/her parents?
The most useful suggestion up until now has been use of Tails LiveUSB w/ persistence. I'm not sure if Truecrypt is still bundled with Tails. If not, keeping the installer inside persistent volume isn't that inconvenient and use of steganographic volumes helps with the 5-dollar wrench problem.
The kid has the right to be curious about computing, programming and whatnot, so it should be straightforward to explain why the distro needs to be installed. Avoiding the privacy side of discussion might also be beneficial.
On 31.05.2015 22:35, Gadit Bielman wrote:
Heh. Yeah, parents don't even need to try to find a 5$ wrench.
There are smartphone-spying stuff, also, though. (*cough-mSpy-cough* http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-cus... ) Are there any strategies to detecting that?
Also, money/resources is a major issue in this threat model -- I don't see it likely that a child/teenager will feel like 35$/year for a little more security is worth it. I'm not even sure if I wanna assume they'll be able to put down 50$ for a Raspberry Pi and USB mouse and Keyboard.
Using some sort of VM sounds like the best solution, because it allows for just minimizing when parents come to look. Unless, again, there is screenshotting going on -- in which case, how would you detect that, maybe running Tails as a VM and doing something that would definitely draw the parents but not compromise much in terms of online friendgroup, gender/sexual orientation they might be hiding, etc. Maybe looking at porn? That would have to take into account the consequences of that vs. the value of knowing that parents aren't looking.
But "VMs require specific drivers", I didn't know that. Shoot.
I wonder how well you could avoid problems by just using something like a Tails LiveUSB at night...
On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr@riseup.net> wrote:
Honestly, people, some of these suggestions are like a parody of geek advice to civilians ;-)
The kid will soon hit upon the same practical solution that his or her peers all use: the smartphone (preferably with a VPN like Freedome), plus browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will escalate the real-life threat, and the kid's defenses will fall quickly to the parental equivalent of that XKCD password cartoon.
If the kid has a need for full size keyboard and screen, and has a few more technical chops than most, there are some alternatives:
* Boot up Tails in Windows camouflage mode. Choose More Options at boot. Shoulder surfing will probably bust him/her anyway, sooner or later. * Make one of those WinPE Windows USB drives, if real Windows is required. Last time I looked this wasn't that easy. * Get a small, fast external drive and install the OS of choice. If the host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine to the external drive, or do a fresh installation there. For Linux, choose your flavor. * Get a Raspberry Pi and hook it to the keyboard and screen, at times when you don't expect interruption. * A virtual machine may be possible on the monitored host, if the required drivers are already present. Probably not. See http://www.vbox.me/. If anyone knows a VM that works without admin rights, speak up.
Bart
Barton Gellman @bartongellman bartongellman.con
On May 31, 2015, at 12:00 PM, cypherpunks-request@cpunks.org wrote:
On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman < thetransintransgenic@gmail.com> wrote:
Hi.
I'm trying to help (probably badly, but..) a friend deal with parents
that
they expect are spying on them.
participants (3)
-
Barton Gellman
-
Gadit Bielman
-
Markus Ottela