Iggy codes

Security - Starting now!

March 11, 2021

I recently became a dad, but even before the baby was born I started questionning everything. Is this a safe? How I am suppose to protect the baby from any harm?

Sure… It might be too early (and yes it is) but I started investing time to see and check security options from the small plastics to put into any plugs to how to prevent the baby from going to an undesired website by randomly touching the phone screen.

Yes… I know! I know that it’s too early to set some timers on the apps or cut the internet and such, but time goes by so fast!!! Based on my research there is absolutely nothing on the smartphone world to prevent from going to undesired websites. Even when you are on your 3g, 4g or 5g!!!!!

So early this year (yes in January), I asked myself, as a frontend dev what could I do to prevent that? So I though “Ok, maybe I could create a website (1 page) that is always present and you can only use it to introduce the urls you want to visit”. After setting some rules and having some checks in place, it worked (not very hard to do) but I found another problem. If the user types something in the URL bar, it will go there no matter what. (It’s not hard to check).

So the website that check some rules or urls against before doing a window.location.href=[URL] wasn’t enought…

Maybe I could do a small free node server that intercepts the traffic check those rules and and accepts or refuses the page. Wow that is… that is… wait… that is PROXY!

Yes… But I have found any good customizable proxies, so I decided to implement one. I present to you…(fanfare trumpets…) “Island”, the custom proxy (still on the works). I want to be able to connect to that proxy and have custom rules set up, without have to implement too much stuff in between.

Node provide you with express to create you server really quick and by using some middleware you can modify the behavior of the requests and responses the server needs to send.

There will be a page on the ‘island’ server that will use some authentication (for parents) to be able to modify/add/delete the custom rules. I don’t think a database is required and potentially a simple blacklist is fine. (This is my approach, but I want to implement this with some regex so it’s more flexibe). Once the file is saved (POST on the server) then the server should restarts itself, and provide that level of security your are looking for.

The problem I am having now (beside the fact that the baby takes heaps of time) is that my little proxy server is not working… When I tell the browser to use my locally developed proxy (by adding this one manually) the typical answer is “NOPE. You don’t have access to the Internet”. Maybe is it because it is in local? Or is it the wrong port? I mean… the port should not matter as you are able to tell the browser which one to use.

I am still scratching my head around this. If you have any thought please let me know.

What will be next would be setting some custom timers for each website or for the use of the internet/phone browser. I don’t want to log stuff. I don’t think we need to know exactly all the things the people are doing with this.

One thing though that I am thinking is that nothing prevents a proxy to talk to another proxy and get a iframe of the current undesired URL. Maybe there is something we can do/check in the request headers…

So yeah… Island is currently being developed on my machine, from some early sketches that I draw about the communications. I will make a proper design at some point in Miro or Slides.

In another note… I am thinking about getting some VPN stuff (and also start using either duckduckgo or startpage as my main search engines on maybe firefox or another mobile web browser) I thought about protonVPN as I got a free protonMail account to test stuff. Man… it feels great to be detached from the big G. If you have any experience with it or another suggestion I am happy to hear about it.

Until next time, stay safe and be blessed!

Iggy Pops - Ignacio Garcia Villanueva

Written by Iggy Pops - Ignacio Garcia Villanueva , a javascript journeyman rocking his way to the top of the JS world. You should follow him on Twitter... he is good!