If those work, sure, although kids tend to be pretty clever about getting around parental controls and are sometimes quite a bit more technically sophisticated than their parents.
It ain’t the ‘90s and this ain’t Windows 95 with bypassable-by-accident OS account logins and half-assed website blocking made by the lowest bidder. Getting past app installation restrictions and time limits on iOS would be… challenging.
It sucks as a parent because you get this from both ends: “parent better! (Putting in tons of work that our parents didn’t have to)” and also “lol what are you doing restricting kids on computers is impossible, give up you idiot”.
(And on some platforms it is, for practical purposes, impossible—looking at you, Linux, not just because it’s a powerful open platform but because its permissions and capabilities system is decades behind the state-of-the-art and tools for sensibly managing any of that on a scale smaller than “fleet of servers” and in the context of user-session applications are nonexistent)
> It sucks as a parent because you get this from both ends: “parent better! (Putting in tons of work that our parents didn’t have to)” and also “lol what are you doing restricting kids on computers is impossible, give up you idiot”.
I didn't claim that it's impossible, merely that it's difficult sometimes, as you also implied ("putting in tons of work"). The advantage of physically consfiscating phones is that it's a low tech, brute force method available even to the least technically sophisticated parents.
To that extent can't kids just pop in a live USB and get a totally ephemeral and open os?
I'd push the implementation to the router and force root certs on devices and have all clients run through your proxy or drop the packets. That way even live usbs will not get network access. Have some separate, hugely locked down network for kids' friends.
Maybe put a separate honeypot network up with some iot devices on it with wifi and a weak password, and let the kids have some freedom once they figure out how to deauth and grab the bash upon reconnections.
Idk. I'm some years away from this problem myself,but someone recommended this in another thread recently.
> To that extent can't kids just pop in a live USB and get a totally ephemeral and open os?
That's a lot more difficult if you leave secureboot enabled on the computer. Plus, most devices, especially newer ones, allow you to pin your own certificates and sometimes even disable the OEM certs.
That, in addition with locking the BIOS with a password (and if the device does not have known OEM override passwords like on bios-pw.org), should be more than enough to keep a kid out.
If those work, sure, although kids tend to be pretty clever about getting around parental controls and are sometimes quite a bit more technically sophisticated than their parents.