You’re correct. Pihole works at the DNS level. Since YouTube hosts their ads on the same servers that host their videos, blocking the ads with DNS would also block the videos. Which I guess it technically works to block YT ads, but that’s a little like saying “set a man on fire and he’ll be warm for the rest of his life.”

I agree with you on that. My original point was simply that expecting every single parent to run their own blocking isn’t feasible, nor effective under real world situations.

And a proxy site doesn’t require installing third party software.

I’ve been saying for a while that we should start presenting lawmakers with secure ways to do age verification, instead of relying on lobbyists to do it. Lawmakers will inevitably pass these kinds of things, so at least make sure the groundwork is there for it to be done securely instead of just bitching about it when Meta lobbies to be the third-party age verification system.

Have the government set up a database with every single name, DOB, ID number (SSN, for the Americans), and a password that the individual has set up on the provided site. Then have them use a known hash for each one, essentially turning the password into a salt. And the hashes can be stored in a simple database that determines whether or not someone is old enough.

Next, the device hashes the user’s inputs for name, DOB, ID number, and password. If you want to require an ID, that photo can be verified directly on the device, because even phones are powerful enough to do things like OCR nowadays. Now the device sends that hash directly to the government, and asks “hey, does this hash match someone who is over {age of majority}?” The government’s system automatically responds with a simple yes/no.

Your device can now automatically respond to any age verification checks, so there’s no need for individual sites or apps to ask for your personal info. They can simply ask your device, and your device can respond automatically. The user never even needs to see an “are you over {age}” prompt, because it all happens before the site or service even loads.

It’s essentially the same idea that Tor uses, where routing your traffic through three nodes helps ensure security. The first node (the site, in this case) only gets the verification from your device. The second node (your device) can keep your info entirely on the device, so it never needs to send it to any third party. And the third node (the government) never sees your browsing data. The only device that actually sees both your personal info and your browsing data is your device, which you control. You didn’t need to send a third party any extra data about yourself to verify every individual site or service. Everything about your info stays entirely on your device. And the government didn’t get any of your browsing info, because the device was simply asking if you were old enough to be verified.

For shared devices (like desktops) this could be done on an account level. Same basic concept, except the “is over {age}” flag could be set on the user account. “But my privacy” folks start to rabble about this, (because it usually implies something like a Microsoft account) but I can guarantee Microsoft already knows roughly how old you are. So parents can log in with their verified account to watch porn, and kids will get unverified accounts that redirect them back to a “hey it looks like you’re unverified. If you’re old enough to view this content, here’s how to verify your device” page.

For parents, protecting your kids is now as simple as refusing to verify their devices/accounts and protecting that password (so they can’t just use your info to verify themselves behind your back). Hardware verification can be done securely.

Exactly. There are so many people in this thread who really seem to underestimate how much time and effort it actually takes to keep kids from playing the games their peers are playing. Keeping a teenager from looking at tits is a full time job by itself, which would require all kinds of invasive privacy violations. As the old adage goes, the strictest parents make the sneakiest kids.

but free ones really suck IMO

Kids don’t care. They’ll use whatever is available. Free ones are almost undoubtedly collecting and selling your browsing info too, but kids won’t care about that either. Now your attempts at blocking them have made their browsing less private.

and they aren’t very obfuscated so they can be easily blocked too

And now you’ve fallen into the whack-a-mole trap, which is exactly what most parents don’t have time for.

there are methods to detect VPN traffic so that could be blocked too

Methods available on residential ISP-provided modem/routers? That’s the only “networking gear” that most households have. I think you may be falling for the Average Familiarity trap.

If you wanted to go ballistic you could even set a whitelist of services and everything else gets blocked

Sure, and your kid can just buy a cheap prepaid SIM card to keep under their mattress. Data plans are stupid cheap, and kids are resourceful. Hell, I can walk down to the corner store and buy an entire android phone for like $50. Will it be a good phone? Fuck no. But it’ll get access to the internet. And if a neighbor or nearby business has unprotected WiFi, I don’t even need the prepaid SIM card.

If you’re trying to stop a 14 year old from looking at tits, you’re already in a pitched battle against an opponent who will never run out of determination. My original point was simply that parents don’t have the time or resources to constantly play cat and mouse with whatever kids are using to jork it. There are entire private companies and government departments with hundreds of full time employees who specialize in parental controls, and they still struggle to keep up. Parents who work full time (and who probably aren’t tech literate enough to do anything more than click the “Enable AdGuard” button when setting up their router, if their router even supports AdGuard) simply won’t have the time or resources.

Hah, I typoed. Fixed now. I shouldn’t comment before I’ve had my coffee.

Yup, I’m also squarely in the “good for them, it doesn’t really affect me in the slightest and they deserve to feel safe” boat. But I also have a sneaking suspicion that the guys like us aren’t the ones who would be upset about this. The Venn diagram of “men who wouldn’t get angry about this” and “fucking creeps” is probably close to being two separate circles.

It takes a pretty smart and determined kid to get around network controls

Proxies and VPNs exist for a reason. If the entire country of China can’t keep up with the number of VPNs and proxies poking holes in their Great Firewall, what makes you think individual parents have the time to do so? You never used a proxy site to access blocked content on a school computer? It doesn’t take a high degree of technical skill. You just google “proxy site” and paste whatever URL you wanted into the site.

deleted by creator

We had an employee break procedure, make a dumb mistake, and cause ~$160k worth of damage to a mission-critical piece of infrastructure. It happened due to her own inattention and disregarding her “here’s how to shut down at the end of the night” checklist, at like 8PM. Basically, instead of doing steps A, B, C, and D, she went “eh I know what I’m doing,” jumped straight to step D, and suddenly heard very expensive noises. It required me and her supervisor to pull an overnight shift to get a bodged workaround in place, just to be ready for the next morning at 8AM. And even then, the gear was out of commission for about a month until we could get it fixed.

All in all, it was about $80k worth of equipment repairs, $40k in equipment rentals (to keep things running in the meantime), and about $40k in additional labor (we had to hire specialized contractors to fix the gear).

The employee 100% thought she was going to get fired when it happened. We were obviously angry and disappointed that she made such a dumb mistake, but we didn’t yell or chastise her. We simply told her to go ahead and clock out for the evening, and we’d deal with fixing things overnight. She tried to say she could stick around to help… But this was already at the end of her shift, she was obviously not in the right headspace to pull an overnight shift, and we were both too frustrated to have her around at the time. She was crying on her way out the door.

The supervisor decided to keep her on instead of firing her, for this exact reason. She didn’t get a raise, but she didn’t get fired either. She got reprimanded, but her supervisor was confident that she would never make the same dumb mistake again. And now her story is used as a cautionary tale to drive home the importance of following procedure when we’re training new hires.

Can’t search on google.com without allowing JavaScript, but it turns out Lite.DuckDuckGo does, and for me at least gives vastly better search results.

That just means you prefer Bing search results. DDG simply proxies Bing Search and removes the tracking elements. So you’d get the same search results with Bing… Though Bing may sort those results differently, since they’d use tracking to push certain sponsored results to the top if they think you’d be more interested in them.

Yeah, the entire compressed thing is only ~40GB if you exclude media like photos, audio files, videos, etc, so it’s surprisingly easy to keep a local backup. You need some specialized software to be able to read the compressed data without fully unzipping it, but the software is FOSS so anyone can use it. Even if you include images, the file is only like 120GB, which is easy for anyone with a NAS. I’ve had the 40GB version on my NAS for a while, and happily leave it to seed.

AKA Schrödinger’s Backup. Until you have successfully restored from a backup, it is just an amorphous blob of data that may or may not be valid.

I say this as someone who has had backups silently fail. For instance, just yesterday, I had a managed network switch generate an invalid config file for itself. I was making a change on the switch, and saved a backup of the existing settings before changing anything. That way I could easily reset the switch to default and push the old settings to it, if the changes I made broke things. And like an idiot, I didn’t think to validate the file (which is as simple as pushing the file back to the switch to see if it works) before I made any changes.

Sure enough, the change I made broke something, so I performed a factory reset and went to upload that backup I had saved like 20 minutes prior… When I tried to restore settings after the factory reset, the switch couldn’t read the file that it had generated like 20 minutes earlier.

So I was stuck manually restoring the switch’s settings, and what should have been a quick 2 minute “hold the reset button and push the settings file once it has rebooted” job turned into a 45 minute long game of “find the difference between these two photos” for every single page in the settings.