I don’t think so. I think it takes 1 kid in the playground to find out about https://distrosea.com/ without understand what a container or VM even is, only discovering that somehow it works, to make us of it.
Then the school admin will block it once there is a peak of traffic through the website, kids will discover proxies, someone will realize there is a business for it, make a free version with ads, etc. It’s going to be an arm race and the most dedicated kids, not necessarily the smartest or wisest, will figure it out. Eventually they’ll get the concepts behind the tools they mindlessly use until then, eventually find much better tools allowing them to bypass a lot more restrictions.
I don’t see how a browser will be able to prevent this kind of usage. They might pass age related information to each page requesting it but it takes a single page to provide the capability without using the information to be enough. If a kid has a computer at home they can setup such a service themselves.
It’s going to be an arm race and the most dedicated kids, not necessarily the smartest or wisest, will figure it out. Eventually they’ll get the concepts behind the tools they mindlessly use until then, eventually find much better tools allowing them to bypass a lot more restrictions.
Well… it depends on how do you define “smart” …but to me, that kind of dedication and resourcefulness is already showing problem-solving skills, regardless of whether they “get the concepts” (many adults don’t fully understand the tools they use either).
I don’t see how a browser will be able to prevent this kind of usage
In Firefox, you can disable websockets (and most other features or about:config settings, but the website you linked uses websockets) through a policy.json setting writable only by root, so it wouldn’t be possible for a user without root permissions to change it.
Funnily enough I just read “A third of children (32%) say they have bypassed age checks, including by
entering a fake birthdate (13%) or using someone else’s login (9%), while others used
more creative methods like drawing on facial hair” from https://www.internetmatters.org/hub/research/online-safety-act-report-2026/ this morning, so they clearly don’t have to be the “smart” or dedicated.
Yeah, that was my point… that’s why I was saying that if a kid is smart enough to to set up a VM like that they are smart enough to find alternative/easy out-of-the-box methods… the “using someone else’s login” in particular is one of the points I made earlier.
This is why I think the control should be local, and with the parents being the ones responsible. Relying on third party authentication and expecting the remote services to be able to determine the age is not gonna work.
I don’t think so. I think it takes 1 kid in the playground to find out about https://distrosea.com/ without understand what a container or VM even is, only discovering that somehow it works, to make us of it.
Then the school admin will block it once there is a peak of traffic through the website, kids will discover proxies, someone will realize there is a business for it, make a free version with ads, etc. It’s going to be an arm race and the most dedicated kids, not necessarily the smartest or wisest, will figure it out. Eventually they’ll get the concepts behind the tools they mindlessly use until then, eventually find much better tools allowing them to bypass a lot more restrictions.
I don’t see how a browser will be able to prevent this kind of usage. They might pass age related information to each page requesting it but it takes a single page to provide the capability without using the information to be enough. If a kid has a computer at home they can setup such a service themselves.
Well… it depends on how do you define “smart” …but to me, that kind of dedication and resourcefulness is already showing problem-solving skills, regardless of whether they “get the concepts” (many adults don’t fully understand the tools they use either).
In Firefox, you can disable websockets (and most other features or
about:configsettings, but the website you linked uses websockets) through a policy.json setting writable only by root, so it wouldn’t be possible for a user without root permissions to change it.Damn 1month ago.
Funnily enough I just read “A third of children (32%) say they have bypassed age checks, including by entering a fake birthdate (13%) or using someone else’s login (9%), while others used more creative methods like drawing on facial hair” from https://www.internetmatters.org/hub/research/online-safety-act-report-2026/ this morning, so they clearly don’t have to be the “smart” or dedicated.
Yes, sorry I had a busy month :P
Yeah, that was my point… that’s why I was saying that if a kid is smart enough to to set up a VM like that they are smart enough to find alternative/easy out-of-the-box methods… the “using someone else’s login” in particular is one of the points I made earlier.
This is why I think the control should be local, and with the parents being the ones responsible. Relying on third party authentication and expecting the remote services to be able to determine the age is not gonna work.
Pretty much.