Family safety on Nest Wifi & Microsoft – day 1 battle

It’s come to the point that there are going to be some screens available to the kiddos that aren’t strictly controlled/watched over by me. The oldest has been learning songs, writing, and the youngest is learning to read. While I’m here most of the time there’s times when it’s “go to your room, learn the lyrics, yadda yadda.” – really, with the hoard out here go to your room and learn something is required sometimes just due to volume.

With school starting, there’s a lot of stuff that needs done as well. After a mistake in which I swapped out a Google Home (audio only,) for a Nest Hub (audio and video,) and forgot to turn on the safety/filters on the new device, and my oldest immediately got a NSFW Barbie Girl parody. I’ve started looking more at setting filters.

Before I hand over some laptops, even supervised I decided I would attack the family safety filters for about an hour tonight.

tl;dr – meh, they’ll keep your kiddo from accidentally stumbling into something at most basic configuration.

My main worry is, much like oldest asking for Barbie Girl and getting wildly inappropriate parody, is that they’re getting so much spammy content that they’re one or two clicks away from malware and potentially trafficking websites.

family safety options on Nest Wifi are under Family Wi-Fi.

Microsoft has a family safety / child options, and so does Nest Wifi. So I cranked on the Nest Wifi Family Wi-Fi / safesearch which blocks thousands of known websites and also forces safesearch on on Google. Two ancient laptops running Windows 11 updated to whatever the latest was as of two days ago, and Chrome which updated yesterday. Child profiles set to appropriate for 10 years old (Minecraft man,) and no screen time limits at the moment because something is afoot.

Microsoft also has some family safety options, but most of what I discovered was it just really did not want me to run Chrome. I had to request permission and grant it three times before Chrome would launch. There may be reasons behind this. MS’s filtering seemed to be more app and force you to Edge.

I went on the attack… as an IT manager who’s dealt with filters for several years and with several products aimed at keeping HR from having to have a discussion with your latest business development hire.

Family Safety Attack #1 – via URL

I decided to straight up search for naked people doing stuff. I pulled a list of sites and ran through a few and was greeted with the following:

Nest Wifi's family safety feature blocks known pornography sites... all that I could find.

Anything I could find and enter the URL was blocked. OK, NSFW standards were blocked pretty well but could I get around the safesearch filter on image searches?

Attack #2 – safesearch

Using Edge and Chrome on Google’s image search and other search functions I was unable to locate anything particularly offensive. Using Edge on Bing same, however using Chrome on Bing I was able to bypass any filtering and find porn in the image searches by simply turning off the safesearch. Edge on Bing had it locked to safesearch on.

As long as I had Chrome going to Bing and turned off the safesearch on the Bing webpage, I could see pretty much a wide array of naked people doing things, but most of the sites I could not connect to. Most. Edge on Google was still locked. Edge on Bing was locked.

Edge and Chrome and Bing all behave differently on Bing images. Something to consider. Both behave the same on Google.

So kids, Bing image search and Chrome – your preferred method to get around Nest Wifi’s safesearch blocking and Bing’s built in safesearch.

Could I use IEinChrome to bypass filtering? Something to check.


Attack #3

On to videos – Plex.tv still has no age verification for any of their stuff, and “I spit on your grave” can be accessed past the Nest Wifi with two taps – so yeah. Plenty of other sites similar with free movies that are decidedly not safe for kiddos and don’t ask for age or anything for that matter.

Nest Wifi doesn't block sites that stream anything without age verification. Plex.tv is not the only place guilty of it, it's just the one I remember.

Overall, any directed attack I did I had roughly 30% success. However, these filters are not really designed for directed attacks, they’re designed to stop your kiddo from accidentally wandering in and at the moment at least, they’re probably doing that.

I do wonder why Bing and the Google Nest Wifi aren’t talking with each other about safesearch enforcement… seems like this is something that would be standardized. I recall testing a router way back when that jammed it on on any search somehow.

Findings (end of day 1)

There seemed to be no blocking of pirate sites, some very bad forums, and a few other things that people wouldn’t randomly direct you to. I noticed some lowered spammy advertising so there’s that. Couple of clicks from pirate sites to scam sites.

Overall … Family Safety on Microsoft’s platform and Google’s Nest Wifi – it’s something. It blocked a lot. Not designed to handle a lot of testing. For what both of these do they’re ok. For stopping a hormone-fueled sexual psycho nope.

For the MS side, I got a little report on some of the search terms that were caught. Only in Edge. No Nest Wifi notification of blocked websites, which I would find useful. Nowhere to locate blocked sites that I could find.

Microsoft's family safety app lets you know some of the search terms.

Will attack it some more tomorrow.

May sound like these have failed pretty hard, they haven’t. For what they do they’re doing ok. Designed for younger kiddos to keep them from accidentally wandering into filth. Not designed for prolonged testing of every possible combination of software and mode of attack.

Paul King

Paul King lives in Nashville Tennessee with his wife, two daughters and cats. He writes for Pocketables, theITBaby, and is an IT consultant along with doing tech support for a film production company.