Apple is fixing a years-old parental control bug that lets kids avoid web filters

Jun 05, 2024 11:55 PM - 5 months ago 62265

For parents, it tin consciousness for illustration a no-brainer to fto their kids person an iPad acknowledgment to its built-in parental power feature, Screen Time. But nan strategy is besides undeniably buggy, arsenic astir parents will attest. Now, Apple is fixing 1 of nan software’s worst bugs — an apparently obscure 1 that would fto kids spot nan worst parts of nan net contempt settings to extremity that, reports Joanna Stern for The Wall Street Journal.

The bug goes for illustration this: kids tin circumvent contented restrictions by entering a circumstantial drawstring of characters into Safari’s browser bar. Security researchers Andreas Jägersberger and Ro Achterberg reported this bug doubly successful 2021 and, some times, were told that it wasn’t a information flaw, Stern writes. She besides notes that it doesn’t look arsenic though this peculiar bug has seen wide use.

The researchers were apparently told many times complete 3 years that it wasn’t a information problem and were referred to Apple’s feedback instrumentality for package bugs. But aft they contacted Stern to study their findings and their struggle pinch Apple, nan institution told her there’s a hole coming successful nan adjacent iOS package update. Stern writes that nan institution “maintains nan flaw was a package issue, not a information vulnerability.” Well. At slightest it’s being fixed.

The communicative underscores that Apple’s parental power package remains woefully underserviced. Though it has that glossy Apple sheen, nan characteristic is functionally hampered by bugs for illustration those that Stern mentions: not receiving requests for much time, for instance, aliases an occasionally blank surface usage chart. These are nan cardinal features that make Screen Time useful. (Stern notes that Apple fixed respective issues successful caller package updates.)

What makes this worse is that Apple doesn’t person overmuch competition, seemingly by design. It limited aliases removed third-party parental power app alternatives for its ecosystem successful 2019 aft it first introduced Screen Time successful iOS 12. At nan time, nan institution said that nan apps were inappropriately taking advantage of its enterprise-focused mobile instrumentality guidance (MDM) profiles that alteration power complete company-issued iPhones. Apple forbid removed apps that were utilizing nan powerful guidance characteristic — a not unreasonable move considering nan very existent dangers that benignant of entree poses.

The move generated controversy, starring parental power app developers to set together and demand an API for their apps, which would put nan institution much successful power of their entree while letting them compete pinch Screen Time. Apple ne'er provided that, but it did reverse people and fto parental power apps use immoderate MDM features nether definite circumstances and moreover unbanned immoderate apps.

But utilizing a third-party parental power app tin beryllium acold much progressive than utilizing nan built-in system. For instance, mounting up an app that really offers thing adjacent to Screen Time integration takes a batch of hoop-jumping: for instance, successful nan Qustodio app, I needed to download an app for my telephone and create an account. Then, I had to get a abstracted app for my kids’ device, log successful to it pinch nan relationship I made, past download and instal an MDM profile. To do this pinch a 2nd device, I’d person to repetition those steps each complete again. An charismatic API would person made this easier, and this procedure, I’d imagine, keeps a batch of parents from trying retired different apps, leaving Apple efficaciously without title — and parents pinch a surgery experience.

This puts users astatine Apple’s mercy, waiting for it to rotation retired fixes, arsenic pinch this year’s bug that wouldn’t prevention parents’ Downtime limits — limits connected erstwhile a instrumentality tin beryllium utilized — properly. Apple reportedly fixed that successful January pinch iOS 17.1, though that’s not mentioned successful nan merchandise notes for nan update.

Apple did not instantly respond to a petition for comment.

More