Family Safety on Windows Vista


My name is Brian Trenbeath, a Program Manager on the Windows Vista team, and I would like to take a quick moment to tell you about the new set of Family Safety features coming with Windows Vista.

First, many thanks to the IE team for allowing me time on their blog to tell you about this exciting new feature area that is coming with Windows Vista!

Parental Controls on Windows Vista is a new, much anticipated part of the overall Microsoft Family Safety story. With Windows Vista, tools are now built into the operating system that will not only let parents apply limits to the way their children can use the computer, but additionally, tools that will let parents be able to keep better track of what their kids are doing on the computer.

So let’s dive in and see what Parental Controls on Windows Vista is all about!

The first thing you will notice, is we have created a centralized location in Vista where Parents can go to find all Family Safety related settings for their computer.

Control Panel

Here is where you will be able to find all of the settings for Windows parental controls settings. Additionally, this Family Safety section of the operating system extensible, which means that other software applications, can put their Parental Controls settings here as well. End result will be that parents won’t need to go looking in several places to find and configure these settings for their kids, they can just go to one spot and configure everything from there!

To use these settings, first a user account for the child is created. Then Parental Controls panel is used to turn on settings or monitor activities for that user.

Parental Controls User Select

One of the first things you’ll notice in this screen, after the large on/off toggle, is the second toggle for activity reporting.

Parental Controls User Hub

As I mentioned before, one of the goals of Parental Controls is to give parents better tools to monitor their children’s computer usage. Being able to know what your child is doing on the computer is a critical part of that story. Once you choose to turn on activity reporting for the child, you can know, in detail, when they were on the computer, what programs they were running, what games they were playing, even what websites they have been visiting!

 Parental Controls Activity Report

Then there are the restriction settings.  Windows Vista offers a range of ways that parents can limit how their child uses the computer.

  • Time Limits – Parents can set limits as to when their child can use the computer
  • Web Restrictions – Using an online service, a parent can restrict what types of web sites their child can visit. Use of this service comes free with Windows Vista. They can either do this by category (eg. My child cannot go to pornographic sites, or gambling sites), or they can get very specific and choose by URL, what sites are allowed and which are not. These restrictions will work automatically with any web browser.
  • Game Restrictions – Partnering with Computer Game rating systems from around the world (like the ESRB in North America), we allow a parent to restrict the types of computer games that their child can play.
  • Application Restrictions – If a parent chooses, they can apply limits such a their child can only run the applications that the parent has approved.

Technical information on how application can interact and utilize this new functionality is available latest Windows SDK on MSDN in the Windows Vista and WinFX Beta page.

We expect that we will be able to add more granularity and addition features into the Parental Controls feature set.

We hope, that with these features now built into Windows Vista, that we can make parents feel safer and more comfortable with what their kids are doing on their home computers.

 – Brian Trenbeath
   Program Manager
   Windows Vista

Comments (81)

  1. Anonymous says:

    What a dirty little unhonorable thing to do to a person. I think these "controlls" are absolutly discusting. I like the idea of blocking web sites that my kids may "stumble apon"… yah right… however, to let the parents view reports on where there kids are going, what they are downloading and when they are logging on? That is no one but those childrens business. This is no different than spyware that monitors surfing habits in order to advertise. You discust me.

  2. Anonymous says:

    I’m very happy that you are implementing this into Windows Vista. It is always important to set restrictions for children especially since many non-############ site have links or popups to ############ or questionable sites. This is a step in the right direction.

  3. Anonymous says:

    I agree. I won’t be moving to it because Windows is becoming overprotective and controlling. The audio/video/games/websites etc that I use will be in Microsoft’s control. I’ll be enjoying Ubuntu Linux with a side of Mac OS X Leopard on Intel.

  4. Anonymous says:

    And responding to Bill… who are you to decide what is a parent’s business or not? It is NOT your business to get involved in how a parent will raise THEIR child. This isn’t disgusting, it’s a feature that SOME people will use and others will NOT..

  5. Anonymous says:

    This is disturbing. Sure, ultimately using it or not is up to the individual. However, I can only pity the poor children who’s parents will stoop so low to use these kinds of features.

  6. Anonymous says:

    Uhmm, parents already do "stoop so low" with programs from McAffee and Symantec. How is this any different?

  7. Let me put it this way.  With parental controls, I might be willing to consider letting my kids have access to the internet on their own computers.

    Without parental controls, there’s no way in heck that I’m going to let them surf the web from any computer that’s not in a public location.  It just ain’t gonna happen.

    Bill, it’s entirely possible that you don’t care about what your kids find or who they meet on the internet.  

    I do, I’ve seen how easy it is to find some truly offensive material out there, and I don’t want my kids exposed to it until they’re emotionally ready to handle that material.

  8. Anonymous says:

    thats good…   the whole point is you have the choice…. who cares if a parent stoops that low, its their own damn business if they want to do that.  They will find out another way with different programs anyways.   WHO CARES?

  9. Anonymous says:

    This is creating functionality for the home user that has existed for years in private and public companies and education institutions.  On those systems all of your network traffic is analyzed and all the sites you visit and the amount of time you spend browsing the internet or talking on IM is recorded, reviewed by HR, and filed away to be used later if needed (if policy states this is allowed).  One way they can use this information is to support firing you for non-performance.  All of this is perfectly legal because the company or education system owns the bandwidth you use and therefore you are subject to their policies.  For everyone that is disgusted by this new feature in Vista, do you submit to these logging policies at work or tell your manager you are disgusted by it and refuse to use a computer?  And those that say they own their own business, don’t you want to ensure your employee’s time and internet bandwidth you pay for is being used effectively?

    To those that don’t like it, as stated in previous comments, just turn off the logging but don’t say it is wrong for this feature to be in there when other users want the option.  

    Many features are included in all OSes that some users may never need or want, but that isn’t a reason to not include it.  If we only had features that all users agreed on in an OS, we wouldn’t even have browsers, instant messenger, or file sharing, because there is at least one user that doesn’t use or agree with these features.

  10. Anonymous says:

    Thanks for the information. I am surprised by the complaints for adding a feature. If it was madentory, non optional, information sent to Microsoft and various governments, and it was the governments that put the conrols and restrictions I could understand a  negative recation. But an optional feature that provides users various features that have been requested, or at least the demannd has been seen as for years third parties have provided some of these fuctionalities, is amazing to me. I wirless router  I just set up at my parents place came with trial subscription of software to filter and protect kids.

    There are few of the fuctions I personaly would use with my own family, but I know others might. I think time limits are probally the only one I might use, if I found my kids using the computer when they should be sleeping… But I know other parents have different views and may find the other restrictions useful.

    Thanks for giving us options. The more options the better in all areas. We are all different and so options make a product more valuable to the masses 🙂

  11. Anonymous says:

    Hello World!  I’m Sharon Cohen, Program Manager for parental controls in IE7. If you haven’t heard…

  12. Anonymous says:

    There’s nothing wrong with giving these features. If Microsoft didn’t, parents would seek the same features elsewhere. If you feel sorry for some kids that are getting restricted and monitored like this, then you have a problem with the parents, not with Microsoft. Personally I think that teenagers shouldn’t need restrictions, but younger kids probably do.

  13. Anonymous says:

    Anyone who believes that a child should not have their freedoms restricted or monitored obviously doesn’t have any children.

  14. Xepol says:

    Will these settings and logs be available under the, err, vista equivalent of xp pro, from a remote machine, say a 2003 server?

  15. Anonymous says:

    good on you MS.. i certainly will be happier letting my young boys use a pc on their own knowing i can block sites im not happy them viewing. look forward to moving to vista

  16. Anonymous says:

    <i>Web Restrictions […] will work automatically with any web browser.</i>

    How on earth does that work? <i>Where</i> does that work?

    The only thing I can think of would be to modify the core IP stack to look for HTTP traffic on all new outgoing connections, intercept the GET request and Host: header, piece together a URL, try to match it against the "banned" table, and do a whole bunch of things if it matches (including calls back to userspace?).

    Wow! That’s a lot of cruft in an IP stack. And it wouldn’t work with HTTPS as the encryption’s done in the browser process so the kernel can’t even tell if it’s HTTP or not. For that to have a chance of working you’d have to modify the DNS resolver to look for "banned" hosts. Hmmmmm…..if only there were a way to do DNS lookups on the web…..oh wait, there are….

    What on earth are you <i>doing</i> in there?

    I can imagine that you could put something in the DNS resolver to block requests for certain domains

    To block any browser, you’d have to put this kind of thing in the IP stack.

    About the only place that I can figure is you’d need to modify the IP stack

  17. Anonymous says:

    Doh! Those last three lines were bits of draft that didn’t get deleted.

  18. Anonymous says:

    Architecturally, I bet this is implemented as a Winsock Layered Service provider (or the Vista equivalent, using new interfaces also used by the firewall).  It could sniff the actual traffic for HTTP and could block DNS for HTTPS.

    This is how the old MSN parental controls feature worked.  

  19. Anonymous says:

    Sorry, the last 3 lines of that were draft that didn’t get deleted. Please ignore.

  20. Anonymous says:

    Good job on this idea.  I can’t believe how people are over reacting to this optional feature.  I don’t have kids now but I want to know where they are going and what they are spending time on.  If they have some myspace site where they are posting pictures they shouldn’t or inviting trouble then I want to know.

    I agree with the person who posted that people who are over-reacting obviously don’t have kids.

  21. Anonymous says:

    As long as this feature works as designed, I think it’s a great option to have available.  I have at least one idea of something to add to it.

    Firstly, though, to respond to Bill above, consider that in my case we’re not talking about a 19-year-old at home from college for Spring Break, we’re talking about a 7-year-old, who’s interested in computers, but who, as Larry said above, I am not willing to set free on the Web.  I hope you’re willing to admit that there’s a difference.  I’ve been looking at other products already.  If something comes along in Windows, and it works, then it will make my life easier.

    Anyway, as to features: I’ve been looking into email services that can help prevent my daughter from getting the kind of spam I get.  A couple of products come close to what I’d like to see: SurfBuddies and KidSafeMail.com.  If MS implemented a mash-up of the best features of those two programs, and added that to the Vista Parental Controls, that would be <i>really</i> useful.

  22. Wayne Luke says:

    It is about time this is incorporated into the OS. Currently, my children can only access the Internet through MSN because it includes these controls. I have a 14 year old and two 10 year olds. One of the 10 year olds is autistic but very much likes to play things like Disney’s Toontown. Controlling what comes to him over things like IM and email is important because he has no concept of privacy or strangers who may wish to do him harm. My 14 year old I am less concerned about but there still needs to be some control, especially if his grades slip and his access is restricted to homework only. The other 10 year old is a girl and young girls are the most targetted sector for abuse. I want to know if someone can potentially harm my children through all means. I already regulate their internet use and get mailed weekly logs. Hopefully these controls will prevent my kids from bringing home rated M games or playing inappropriate movies on their machines as well. I don’t let my children watch anything above PG or TV-14 without viewing it myself first. I review and pre-play any video games and they cannot play anything rated M whatsoever.

    Kids are forced to grow up too fast these days because of media exposure. If I can limit some of that then it is a much better world to raise them in.

  23. Anonymous says:

    The part of this that disturbs me is the idea of being able to block sex education websites as a ‘category’ in itself. In my mind, denying access to sex education skirts pretty close to child abuse.

  24. Anonymous says:

    This is a great feature. Nobody is forcing you to use it, so I don’t see the point of all these complaints.

  25. Anonymous says:

    <I>Anyone who believes that a child should not have their freedoms restricted or monitored obviously doesn’t have any children.</I>

    Anyone who can’t fathom the notion of trusting their children will never create an adult.

  26. Anonymous says:

    An important part that was not talked about at all in the post above, is what the experience is for the user that has Parental Controls applied to them.

    First, I’ll point out that on Windows Vista, if you are an administrator on the machine, Parental Controls cannot be applied to your account. The entire feature set is premised on the assumption that if you are an administrator of a computer in a home environment, then you have the right to decide who can use that computer and how.

    It is also important to note that none of this is on by default. An administrator has to choose to turn it on and use it.

    So that said, by default, we will be providing an active notification to users who get Parental Controls applied to their accounts. And additionally,  users will always be able to go and see what restrictions or logging have been applied to their own account by going to the control panel. Parental Controls applied to an account on Vista will -never- be secret.

    As to the questions from Adam and Will about how the web filter is being implemented. Will surmised correctly, it is being done as an LSP. Unfortunatly, in the first version we will not be applying restrictions to HTTPS, but this is something we intend to enhance the feature with in the next revision.

    Thanks,

    -Brian Trenbeath

    Program Manager

    Windows Vista

  27. Anonymous says:

    Wayne: Sorry, but have to disagree. Putting this in the OS, in the network stack, is a horrible idea, and for a couple of related reasons.

    The first reason is that to make this work with any web browser, the OS has to start looking at the contents of all the network packets it passes, try to figure out what application-level protocol they belong to (http, ftp, IM (about a million variants), bittorrent, etc…), decode that info to figure out what’s being done (e.g. getting a web page in the case of http), see if that matches a list of not allowed things that can be done with that protocol, and then do something to the network connection to tell the application reading to it what’s happened (although just killing the connection is an option).

    Partly, adding all that overhead to the networking layer just makes my programming hairs rise on end by instinct.

    Mainly, I don’t like having the OS look at all that data too carefully as it goes against a pretty basic principles of the internet – that the intelligence should be in the applications at the ends of a connection (i.e. in the web server and web browser) – and everything in between should be as dumb as possible. Partly because it makes things simpler and more extensible, and partly because it’s the ends of the connection that know about what they’re dealing with.

    The web browser knows it’s getting a web page, no matter what server the page is on, no matter if the URL was specified with an IP address instead of a DNS name, no matter what port the server is running on, no matter if the page is encrypted. Putting the blocking in the browser, instead of the OS, makes things simpler and easier to verify as correct.

    Which brings me to my second point that, as John mentioned, this feature is only a great option *if it works as designed*

    Putting this in the OS, instead of the browser, makes it hard to be sure that it works as designed. The OS can’t figure out what’s going on over an HTTPS session. Does this work over HTTP session that go over ports other than 80? Does this work if an image is specified with an FTP source? SCP? RSYNC? TFTP?

    You might say that the browser doesn’t support some of those protocols, but if this is supposed to work with ANY browser, it NEEDS to.

    The only way to be sure about this, to have it work as designed, is for the browser to block things. That way, as protocols and features are added, only the browser needs to know about how to block them, and you don’t need to keep the browser and OS networking stack in lockstep, doing twice as much work, and leaving twice as many holes.

    If that means that you have to lock down Firefox so your kids can’t use it, well, that’s unlucky for them. But I don’t think you can’t be sure that they’re safe from pr0n unless you do. It just doesn’t work that way.

  28. Anonymous says:

    >>In my mind, denying access to sex education skirts pretty close to child abuse.

    What!?  Chid abuse!?  You’re not serious are you.  It isn’t anywhere near child abuse.  Some parent actually believe that it is their duty as parents to be involved in their childs life and to tell them aboust sex rather than having some website or teacher that doesn’t hold to their values tell them about it.  Parents have obviously had sex and they are quite capable of explaining how it works.  Those who don’t are just uncomfortable cowards.  Parents should be parent and do their job.  I totally think this feature is awesome.  If my kid was taking drugs or somking pot or something like that I would want to know.  Parents have the right to know because quite frankly they are generally wiser and smarter than their kids.  In the same way if my kid is doing illegal stuff online, or surfing sites that I find questionalable I have a right to know.  It is my child, he is under my care and if I don’t monitor him … that is child abuse.

  29. Anonymous says:

    @Fred Clown, well said!

  30. Anonymous says:

    I’m having problems sympathizing with the folks here who think this is a horrible idea.  Software doesn’t turn *bad parents* into good parents or vice versa.  Microsoft doesn’t need to come out with Windows Minor Smackdown 1.0 for child abuse to exist in the world, for instance.  Bad parents could abuse this feature of Vista to censor information from their children…but I suspect that it’ll more likely be considered a catch-all safety net by the same kind of absentee parents that currently consider the television to be an acceptable babysitter.

    I have two small children, both under the age of 5.  Their exposure to computers has been very limited so far, but when the time comes when they can use a computer without my direct help, you can be sure that *I* will still be closely monitoring what they do.  I may make use of a feature like this, but more likely I’ll be doing it the old-fashioned way: asking questions, observing, and prohibiting access when I’m not around or asleep.  As Chris said above, anybody who believes that children should not be so restricted or monitored likely does NOT have children anyway.

  31. Anonymous says:

    The explanation of time limits only says "when".

    Is it also possible to also/just limit the total time?

    If so, will that also work for administrator accounts?



    Looking at the blocked contents in the post: isn’t favicon.ico only used for links in the favorites folder?

  32. Anonymous says:

    Obviously the people that do not have children or pedophiles are disappointed that someone is actually working on a solution to the predators lurking online.

    The stuff people are claiming will be blocked for example ‘Sex Education’? websites must be joking.

    It is better you give the power to sort and block this stuff at the user end instead of some agency like the FTC policing content on the other end like on Television and Radio.

    This is just another tool that a parent can use to supervise their children its better than the tools China uses to supervise its citizens.

  33. ieblog says:

    Adam,

    I actually worked on the MSN version of Parental Controls (as did Bruce Morgan who comments here occasionally).

    The problem with *not* putting the blocks in the network stack is that all the child has to do is, say, install Firefox and suddenly they can go wherever they want and no one will ever know. It completely defeats the purpose of Parental Controls unless it monitors network access on the system as a whole, not just in a single application. There is no point to a system that can be bypassed by someone putting a CD with Firefox or Opera or (insert browser here) and then being able to ignore it.

    Some parents don’t want or care about Parental Controls but a lot of them do. I have a nearly ten year old daughter. She’s not getting unsupervised access to the Internet without some system like this in place. The world is full of too many things that a nine year old child shouldn’t be exposed to yet and also too many predators.

    – Al Billings [MSFT]

  34. Anonymous says:

    So, the parental controls block stuff in the network stack for all apps, but allow kids to install random applications off the internet or CD?

    If the kids can download and install their own applications, they can just install a p2p file-sharing app with built-in encryption, and start downloading anything they want without the network stack being able to do a damn thing!

    I’d have thought one of the first things to do for a child’s account would be to disallow program installation, and to set a local whitelist of programs they *are* allowed to use.

    If that’s in place, you can safely put the parental control intelligence into the networked applications, where it really needs to be, and allow them to safely browse, chat, etc…

    One thing that I imagine would be hard to do in the networking code would be to make a safe, locked-down IM client that would only display messages from known good other users. Put the kids friend’s screen names on a whitelist – no more worrying about them arranging to meet strangers via IM.

    Ditto email. Only allow mail from a whitelist. No need to worry about pr0n spam.

    IMO, for parental controls to work, it really needs to be in each client app, where the app is in a position to make sense of the data it’s getting, and to provide sane, per-application locking and blocking. How could you implement either of the above suggestions effectively in the network stack?

    It just doesn’t scale, and feels to me more like a marketing gimmick than an actual solution.

  35. ieblog says:

    Adam,

    The parental controls can be applied to non-admin users. Most parents will set their child up as a limited user and tney won’t necessarily habe the ability to install applications. That is up to the parent though.

    As to this needing to be in the application, it is a wide world and many people write apps. I don’t think it is reasonable to expect every app to have to be parental controls aware in order for parental controls to work. This kind of tool belongs at the OS level where it can control the network stack.

    – Al Billings [MSFT]

  36. Anonymous says:

    Well, I don’t think it’s reasonable to expect the OS to understand every application protocol on the internet (including protocols not yet written), particularly if that protocol is strongly encrypted (which it might be), which is what’s needed if OS/network-stack level parental-controls are going to give parents the control that they’ll think they’re getting.

    I just don’t see how this can work much beyond the web browser. How does it protect against pr0n images embedded in multipart emails? Hell, the screenshot above lists the restrictions as "Web restrictions", not "Internet restrictions". While it’s limited to the web, why not put it in the browser? It would at least give you a selling point for IE.

    *shrugs*

    Although, I am now interested how the network stack protects against the image-in-multipart-email scenario as mentioned above. Does it just strip out all images in emails not from senders in a whitelist? Block emails containing images not from senders in a whitelist?

  37. Anonymous says:

    "The stuff people are claiming will be blocked for example ‘Sex Education’? websites must be joking."

    From what I have seen, ‘Sex Education’ *is* a specific category in Vista.

    I disagree with parents who would use their parental controls to block items such as pornography or drugs (counter-productive) but I’m *not* arguing with their inclusion in the product. My argument is specifically against the inclusion of Sex Education as a blockable category. And I repeat, I believe this is a form of abuse from the ‘parents’ who would use this power. The same with those in the UK who use their power to ‘withdraw’ their children from sex education classes in schools. They are performing a very damaging act that endangers their child’s welfare in a very clear and specific way which I personally would not tolerate.

  38. Anonymous says:

    As a parent, I do like the sound of some of this.

    However, there are only 2 things I want, and I’m not sure if either are fully addressed above.

    1.) Web Blocking

    2.) Email Blocking

    Now, with both of the above, I would like to filter out, anything that contains porn, explicit language, etc. (my kids are all under 10)

    If I have to scour the Internet, to find every last dirty website, I will give up… it won’t work.  Will there be a non-MS site, that maintains a list of porn sites? that I can use, update, etc.?

    Or will there be smart filtering, such that any attempt to "find" such content is blocked?

    On the second item, I would love (ISP’s listen up), the ability to place a block on a specific account, for porn, viagra, diets, MLM, etc. in emails.

    E.g. I personally, want to be very careful in what I filter, in case a good email, gets accidentally lost… however on my kids accounts, I would like a "if it looks like garbage, delete it" option.  My 5yr old does not need to see the garbage that ends up in my account.

    I don’t want to spy on my kids mail, but at the same time, I can’t currently trust anything that gets sent there.

    thany kou

  39. Anonymous says:

    How about this simple analogy: the Internet is a digital metropolis, with all the busy-ness and variety you’d find in a major city. It has its stodgy business district, its churches and community organizations, its haunts and hang-outs, and its red-light district.

    As a parent, is it abusive to prevent your child from wandering this metropolis alone? To the contrary, in most major American cities, you would likely have your child removed from your custody for endangerment if you pushed him out the door for an independent excursion. Obviously, the older the child, a greater latitude of freedom may be warranted. But especially for a younger child, no responsible parent would permit such unmonitored liberty. To argue otherwise is simply moronic.

    One can argue whether the nature of particular parental controls makes sense, at what age they might be more or less useful, etc. However, I am hard-pressed to conjure up a sensible argument that it is bad for Windows Vista to include parental controls that are optionally applied by an administrator. Whether and how I would ultimately choose to implement these controls is entirely within my control, allowing me to better able protect my children from potential harm – and my PC from my children. Notionally, this is an excellent feature, and badly needed. I say, good show, and thanks for the preview.

  40. Anonymous says:

    It is fairly simple to sell the feature when is labeled "Parental Control". My concern is that this feature is not only available for parents. I’m a 30 years old man, and I’m certain that my parents will not be monitoring my internet activity. How ever, I have a wife who does not understand much about OS configuration. What’s going to stop me from monitoring all of her internet activity without her knowing? Is that morally acceptable? If I walked into a library and use the computer, do I want the library admin to see everything that I was doing?

    I just hope that this feature is clearly displayed when activated. I would want to see a red flashing message saying that I’m being monitored.

    I would like to be able to set some restrictions, but I just don’t think that spying on my kids is morally acceptable.

    It actually feels that I’m hiring a detective to follow my kid around town. It just does not sound right.

  41. Anonymous says:

    +1 to what Techno Guy said.  I have 2 daughters ages 10 and 6.  As someone who works in the software industry I have encourged them to be computer literate and they both use the Internet on a regular basis.  That said, there is no way in the world that I would want them accessing the Internet unsupervised.  

    Will I upgrade to Vista?  Will I use these features?  That will all depend on how they work and how many options they provide.  However, I simply cannot fathom the notion that I should not be monitoring (in some way) my children’s access to the Internet.

  42. Anonymous says:

    "Activity reports" is an unacceptable feature.

    It will become the employers’ favourite feature to spy their workers.

  43. Anonymous says:

    Will parental control (and activity reports) be available in Vista Business-versions or is it just for Vista Home-versions?

  44. Anonymous says:

    The parental controls features are not going to be in business SKU’s (except ultimate, which is a combined Home/Business SKU), nor server SKU’s. They will be in starter edition, and all home SKU’s, including Ultimate.

    -Brian Trenbeath

  45. Anonymous says:

    >>It will become the employers’ favourite feature to spy their workers.

    Dude what world are you in?  Employers can already do that.  I work in an IT department.  All I have to do is take a look at the firewall logs.

  46. Anonymous says:

    Hey guys,

    Loving the IE7 beta so far, but I’ve got a few suggestions and I have no idea where to send them:-

    1) Enable drag & drop re-arranging of tabs.

    2) Enable drag & drop moving tabs from one instance of IE7 to another, this would be a god-send in a multi-monitor setup.

  47. Anonymous says:

    You cannot believe how happy I am to see this implemented in Vista and/or IE7.

    Only someone that don’t have kids will not appreciate this!

    One of the best things is the time control: my router don’t give me much flexibility on this area, and it really is a good idea.

    Keep up the good work, guys!

  48. Anonymous says:

    DAX: you say "I just don’t think that spying on my kids is morally acceptable."

    Well, you have a choice: DON’T!  😉 (duh…)

  49. __hAl__ says:

    I can see this as a tool for people to spy on their relatives. There wil be a lot of administrators setting parental control logging on their partners !!

  50. Anonymous says:

    The fact remains that turning it on or not is optional. If you don’t want to spy on your kids, leave it off. If you do, turn it on.

    However, remember this:

    Absolute power corrupts absolutely.

    If you have the power to do something then you’ll probably do it anyway.

  51. Anonymous says:

    Will >> Architecturally, I bet this is implemented as a Winsock Layered Service provider (or the Vista equivalent, using new interfaces also used by the firewall).

    Brian >> Will surmised correctly, it is being done as an LSP.

    Could anyone answer whether or not reinstalling tcp/ip stack, winsock, ect will also reimplement the previous created white/black lists? Because if I had to rebuild these custom lists everytime I need to do a fix I’d be rather annoyed.

    Will these controls also allow blocking of TLD, IP, or even web hosts? This would be useful to block unscrupulous material and if applicable as an email filtering.

  52. Anonymous says:

    I’d expect the negative comments come from 1 of three sources honestly.

    1) A child that knows he’s going to get the smackdown soon as vista hits.

    2) A predator that isn’t looking forward to not having easy cruising of all the children.

    3) Someone who just wants to argue it to troll the comments.

    Personally, I’m looking forward to not only using it on my child, but also on myself. Can you say "block tribalfusion.com and all the other major ad hosts"? Imagine the total drop in ad spammed pages to view. Sadly, my router only allows for a limited number of domains to block so I still get the occasional ad.

  53. __hAl__ says:

    I think that when you login it should state that parental controls are active on you account.

    This feature is likely to be used not just with kids but with all family members and/or even employees or co-workers.

    It should not be a hidden feature when it is turned on.

  54. Anonymous says:

    To those who say this is a bad idea, you’re probably running the CTP or other revisions of Vista/Longhorn without proper licensing and are either a) not old enough to view content in question or b) of the type that will MS for no other reason than to make them out to be a big bad evil coporation.

    I think this is a fantastic idea, and having said that I’m glad to see this is not mandatory, nor should it ever be.  This is an important tool for parents/gaurdians.  How many of us have had our computers messed right up because of someone visiting those ”free” porn sites?  This is both for protecting your children from inappropriate websites, and protecting your computer from the damage that can come along with it.

  55. Anonymous says:

    i dont know if it’s been said before.. but when it comes to computers, since when do parents know best?  School admins are suspending children for simply visiting myspace.com.. because they hear it as a keyword in a negative context lately they freak out about it

  56. Anonymous says:

    Excellent to see this new Windows capability! Used right, it will definitely be helpful for children.

    Regarding access to myspace.com … that’s a wild place. While many pages are harmless, many others are completely undesirable for children (and adults).

  57. Anonymous says:

    I agree with Rantage’s wise comments about still using questioning etc with children to monitor their use.  The best protection you can offer your children is to maintain an open relationship with them which fosters trust – their trust in you to allow them freedom to grow and express themselves, and your trust in them that they will be responsible and come to you should something upset them or freak them out.  

    The internet can be accessed on more than just a computer running windows (e.g. PSP, Linux live disk, a Mac(you know, one of those computers where nothing bad ever happens…), a computer at a friends house or net cafe (when was the last time you went into a net cafe and saw the owner monitoring childrens’ use?). The only way you are going to know what your kids are up to is by talking to them.  Come down too hard, and you’ll lose their trust, and they’ll tell you nothing.

    However, Good on MS for developing these controls which parents will be able to choose to use.  Just because your swimming pool is next to the ocean, doesn’t mean it shouldn’t be fenced.

  58. Anonymous says:

    If we use the phone as an analogy, I would agree that you would want to set restrictions on the places that your kids call. That does not necessarily mean that you should have the option ease drop or record all of their conversations. That just does not sound right!!!. I know I have the option of not doing it, but I still have the right to express my discomfort if a phone company starts offering this service to all of their customers, and just make it very easy for them to enable it. I would personally be concerned that my conversations are being recorded as well.

    It is always good to set some restriction for your children, and I think that the added feature of blocking some sites is a good idea. How ever I’m really opposed to the monitoring and logging features.

  59. Anonymous says:

    "stoop so low"

    buddy, when i have kids I will stoop so low as to randomly pick a day when my kid sits in the corner and watches me take apart every inch of MY bedroom in MY house that I let let my kids live in. And for every thing I find, whether it be dirty socks under the bed or a cigarette taped under the bookshelf, they will be punished accordingly. The same goes for my computer. Children have the right to be in good health and protected from harm. Nothing more. If they can’t have fun in plain view, they can’t in private.

  60. Anonymous says:

    "That does not necessarily mean that you should have the option ease drop or record all of their conversations."

    hypotheticaly speaking

    If you accidentally picked up the phone and heard your 14-year old and 3 or 4 friends discussing how sexually active they were, you’d probably change your mind.

    I’m sure the government would love to use a similar arguement regarding terrorists but they can’t and shouldn’t. Parents can, and should.

  61. Anonymous says:

    ""The only way to be sure about this, to have it work as designed, is for the browser to block things.""

    If it were browser level it wouldn’t work for me.

    I have NO INTENTION of ever running IE when I get vista. Sorry IE team, I have NO TRUST IN YOU. But I still want these parental controlls to work for me in alternative browsers.

  62. Anonymous says:

    Wow – so much negativity. These tools will help any responsible parent to protect their children. However I agree that they will only form part of the overall package, at the end of the day we as parents cannot rely just on PC based tools we have a duty to educate our children to the rsiks and encourage an openness with children that encourages them to inform us of any possible issues that Internet access presents.

    I for one applaud MS in making these tools part of the OS – at last! I look forward to testing them out and hopefully replacing the commercial tools that we currently use and cause problems with IE.

  63. Anonymous says:

    Good job. There are some real idiots on this blog. I like the new tools and agree with it. Keep up the good work guys

  64. Anonymous says:

    Nice new stuff! If it work correctly I will use it! I don’t have children, but I want to stay way from that web sites (porn, sex, …). And If I ever have children you can be sure I will want to know what are they doing, logs seems good idea for me. If parent’s are responsible for their children, then they must know what are they doing (in computer or outside of it…)! Remember, by protecting your children you are also protecting others from your children! After all, your children can be the "bad guy"… and you need to know, in order to take future steps to make them good persons. As this is an option feature, and if users are warned of the account restrictions, every one should be happy.

  65. Anonymous says:

    Ok, after a month and a half working with Windows Vista I think here are my first impressions about this

  66. Anonymous says:

    Smart SurveillanceNotes on Vista forensics Family Safety on Windows VistaReverse engineering with a VMRestoring the Vista Telnet ClientTracking users with Basic AuthSocial Engineering NotesAnti-debugger techniques are overratedWindows: protecting your