{"id":2894,"date":"2015-03-03T18:35:08","date_gmt":"2015-03-03T18:35:08","guid":{"rendered":"http:\/\/www.hexacorn.com\/blog\/?p=2894"},"modified":"2015-03-04T05:47:25","modified_gmt":"2015-03-04T05:47:25","slug":"win8-parental-control","status":"publish","type":"post","link":"https:\/\/www.hexacorn.com\/blog\/2015\/03\/03\/win8-parental-control\/","title":{"rendered":"Win8 + Parental Control"},"content":{"rendered":"

One of the lesser known features of Windows 8 was an introduction of Parental Control. The idea is that you can change an account type to one that can be used by children. Such account can be then both managed by\u00a0 parents and also (what’s very interesting) regularly monitored.<\/p>\n

I was curious what it means from a forensic perspective and did a quick test to see what I can find out.<\/p>\n

How to set it up?<\/strong><\/h5>\n
    \n
  1. Create a new account.
    \n\"pc1\"<\/a><\/li>\n
  2. Tick the box to mark it as child’s account
    \n    \"pc2\"<\/a><\/li>\n
  3. You are done.<\/li>\n
  4. You can go to Account \/ User settings and set up the Family Safety options + activity reporting. By default, it’s all enabled.
    \n    \"pc3\"<\/a><\/li>\n<\/ol>\n
    Testing<\/h5>\n
      \n
    1. Simply log off as a current user and log on as a child’s account<\/li>\n
    2. What you will immediately see after logging on is a notification in the right corner of the screen saying ‘This account is monitored by Family Safety’
      \n      \"pc4a\"<\/a><\/li>\n
    3. Run a couple of apps
      \nNote: I didn’t test the web sites in this test; I am not 100% sure, but setting modification are probably traced as well – it’s all subject to further research
      \nIn my case I ran:<\/p>\n