Threat model: Parents

Gadit Bielman thetransintransgenic at gmail.com
Sun May 31 13:07:42 PDT 2015


DO children have any legal right to privacy from their parents (on
officially parent-owned devices)?

On Sun, May 31, 2015 at 3:51 PM, Markus Ottela <oottela at cs.helsinki.fi>
wrote:

>  Has the kid been told about his/her legal right to privacy from his/her
> parents?
>
> The most useful suggestion up until now has been use of Tails LiveUSB w/
> persistence.
> I'm not sure if Truecrypt is still bundled with Tails. If not, keeping the
> installer inside persistent volume isn't that inconvenient and use of
> steganographic volumes helps with the 5-dollar wrench problem.
>
> The kid has the right to be curious about computing, programming and
> whatnot, so it should be straightforward to explain why the distro needs to
> be installed. Avoiding the privacy side of discussion might also be
> beneficial.
>
>
> On 31.05.2015 22:35, Gadit Bielman wrote:
>
> Heh. Yeah, parents don't even need to try to find a 5$ wrench.
>
>  There are smartphone-spying stuff, also, though. (*cough-mSpy-cough*
> http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/
> )
> Are there any strategies to detecting that?
>
>  Also, money/resources is a major issue in this threat model -- I don't
> see it likely that a child/teenager will feel like 35$/year for a little
> more security is worth it. I'm not even sure if I wanna assume they'll be
> able to put down 50$ for a Raspberry Pi and USB mouse and Keyboard.
>
>  Using some sort of VM sounds like the best solution, because it allows
> for just minimizing when parents come to look. Unless, again, there is
> screenshotting going on -- in which case, how would you detect that, maybe
> running Tails as a VM and doing something that would definitely draw the
> parents but not compromise much in terms of online friendgroup,
> gender/sexual orientation they might be hiding, etc. Maybe looking at porn?
> That would have to take into account the consequences of that vs. the value
> of knowing that parents aren't looking.
>
>  But "VMs require specific drivers", I didn't know that. Shoot.
>
>  I wonder how well you could avoid problems by just using something like
> a Tails LiveUSB at night...
>
> On Sun, May 31, 2015 at 1:19 PM, Barton Gellman <otr at riseup.net> wrote:
>
>>   Honestly, people, some of these suggestions are like a parody of geek
>> advice to civilians ;-)
>>
>>  The kid will soon hit upon the same practical solution that his or her
>> peers all use: the smartphone (preferably with a VPN like Freedome), plus
>> browsing at a friend's house. Wiping, Linuxing and LUKSing a family PC will
>> escalate the real-life threat, and the kid's defenses will fall quickly to
>> the parental equivalent of that XKCD password cartoon.
>>
>>  If the kid has a need for full size keyboard and screen, and has a few
>> more technical chops than most, there are some alternatives:
>>
>>   * Boot up Tails in Windows camouflage mode. Choose More Options at
>> boot. Shoulder surfing will probably bust him/her anyway, sooner or later.
>>  * Make one of those WinPE Windows USB drives, if real Windows is
>> required. Last time I looked this wasn't that easy.
>>  * Get a small, fast external drive and install the OS of choice. If the
>> host is a Mac, use Carbon Copy Cloner (or dd) to copy an existing machine
>> to the external drive, or do a fresh installation there. For Linux, choose
>> your flavor.
>>   * Get a Raspberry Pi and hook it to the keyboard and screen, at times
>> when you don't expect interruption.
>>   * A virtual machine may be possible on the monitored host, if the
>> required drivers are already present. Probably not. See
>> http://www.vbox.me/. If anyone knows a VM that works without admin
>> rights, speak up.
>>
>>  Bart
>>
>>  Barton Gellman
>> @bartongellman
>> bartongellman.con
>>
>> On May 31, 2015, at 12:00 PM, cypherpunks-request at cpunks.org wrote:
>>
>>   On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman <
>> thetransintransgenic at gmail.com> wrote:
>>
>>  Hi.
>>
>>
>>   I'm trying to help (probably badly, but..) a friend deal with parents
>>
>>  that
>>
>>  they expect are spying on them.
>>
>>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 8319 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20150531/7fb95aeb/attachment-0002.txt>


More information about the cypherpunks mailing list