you can try privoxy as a proxy with tight control (whitelist/backlist, regexp by words, url, etc), if needed as a transparent proxy, so one can not change that. you can later screen the logs to see if anything more needs to be filtered (recommended ublocker or ghostery to also block ads and tracking, to help keep the logs cleaner)
WoT (web of trust) firefox add-on as a generic blocker, as it block bad, dangerous or not child safe... is not perfect but no solution will completely filter all urls... having said that, if is very good, also protects adults :)

Chats and social network are the main dangers, so parental supervisions and teaching is always required
Make then understand that the internet stores and copies everythings, so they should keep private things private and that they should always questions how much they should trust people that they don't know in flesh and blood.

you kids need to trust you enough to tell you about the problems and things they found... if they really want to workaround any filter, they will do it...
i see friends kids using the dogs facebook login to hide things from parents, others connecting to the neighborhood network and many using the (unprotected) friends computer to do things that they can't do at home

?!?! what ??! those news reports don't know what they are talking about!!

firefox was not affected by this, it have it own certificate store and this software didn't installed any CA on it.

HTTP traffic from all browsers should be views and changed by this software, but HTTPS was only intercepted by the browsers that use the system certificate store

AFAIK they will... but this will not be flagged as a valid https, the traffic will be encrypted but the browser will just act to the user as it was a plain http connection. This because the new https URL was delivered by plain http, without any kind of protection, so could faked. Browsers will only show the correct "https icons" when all (or at least the main) connections are directly valid https

And for the http/1.1 pipeline, it simple don't work... 90% of the sites can work with it, but others fail and fail badly... the page take forever to load, waiting for resources that were asked but never received. all browsers tried to enabled it and all had to revert it due to the (few but important) problems founds that are impossible to solve without a huge whitelist/blacklist of servers (impossible to really implement and a pain for all those important and old internal servers)

So the 2 major issues that http/2 want to solve are really the tls slow start and a working pipeline... By announcing http/2, a browser knows that this things do work and are safe to use, no more guessing games and workarounds for bad servers.

This is a evolution step, it still requires to work with http/1.1 designed sites.
When sites are designed with http/2 in mind, it is time for the http/3, where more things could be changed (and deprecate http/1.1)

Is not perfect, but changing too many things leads to the ipv6 problem... is good, but people don't want to break things and so don't change anything.

how to you test a https currently with telnet? you don't, you use a tool (openssl s_client -connect ip:port), then you test like telnet

with http2, you will also have to use a tool to connect.. then you can do what ever you wan...
(and by the way, chrome and firefox will only allow http2 with TLS, so even if it was plain text, you still would need to use openssl s_client to test )

If you neeed a virtual machine, use qemu+kvm !! is free, it works, it is fast

Of course, you also need linux!! :D

You really don't want CA that aren't trusted in your browser... even if it breaks some sites... a broken CA can break ALL your https sites

We should have killed SSL3 years ago, but to avoid breaking some sites, we found later that SSL3 bug could break all sites, even if they had already TLS1.2
When something should die, let it die or you will pay for it later

Agree, the hypercube is the missing option!! :)

simple... AMD have not enough money to pay others to do that.

When you have profits, you can do that, when you are losing money, downsizing and trying to recover. That money should be used to PR the game studios for better optimization and improve the drivers (that they know that have problems in several places)

samsung lcd's also are built like crap. one after another, their electrolytics die (fake china caps; like so many others).
(...)
but dammit samsung, why do you have to be SO cheap??

Because when something fails, most users will buy a new one instead of repairing the last one... and guess what... probably they will buy another samsung device! So instead of selling one TV each 15 years, they sell one each 3-5 years... even if just 1/3 of original buyers buy again samsung, it is still a win situation for then.

Of course, the solution is to first repair the old devices (samsung is also making sure that it is harder and harder to do that! thin devices is the excuse to use hard to replace hardware... see apple and how to repair their devices) and when buying, choose a little more expensive tv (many of times just 20$ to 50$ more) from other good brand. If something fail in short time, complain to that brand and buy from another brand.

If known brands use the same quality from cheap chinese brands, then there is no need to buy known brands

Yeh right, then all the security problems with Acrobat reader plugin were my imagination!!
I still don't understand why a READ-ONLY print format needs a programming language and interactivity (hint: it doesn't! and that is why almost all other pdf reader ignore that)

India is both a rich and poor country... is acts like a rich country when doing big projects and acts like a poor country when requesting money and support. The true is that they have very rich people and very poor people... and the power usually don't care much about the poor (other than it is cheap labor)

or titanic!!

Then try a clean firefox profile, without extensions. I too have a lot of tabs opens for weeks and i have got any crash for months...
both firefox and thunderbird crashing may point to a common (system) file that is broken.

Also check your smart status (smartctl -a /dev/sd?) and do some tests.