The trap with Apple Family Sharing in iOS 8 and the limits to Restrictions

1 11 2014

I wanted to do the right thing and have my 9 year old setup an Apple account on his iPod touch with the appropriate controls. iOS 8 appeared to make it possible for under 13 year olds to have accounts setup under their own name and be part of a family group. This seemed like what I wanted. However, what I ended up finding out is that Family Sharing is a bit of a trap which ends up with either a very tedious system of approvals or a situation where you take on a risk that your children will utilise your credit card more than you might have intended. In the end I found the system totally unworkable and something of a trap for locking in your credit card details. To some extent Apple make no secret of this. However, I have found it difficult to find any clear explanations of how you might best setup a valid Apple account for your under 13 year old child. The answer appears to be that you can’t unless you are either willing to take the risk with your credit card or venture into a very annoying system of approvals.
Here’s the issue explained. To setup a legitimate Apple account for an under 13 year you must do this utilising family sharing and as such the under 13 year old must be part of your family. To enable family sharing you must enter a valid credit card, and so long as you have family sharing running you cannot remove your credit card (ie there are some changes you can make but you can’t put in a pre-paid credit nor will an iTunes pre-paid card cut it). Once you setup family sharing you can add family members. The family members can now all make purchases on your credit card. There are two potential ways to limit this which are both a tad frustrating and (in my opinion) limited. The first is you can setup “Ask To Buy” for family members. The “Ask To Buy” is very frustrating and tedious and applies to every app (etc.) which your child might want to install – regardless of whether it is free or not. It works like this – 1) your child selects an app and enters their password to install – they then receive a message indicating that they will have to wait for approval, 2) the adult receives a message on their iOS 8 device (and too bad if they don’t have such a device – as they’ll never receive the message) to approve the installation of the app their child has selected, 3) the adult needs to approve the new app and type their own Apple Account password in on their own device, 4) the child having had the app approved needs to now type in their own Apple password again to install the app. Hence if the aim was to control apps your children might be accessing (which was my main aim) this is created a system which is somewhat more tedious than the child using their parents account and shoving the device in front of you for a password and approval.
Anyway there was another way potentially to control apps you child might install and that was to set restrictions on the actual device the child uses. This can be setup by enabling restrictions on the device and setting a 4 digit passcode to protect these settings on the device. This also creates a tedious solution in that now your child potentially can’t even attempt to install any apps without you removing the restriction.
In the end I really wanted to just turn family sharing off, limit any access to my credit card and have my child create a fake account under their own name with an adjusted birthdate. Unfortunately turning off family sharing is not that easy as it’s not possible to delete your children and turn off family sharing. You can transfer your children but that requires another adult Apple ID to transfer the child account to – if you don’t have such an account – you are out of luck and you are stuck with family sharing – which as mentioned must have a valid credit card entered. It’s a pity Apple couldn’t setup “Ask To Buy” to have granular settings to apply only to apps etc. that actually cost money. It’s a pity Apple couldn’t work out a better approval process for people who people who are not in the Apple ecosystem (with multiple Apple iOS 8 devices) – why couldn’t Apple allow approval from a website or via an email link. Anyway in the end for my family – family sharing is just not workable – being either too tedious or involving too much risk to my credit card.





Windows RT and 8 –security when using the Mail App and Exchange

27 01 2013

As a technology coordinator within a school I’ve worked through a number of issues in connecting to the school’s exchange email server via Windows RT and Windows 8.  The concerns I’ve had and wanted to explore are somewhat peculiar to a school environment although may exist elsewhere.

The concerns were based around when a user accesses email via Windows RT or Windows 8 using the Mail App some of the security settings are imported from the domain where the exchange server is based and forced upon any computer wanting to access email from the particular site.  In some ways this is not as significant an issue with Windows 8 as it is with Windows RT as Windows 8 allows users to access other email applications such as Windows Live Mail, Outlook and potentially a range of other email programs.  However, with Windows RT if you want to connect to an exchange server the only App available is the Mail App.

My initial concern with security settings connected to the Mail App was on my Windows RT Surface tablet. When I connected to our school’s email server there was no choice but to enforce the policies from the exchange server as per the following.

image

In my mind there are a number of issues with this. One issue is that the user is provided no details as to what policies will be enforced and what impact they will have. Further given my RT Surface is my own device I didn’t really want to have school exchange security settings applied. However, that aside the biggest issue I had after I accepted these policies was that my Windows RT Surface would lock and require a password after a period of inactivity.

It’s highly annoying to have to constantly re-enter passwords on tablet devices and everything I read suggested this setting could not be removed without first disconnecting the Mail App from the exchange mail server. When I tried to remove the settings under User within PC Settings the option of “Never require a password” was not allowed.

image

Perhaps strangely, I found this setting could actually be adjusted without disconnecting the Mail App from the exchange server. This involved first choosing to “Reset Security Policies” from with User Accounts in the Control Panel as indicated in the following image.

image

To be clear the account I use to logon to my RT Surface is a “live” account and the security policies had come from the exchange server from my school.  Resetting the Policies in this instance meant I could go back into the User settings in PC Settings and subsequently set the settings to be “Never require a password”.  This subsequently solved my issue of having to constantly having to re-enter my password when the tablet locked as a result of a period of inactivity.

It wasn’t clear what other security settings were still applying to my tablet as a result of joining the Mail App to the school’s exchange server.  However, what ever settings may have been in place didn’t appear to be having a negative impact on my use of my RT Surface.

What did concern me, was that in my role of coordinating technology within our school, I had a number of conversations with the school’s systems administrator as to how this might impact students who also tried to connect to the exchange email server with similar devices.

As a result of these conversations I came to understand that these security settings were connected to the ability to be able to remotely control and wipe devices such as tablets and phones.  This caused me some concern because while I wanted students to connect to our exchange server to support email communication I didn’t want to be in a position where the school’s staff might be accused of wiping student devices.

I subsequently did some further investigations about this and found a number of links which provided some details about what might occur.  The following are a few of these links.

http://blog.exchangegeek.com/2012/06/windows-8-mail-app-exchange-activesync.html

http://blogs.technet.com/b/exchange/archive/2012/11/26/supporting-windows-8-mail-in-your-organization.aspx

Beyond this I wasn’t overly concerned until I upgraded my home desktop to Windows 8.  The Mail App in Windows 8 then synched automatically with my Windows RT Surface Mail App.  Both devices used the same live account to logon with.  There was no fine grained synching control where I could simply stop the Mail App synching – nor do I recall there being a way I could remove the Mail App from my Windows 8 computer.  While I didn’t have to open the Mail App and access the school email via this App on my Windows 8 computer  it looked a bit ugly to have a partly broken App sitting there in Windows 8. However, I put my school coordinator hat on and thought that any students in a similar situation would may want to access the school email on all the devices they have and was interested to know the result of doing so.

While there were a number of questions I really couldn’t answer without having access to administer the exchange server I was interested in what a user (i.e. a student) could do. I subsequently performed a test on the ability to remotely wipe my RT Surface device from OWA (Outlook Web Access).

To test what wiping would do on my Windows RT Surface I connected the Mail App to the school’s exchange server and then via OWA, Options, Mobile Devices I selected the device and chose to “Wipe All Data from Device” as per the following image. 

image

The result was largely as expected, following some research on the topic.  Initially nothing happened to my Surface and it appeared I could read existing school email via the Mail App.  After about 5 minutes of waiting with nothing happening I attempted to send an email via the Mail App using the school email system. More or less as soon as I hit send the wipe occurred.

The Mail App connection to the school email server was removed with the school email account disappeared from the Mail App.  In addition I received the following email confirmation.

image

The wipe fortunately didn’t wipe the entire Surface Tablet as some documentation indicates but rather just removed the school email account from the Mail App as indicated above. 

It was then a relatively simple process of reconnecting the Mail App to the school email system by first “Removing Device from List” in OWA and then repeating the process of connecting to the school email via the Mail App on the Surface.

In Summary given the significance of accessing email from Tablet type devices there appears to be a dearth of clear technical and user documentation on how everything works.  I take this to be part of the unfinished software feel of the surface tablet.

As a footnote I read with interest from http://winsupersite.com/windows-rt/microsoft-prepping-outlook-2013-windows-rt that Microsoft may release Outlook for RT.  Given the issues with the Mail App it would be interesting to see how that operates.





Synchronizing Favourites and Bookmarks

28 10 2012

In preparing to move from Windows 7 to Windows 8 and to sort out my bookmarks from a range of systems I looked for the best way to manage these bookmarks. 

Firstly I wanted to export bookmarks from an iPad. The way I did this was to download iCloud Control Panel onto my Windows 7 computer.  Using this and following instructions from the http://www.solveyourtech.com/how-to-export-ipad-safari-bookmarks/ I was able to Sync bookmarks from IE on my PC to Safari on my iPad.

I subsequently used both 1) Google Chrome in conjunction with a google account to sync bookmarks between various installations of Google Chrome – including one on an iPad, and 2) xmarks (www.xmarks.com) to synch between Google Chrome and IE.

I had not previously used xmarks but found it excellent and given that I’m not aware of any standard way to Synch IE favourites from (pre windows 8 version of) Windows computers – xmarks was also able to do this as well.  Another great feature of xmarks is that it keeps a history of favourites – so when you accidentally remove all your favourites it provides backed up versions of them.

Going forward I am likely to have Windows RT and Windows 8 devices.  Windows 8 and RT will sync favourites between the devices using Microsoft’s cloud services.  However, these don’t currently Sync with older version of Windows/Browsers nor other operating systems/browsers.  In addition xmarks does not currently run on Windows 8. Hence going forward I’m likely to want to synch everything first with xmarks, then perhaps also using google sync services, and let Windows 8 and RT use it’s own synch services.  To synch favourites/bookmarks between Windows 8/RT and other systems I may have to use a manual export/import step.   I may also need to use Apple’s iCloud occasionally if I continue to save bookmarks using Safari on an iPad (a habit I am trying to break – with the aim of using Chrome on the iPad in the future).  This is relatively complicated but on the other hand apart from xmarks the other services are pretty much just there anyway. At least in the short term xmarks will prove the glue between the different operating systems and browsers.





DEECD Improving School Governance

30 04 2012

This session was held at the Loddon Mallee Regional Office on Monday 30th of April 2012 from 7.00pm to 9.00pm.  Peter Howlett presented the session.

This was an valuable session reinforcing some known details and providing details I had either not known about or had only a limited understanding of.

Importantly we were provided with a folder containing a number of key documents describing the function of school councils.  The majority of the session focused on what is covered in the induction section of the material. An electronic copy of the induction material can be found here at: http://www.education.vic.gov.au/management/governance/schoolcouncils/default.htm.  This site also contains electronic copies of the Finance, Policy Development and Review, and the Strategic Planning section. 

What are some things I learnt form the presentation

  1. School Councils no longer have AGMs.  Peter made a point of this although the module doesn’t specifically mention this. Peter clarified this is really now “The first meeting of the new council” and as such really just a name change.  Details are covered on page 23 of the Principal’s Guide to School Council Elections 2012.
  2. A Quorum requires not less than one half of school council members currently holding office, with a majority being not Department employees. Members can be present via tele or video conferencing.
  3. It was suggested that school councils should have a code of conduct for councillors and that this be part of the council’s “Standing Orders”.
  4. Subcommittees don’t decide anything.  They only require one council member and their task is to recommend things to the school council.
  5. School council members are not legally liable for anything if acting in good faith.
  6. When making decisions school council should consider the decision in reference to the Strategic Plan and Annual Implementation Plan.
  7. It’s a good idea to have the Strategic and Annual Implementation plan present for council meetings.
  8. Agenda is set by the Principal and President the week before each meeting.
  9. Although not covered in the written Induction document Peter made the point of ensuring that all parents going on an overnight excursion should have a WWC card.  This though is not government policy.
  10. . Don’t accept any excursion not on DEECD’s pro-forma for excursions.
  11. . It was suggested that at the beginning of the year parents be advised of “voluntary accident insurance” options through the newsletter.
  12. . If a school council member is absent for 3 consecutive meetings without special leave then their position becomes vacant.  This should be in the standing orders.
  13. . What an apology is should be in the standing orders.
  14. . Schedule 7 from the “Principals Guide to School Council Elections 2012” shows who’s on school council and I think Peter indicated should be available to council members.

From reading the Induction document I’ve noted the following:

  1. Functions of school council include the regulating and facilitating of after hours use of school premises and grounds.
  2. Council are significantly involved in the development of the strategic plan and the AIP.
  3. Council is responsible for how the school raises income (over and above the funding provided by the government).
  4. The school council is responsible for developing particular policies to reflect the school’s values and support the school’s strategic plan. Day-to-day policies and procedures are managed by the principal and staff.
  5. The principal is an ex-officio of all council sub-committees.
  6. Sub-committees must have at least three members with at least one school council member.
  7. Schools are encouraged to have a finance sub-committee and others as appropriate.
  8. Decisions are always the decision of the whole council.  Decisions are made by voting, ideally by, consensus.
  9. The school council should keep the community informed about its operations by publishing a report following a meeting in the school newsletter and/or on the school website. A person does not have the right of access to the minutes or other documents or records of a school council under the Freedom of Information Act 2000.
  10. .  A school council must call a public meeting at least once each year and report the proceedings of the council since the date of the previous public meeting. The council muse present the annual report to the meeting and, if the school council accounts have been audited, present a copy of the audited accounts.




Discrimination, Harassment and Bullying course and Refresher

6 10 2011

On October the 4th 2011 I completed the Discrimination and Harassment online course.  I was also required to complete the Discrimination, Harassment, Bullying Refresher which I did on October 5th 2011.  I obtained a perfect score in both online tests and the courses were valuable in reminding me of the needs and issues around these subjects.





David Hopkins at Bendigo South East College

9 09 2011

David spoke to all teachers from BSSC 4pm to 6pm at BSE on 7/9/11 and to leading teachers from BSSC at BSSC from 2.30 to 3.30 on Thursday 8/9/11.

In the first part of the meeting on Wednesday 7/9/11 Ron Lake spoke to assembled staff and highlighted challenges for teachers in the Bendigo area. In particular written literacy was an area that was well below where it should be and the uptake of mathematics in later years was poor. With regards to BSSC staff it indicated the likely challenge as being to continue to work on literacy skills across the board with all students and in addition attract more students to complete higher level maths.

David’s message was interesting but not new. He in fact claimed that he was not presenting anything fundamentally ground breaking but rather emphasising known good practices.  With regards to BSSC in particular (on the Thursday) he emphasised that our content was fine, but what we needed to work on was our pedagogy.  He described five areas of teaching which I’ve listed below. In particular I found the description of operating within a students “zone of proximal development” a valuable idea for achieving good outcomes. This idea is discussed in greater depth in his book “Every School a Great School”.  Reference to this can be found at http://www.davidhopkins.co.uk/books.htm.  Some of the pages re this topic can be seen through book previews at Google Books. David also referred to John Hattie’s book “Visible Learning” and it’s a book which on first glance appears to be a valuable summary or synthesis of existing educational research ( a little like Marzano’s “What works in schools”).

1) INTENTIONS, PACE AND NARRATIVE

When teachers set learning intentions, use appropriate pace, and have a clear and strong narrative about their teaching, then students are more secure about their learning, and achievement, understanding and curiosity is increased.

2) TASKS

When learning tasks are purposeful, clearly defined, differentiated and challenging ( according to the student’s zone of proximal development) then the more powerful, progressive and precise the learning for all students.

3) HIGHER ORDER QUESTIONS

Teachers systematically using high order questioning leads to the level of student understanding deepening and the level of engagement increasing. Students who are regularly required to analyse, synthesise and evaluate are more motivated and engaged.

4) FEEDBACK AND DATA

Using feedback to inform future learning.

5) FEEDBACK AND REFLECTION

Peer assessment

6) COLLABORATIVE GROUP WORK

Cooperative group structures to mediate between whole class instruction and students carrying out tasks.





Cisco Victorian Networking Academy Conference

26 05 2011

This was an all day conference from 9.30 till 5.30 at Cisco Head Office in Melbourne on 26th of May 2011.

A number of topics were covered at the conference. 

  1. New mappings had been made against the ICA11 Training Package and the Cisco Discovery and Exploration courses.  This work had been completed by Box Hill Institute.
  2. An Academy Evolution had occurred which meant we can can go anywhere for training of staff in the future.  BSSC will have a direct relationship with Cisco rather than Regional Academy. The following will exist.
  3. a) Instructor Training Centres for Victoria will be Box Hill and RMIT

    b) Academy Support Centre will be Box Hill

    c) There will also be NetAcad Resource Partners

  4. The role Cisco Academies will continued largely as is and therefore there appears no significant change directly to BSSC
  5. Harry Wang will look after quality assurance. Can share best practice with Harry as he needs to share best practice with Asia Pac – it needs to be measurable.
  6. Equipment Update
  7. a) New CCNA bundles

    b) ~72% off RRP for CCNA

    c) License Key required for new routers New equipment will require Windows 7 style security to protect IOS. Cost of new routers are slightly higher due to max RAM, flash. (i.e. a $600 router might become a $950 router). Only one IOS available for new routers. 2901 – 1 RU, 1941- 2 RU

    d) $4300 per pod basis

    e) Version 12 to version 15 of IOS – should be no cost for IOS under smartnet

  8. Telstra Graduate didn’t fill all positions – students with CCNA are highly regarded in this process – technical starting salary $60,000 – www.optioncity.com.au
  9. Netriders Tuesday 13th and Wednesday 14th of September, 2 members per team, and as many teams as you like. 18 years and over 31st Dec 2011.  50% theory and 50% packet tracer.







Follow

Get every new post delivered to your Inbox.