Threat Model: Parents

Sun May 31 02:33:04 PDT 2015

I'm not one to call parents who surveil children "Orwellian": a parent's job is to prepare a child for the world and protect them from the world. Some parent:child combos are trusting and the children are sane. Others, not; and it is *not* always the parent's fault if their kids aren't well-behaved human beings as teens.

That said, it's a teenager's prerogative to explore what it means to be an adult as they approach the day they take ownership of themselves, and to push boundaries and make mistakes. So, push-back and assertion of self and future rights is normal, too. 

On 31 May 2015 09:51:02 GMT+01:00, nerv <nerv at fastmail.fm> wrote:
>On Sun, 31 May 2015 01:48:10 -0600
>Mirimir <mirimir at riseup.net> wrote:
>
>> On 05/31/2015 12:15 AM, Cathal (Phone) wrote:
>> > Wipe the machine, install fresh and clean Linux, and then password
>> > lock the BIOS.
>> 
>> That's excellent advice ... to someone who owns the machine. I'd say
>> also to use LUKS. But maybe here that would dramatically escalate the
>> confrontation. And there's also the lack of physical security.
>> 
>> Zenaan's advice is more appropriate in a child-parent context. If
>> that's impossible, the best option is probably doing private stuff
>> elsewhere.
>
>I think trying to go against the parents themselves would be a bad idea
>unless you know they can be reasoned with, but having a look seems only
>fair, their children should know to what degree they should trust their
>computer. 
>
>I would personally use software such as process explorer and tcpview to
>get an idea of what is running (assuming they use windows here), but if
>you think the parents may be using something stronger than your usual
>parental control tool maybe booting the system from a live cd and
>having a look at what may be hidden from regular process managers
>(might be a bit extreme, I'm not sure any parent would go that far, but
>it will be pretty effective, and maybe less of a chore. If they really
>are monitoring all activity on the computer they might deduce that they
>are "busted", it might even "incriminate" you once they realize that
>their kids shouldn't know that much about computers.)
>
>In any case, the most likely is that they use some basic software and
>just "manually" check what was the machine used for, so a small
>introduction (if needed) about using computers (and the right
>tools) safely and cleanly might just be enough to stop Orwellian
>parents.
>
>I never contributed to a mailing list before, hope I didn't fucked it
>up 
>Cheers
>
>
>> > On 31 May 2015 03:24:45 GMT+01:00, Gadit Bielman
>> > <thetransintransgenic at gmail.com> wrote:
>> >> Hi.
>> >>
>> >> I'm trying to help (probably badly, but..) a friend deal with
>> >> parents that
>> >> they expect are spying on them.
>> >> I know that in general, it's impossible to secure a computer that
>> >> you can't
>> >> trust and don't necessarily have administrator privileges to.
>> >>
>> >> But their parents are not exactly the NSA -- any spying that's
>> >> happening is
>> >> almost definitely some sort of product, plus basic things like
>> >> maybe looking through their history. (I don't know much about
>> >> they're situation
>> >> -- maybe they know more, so
>> >> well-if-you-know-they-do-this-then-you-could-do-this type advice
>> >> would still be helpful.)
>> >>
>> >> Would antivirus be able to detect spy-on-your-kids products? Would
>> >> they be
>> >> able to scan their computer with like Immunet or something, even
>if
>> >> they
>> >> didn't have administrator privileges?
>> >>
>> >> Tor would probably help -- unless the monitoring was looking at
>> >> the RAM or
>> >> something for website names, which would be way overkill on a
>> >> commercial
>> >> product, no? Or (more likely) if it was taking screenshots at
>> >> regular intervals, which would also break running a VM or
>> >> something. (Is there any
>> >> way to detect taking screenshots?)
>> >>
>> >> I know probably the best thing would be running TAILS as a LiveCD
>> >> -- the
>> >> problem with that is that it's REALLY obvious over-the-shoulder.
>> >>
>> >>
>> >> Um, thoughts about any of those?
>> >> Any other things about parents as a threat model in general?
>> >>
>> >> I know this is pretty far from what is usually discussed on here,
>> >> but I'm
>> >> really interested in what you think/it would potentially help a
>> >> lot of people.
>> > 
>
>
>
>-- 
>
>Goto Daichi (nerv) <nerv at fastmail.fm>
>
>-----BEGIN PGP PUBLIC KEY BLOCK-----
>Version: GnuPG v2
>
>mQENBFVl0RcBCADHL0fGKZ/4MAciOo9GqKnCz6f9qu1Q+1gOSu7anHTEALePUXrI
>VFXdYfcB9D91mfYhSPdI6Wf4f3YNqJJozIaGo1p7g7Oo0j2n8KR/xgxtGLSqkyc7
>I4Pkhg0SCa5pm2ty9cyfrUWrRwgopEj4bJlR2L0HHhTQBoVo9h30XtWeLPwwg+O1
>vUGDgiLniHKBwna5jMp0I/bZxuM9ztxWXEmiEkqIh65dT6mcjJx2visSDAZGB033
>pU/EQFTxyavFOlypZG+WCGo8VNJkzEf6cHMVKJsi6aBi8ewGiw0SuYfYSY9Fed8I
>rLq0990FfB2NT26BRmJM+6Svs8+fJe3o+YNnABEBAAG0JUdvdG8gRGFpY2hpIChu
>ZXJ2KSA8bmVydkBmYXN0bWFpbC5mbT6JATgEEwECACIFAlVl0RcCGwMGCwkIBwMC
>BhUIAgkKCwQWAgMBAh4BAheAAAoJEIH6UEN73OdVe+sH/i5I5C1A8EzvK3wuetsK
>8mPAiTFdw+x1tYrvS2A/eYAjKP1wfx9csB+Q9n94HFv7FtP5IbceZ5BdMtjagBa3
>uWmHA/Pf5zoE3MaTSeY16mBEr141bTWzIdWofLgi0IrKPch8onEnTdd2hBWvJTPU
>F8Zb176trSEpYEACo+6QUppFUmXDGhvVzAfOMJZU8mjfQvf5haamcYTeOifG0riW
>vXjSDJJCFuMtj5uTRES9bRxKsyL2zW9B+DW9es4YIJ2zCgnSajoBGQu+kjrWzZG9
>qlz5L0SbgQ4cRy4BT9o9AToK5Rs1eixEvHIten2agC7yMUbhGMyXYNRk+3NSJcJb
>Zfi5AQ0EVWXRFwEIANwbm4X50uUHDYgT038WI8LfEd8Gh0UABAxRjn4AlpuaXJKL
>mVY24iRTEHdspuBP12e11E9FiYO6/As7XSBIH/ZUFogffQGPh3Dyr4r9mBPBp+qR
>NDy5tP5g6qbAYtJnDznaEldjsrF4FzrFcS3/9oCjOX3in98qYh+PS6DU3+emUn7V
>P7socUmxgckidhvaWkAj6dsmZbg4kkWhGvarzCbehCZxKGgtfRfyTWeQfTYbSrSD
>sxYZRb6lMBcVlY1Us6Uanw+au9vJPnS3nbZQJDhfJ/utTmaBpyIn6+4f4Ku049qp
>YntER2RJiX+bHhVNa8IR5E4946pxZfBt6dY5Fo8AEQEAAYkBHgQYAQIACQUCVWXR
>FwIbDAAKCRCB+lBDe9znVcxyB/iEiBpDbN8siHNCfJlFL98Au/GV9fE7H8IgCZ6o
>rKKEjWEPML+FhlAYfbVlVnqSnmoLFloSYqhDymY+4S0IS/QcMnY2u017Rb1AIbF1
>5BYzK1cTGDbeLObeJaIVr+DHEl+goPL9YgHg/X3WmFrO7nGP3Fv/n+VFn+S4zGE0
>1yGFU9vdNGZkC7ddlDhGvophLJHHxfGSiGnjXKq9vR+xq2yyH0EZqLlCEprMmTo1
>X+EpRNLZA4p5oee5RI/t6zk92DElTLuDqbPTnQNQd9tVwPeNQXsgWR+SPYD7vLQI
>hez47/0guyHoHwMDjkiXq4uwgGT0YdZ8lDoT2Z8BiApLMRI=
>=t27C
>-----END PGP PUBLIC KEY BLOCK-----

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5597 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20150531/8bb88c3a/attachment-0002.txt>