Date: Mon, 10 Apr 1995 22:12:40 -0400 (EDT)
In-Reply-To:
Message-ID:
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Mon, 10 Apr 1995, S. Finer wrote:
> Rex:
>
> I think you totally missed my point, but I just don't have the time right
> now to reply in full. I am suggesting an easy to use local lock on
> junior's access. essentially I think "liquor cabinet locks" work in 99
> out of 100 households. Kids get liquor from other kids........whose
> parents do not bother with the lock.
I agree with you in principle, but the current design of the internet is
like trying to set up a roadblock in downtown Denver, there are 100 ways
to get around it.
> I prefer the lock strategy, since it puts the burden onto the parents,
> not on society as a whole. Society's obligation would be to make certain
> the locking client was VERY easy to use, and available with EVERY
> account, and brought to every account holder's explicit attention. That
> way, if junior gets into problems, the provider can simply say, I gave
> the parent a lock, and instructed in its use. The parent failed, I did not.
You would have to disable telnet, FTP, Web Browsers, and News. You would
also have to disable sockets programming (since the kid can get telnet
anywhere).
What is needed is clients that request interactive password entry at
start-up and send the authentication information to each server using a
real-time encrypted key (Kerberos) validated by a third party server.
This authentication software is widely available and can be enabled on
most clients and servers with little effort. By allowing the parents to
sent the "Lockout" to a third-party server, the "Porno Board" can protect
the children by using the authentication which will Identify the kid as a
minor.
> As to kids who can break the lock.....some will be able to do so....but
> not many. Most will not try very long if the frustration level is high.
> Just lock out all telnet capability without a separate password, that the
> parent DOES NEED TO SECURE. gotta go
Let me just correct one thing. You would have to "Completely Disable all
TCP connects going out of the box" with the exception of the "Protected
client which would go directly to a Fire-wall host exclusively. Any
internal solution can be defeated with two floppy disks.
Rex
From rballard@cnj.digex.net Mon Apr 10 22:15:15 1995
Status: O
X-Status: