It's as easy as parents keeping the default router password, a kid logging in and then setting up port forwarding to a device on a port that they're running a server on, tied to their current residential ip, and then pinging their friends that ip and allowing them all to connect and download whatever files or upload whatever files. The peer-to-peer network could really start establishing itself in ephemeral and very hard to track ways. All you need is one kid with access to a vpn to torrent without copyright concerns to seed the network. Or one kid to get its parents to buy a domain and use that as an anchor so that the dns to ip is set behind the scenes for the peers.
I'd like to add we are discussing communication over the internet. It is an open standard. I should be allowed to build my own pcb without a secure element and talk to anyone over http so long as I am abiding by the correct rfcs.
What about devices without a hardware-based trusted computing module? Am I now limited to what hardware I can run before I even get to my custom software?
Can't your router block by Mac address? Just limit the Chromebook to allowlisted sites. And also school-issued computers are known for Spyware and even worse. It should probably be segregated in a separate network or vlan.
Parents should have an allowlist of devices to be able to join their network. And then they can require root certs or something for access outside of a narrow allow list. There's a host of ways to solve both problems. Just remember to check for hardware keyloggers on your (the parents') devices, as kids could use them or try evil maid attacks, etc. if they feel totally encaged.
If you drive out everyone with identity filters, those folks will naturally flock to sites run in nations without the same controls. I don't think you really solve anything except to push traffic elsewhere.
Instead it would be more appropriate to let sites pass headers, such as "we have adult content", thst you could filter on the network or client side. It's still voluntary, of course. Anyone will just visit sites that don't have the checks if necessary.
reply