My children recently started school. I wanted a way for them to be ableto chat with their friends, get help with homework, and generally have funon the Internet without exposing them to the world at large. So, I did whatany extremely geeky dad would do: I built a secured instant messaging (IM)server for their school.
I could have set my children up with any number of accounts on thenormal, commercial services. However, I decided to create my own forseveral reasons.
First, I wanted this to be fun for the kids. The network effectimplies that the more kids use a system, the more useful and fun it will befor each of them. Choosing one standard system for students makes it muchmore likely to get all of them to use it.
Second, I wanted local control of the system. Technical problems can befixed without waiting for someone else to get around to fixing them. Moreimportantly, administrative problems (such as disabling troublesomeaccounts) can be addressed quickly without hoping for a third-party providerto act.
Finally, and most of all, I wanted these children to have a safe place toplay. Having a local server means that the only people using it arechildren and parents who see each other every day in real life. Each andevery account is personally vetted, and it's simply not possible for outsideusers to access the network or for the children to send messages outsideit.
Technical Considerations
Now, for the technical explanations. I decided to run the service on itsown machine so that it wouldn't be vulnerable to an attacker who compromiseda different service on the same system. Because I'm cheap and already had amulti-purpose FreeBSD host up and running, I actually used a virtualserver running on that host.
The Jabber protocal is the obviouschoice for building IM networks. Its an industry standard that is wellsupported by a wide range of client and server applications. Although thereare several excellent Jabber servers available, I used ejabberd, a Free, easy to use, secure,and featureful system that jabber.orgthemselves use for their own server.
ejabberd's installation and configuration is relatively easy, given thecomplexity inherent in the task at hand, but this has been covered elsewherebetter than I could hope to. Instead, here are the changes made to my livesystem to secure it.
I disabled registration so that all accounts have to be manually added byme or another administrator:
{access, register, [{deny, all}]}.Next, I disabled incoming requests ("server to server", or "s2s") fromother systems:
%{5269, ejabberd_s2s_in, [{shaper, s2s_shaper},
% {max_stanza_size, 131072}
% ]},Then, I generated a locally-signed SSL certificate so that messagesbetween the server and its clients can be encrypted. I thought that thiswas an important step, since it prevents would-be attackers from readingthose messages to view password, read conversations, or insert their ownmessages into the system:
{5223, ejabberd_c2s, [{access, c2s},
{max_stanza_size, 65536},
tls, {certfile,
"/usr/local/etc/ejabberd/chatserver.example.com.pem"}]},Finally, I enabled the "shared roster" module so that every childautomatically sees every other child in his roster, or "buddy list":
{mod_shared_roster, []},Administrative Issues
For legal and administrative purposes, I require all parents to sign a permissionslip (generated from a LyXdocument before I will create an account for their children. The gistof the slip is that this is an unpaid, volunteer effort and I don't want tobe sued if they're not happy with it.
After much agonizing, I decided not to install or configure anyconversation logging methods. On one side, it would be nice to have anactual log of events in case of problems or complaints. However, Ieventually concluded that I'd rather not have the responsibility ofmaintaining accurate records, or the obligation to actively watch the logsfor issues as they develop.
Along those lines, I've made no attempt whatsoever to censor content inany way, including automated filtering or alerting. Again, I don't want toraise the expectation that I should be doing a good and thorough job of it.This is meant to be a fun project, and I don't want to allow it to become achore.
Conclusion
I wanted to build a safe, fun, easily controlled system for my childrento use with their friends. Jabber, and the ejabberd server in particular,let me build a Free system that met these goals. Combining the technicalsolution with a few simple administrative decisions resulted in a platformthat they should be able to enjoy for years to come.
Comments
clients?
Sounds like a nice project!
What client-application do you recommend the children to use?
Psi
I suggest Psi. We've used that as the primary client for my office's Jabber server for over two years now without any support issues whatsoever. There are other nice clients (I use Kopete on my Unix desktops), but Psi is the only one I can personally vouch for on a wide scale.
Client
For schools, you would like to consider Coccinella. It's free cross-platform Jabber-client written in Tcl/Tk. It's quite good to. Better XMPP functionallity than Gaim. More like Psi, which I would guess is a bit to geeky for ordinary schools.
It also have features like white bord and to play games. And with a geeky dad that can add some more modules, who knows what can be done ;-)
Have a look at Coccinella's homepage for more information.
How does the support work?
Interesting project and it's a great use of free software. How does the support work? I know you have the permision slip/waiver, but do they have your phone number for 24x7 on-call help? :-) (I know, I know, it's a school. Business day only. Still!)
I like the decisions you made and agree with them, especially using SSL. Kids can be pretty cruel and I can imagine what would happen if some bright (but cruel) kid figured out how to eavesdrop on conversations.
For the logging, did you consider also that the students might be concerned about eavesdropping if the conversations were logged? I thought of this when I read that part, but as I think further it occurs to me that at my job I assume there is logging of IM but it doesn't really inhibit what I type. I'm guessing kids would be even less concerned. Finally, I wonder if there are legalities involved -- any laws or regulations that say you *have* to log conversations? (If not now I wouldn't be surprised to see them in the future.)
----
http://www.movingtofreedom.org/
Now playing: Ralph Waldo Emerson
This is a good idea.
This is a good idea. Especially now that I am soon going to be a dad. I appreciate this idea more. I beleive when the time comes that my child goes to school, I'll be attempting to do the same. And be sure to find me asking a whole of of questions here when I do!
You should get the father of
You should get the father of the year award. You really deserve it. I never considered protecting my kids from accessing the internet. I really should have done so earlier. Now they're almost teenagers and they already know the internet and it's uses better than I do.
Eddie Petosa