I’ve arrange Display screen Time restrictions for a kid. In Display screen Time>Content material & Privateness Restrictions > Retailer, Internet, Siri & Sport Middle Content material > Internet Content material I’ve it set in order that he can solely entry just a few web sites which are related to his schoolwork, and all the pieces else is blocked and locked with a passcode solely I do know. This manner, he can use his iPhone for messaging, FaceTime, schoolwork, and e mail, however he doesn’t have unrestricted entry to the ocean of the Web free for him to browse as he likes, as a result of he’s not accountable sufficient for that proper now. I additionally blocked Google Drive and every other file sharing app from him, as a result of I do know that on-line movies will be saved on Google Drive. I stored Google Docs, as a result of he wants it for his schoolwork.
To my dismay, I discovered that he has been viewing hardcore pornographic movies saved in his Images app. There are various of those movies, and I had no thought how he bought them, contemplating that I’ve his telephone blocked from unrestricted Web entry. I found that on a Google Docs web page, he has a whole bunch of hyperlinks from a pornographic web site saved. His associates had been sharing these hyperlinks with him on the Google Docs web page. I used to be in rage after I discovered that these hyperlinks, regardless of all of the restrictions I set, work. Clicking on these hyperlinks, which come from a mainstream pornographic web site, trigger the video to be downloaded instantly. I went again in Settings and made certain that each one the restrictions I set had been there. And sure, they had been. After I tried to open any web site aside from those I whitelisted, together with the principle web page of the pornographic web site that these movies had been from, it, as anticipated, was correctly restricted. Nonetheless, for some purpose, these hyperlinks that had been saved on Google Docs didn’t behave the identical method. After I clicked them, the movies would obtain onto the gadget and so they could possibly be saved to the Images app.
To experiment with it, I arrange the identical restrictions, however much more strict, with no web sites whitelisted (that means all the Web is blocked) and with Safari eliminated as an app. I found that there’s completely no method to block Web downloads on iOS. That means, it would not matter the place the obtain comes from, or what file sort it’s, or whether or not it’s on Safari or one other browser, or whether it is in an in-app browser or a local browser, or whether it is in a third-party app or a local app, or no matter restrictions you’ve gotten set — if a obtain hyperlink is opened, the obtain will course of. No. Matter. What.
After I say “obtain hyperlink”, I am referring to a hyperlink that factors to a location the place the person can obtain a file. If you obtain an utility, for instance, in your pc, you click on a obtain hyperlink which causes the file to obtain. Similar factor while you obtain a PDF, or an mp4, or a jpg. The kid’s associates have been occurring this pornographic web site, discovering the “obtain” button beneath the filthy movies, and copying the hyperlink there and sending it to my son. They’ve found an easy bypass that disrupts and destroys the entire objective of the Display screen Time characteristic.
And like I mentioned, this works it doesn’t matter what. Whether or not you sort the hyperlink out within the URL field of Safari, whether or not you open it from a third-party app, or from the Messages app, or wherever, the obtain will all the time happen, and there is completely no method to forestall it. And as I discussed, even when Safari is totally blocked (Display screen Time > Content material & Privateness Restrictions > Allowed Apps & Options > toggle Safari off, or Display screen Time > Downtime, or Display screen Time > App Limits), so long as there may be an app on the gadget which makes use of WebKit (which mainly any app with Web capabilities, akin to an e mail app, a faculty app, and many others., has), one can go on there and do the identical factor (that’s, sort in a obtain hyperlink and open it) and the obtain will nonetheless undergo. The one method to cease it will be to dam Safari, block all websites, and block all apps which have WebKit. This could render the gadget, which I paid $1200 for, a brick. I didn’t pay $1200 for a brick. I personal a $30 Android telephone from 2013 which has capabilities to dam downloads from sure domains being processed.
Predators can and possibly do ship kids obtain hyperlinks on the common, understanding that Apple has no safety plan in place for this. They will ship pornography, malware, and God is aware of what else to susceptible individuals who do not know any higher than to click on on them. Now the kid I used to be tasked to maintain, whose iPhone 12 Professional I did all the pieces, and I imply completely all the pieces in my energy to dam unrestricted entry to the Web from, has a hardcore pornography dependancy. His innocence has been stripped of him regardless of my anticipation of this and my doing all the pieces I might presumably do to forestall it.
As for “Communication Security” in Display screen Time to forestall the kid’s associates from sending this content material, it is an absolute joke. It was already enabled. However all it does is give them a discover — “are you certain you wish to ship/obtain this content material?” Everybody clicks sure. And never that it impacts this case in any respect — that characteristic has no impression in the case of apps like Google Docs, Gmail, and Mail (and do not inform me to uninstall these apps, I can’t render a $1200 iPhone a brick that may’t even entry e mail simply to uphold security for the kid).
For the previous two weeks, I’ve been chatting with a number of Assist brokers (together with senior ones, who declare to have forwarded my concern to the Engineering and Safety groups), I’ve despatched three stories for bug discoveries and safety vulnerabilities, and I’ve written a separate publish on discussions.apple.com. I used to be very disillusioned to see that iOS 17.6 made no enhancements on this regard. After I reported it on safety.apple.com, they dismissed it as “not a safety difficulty.”
The opposite day I noticed an commercial on TV: “Safari. A browser that is truly non-public. Privateness. That is iPhone.” I am sorry, however no. Netscape Navigator and Web Explorer had been safer than this when configured with just a few fundamental area blocks. Apple has fully misplaced my belief after what has occurred. That is an terrible, terrible state of affairs.
I want this to be fastened ASAP. Apple ought to put this as a high precedence and push it for the following speedy software program replace — enable net downloads to be blocked with Display screen Time. Higher but, make an emergency software program replace only for this. It is a safety, privateness, and content material security difficulty and I do know for a indisputable fact that I’m not the one one going through it. I simply occur to be the one one taking the initiative to cease it.
