Home Tags Hulu

Tag: hulu

Not an April Fool: Rick and Morty third season premiere is...

Episode will repeat online until Adult Swim shuts the stream off.

Get to watchin'!

For the first time, more people subscribe to Netflix than have...

The streaming service has dramatically changed how Americans watch TV.

Nintendo says non-gaming apps for Switch will “come in time”

Netflix, Hulu, Amazon reportedly in talks for Switch versions.

How YouTube TV stacks up against DirecTV Now, PlayStation Vue, and...

Google entered TV streaming with a feature-rich service at an aggressive price.

Amazon’s former Fire TV director gets poached by Apple

New hire brings years of experience at Amazon, Roku, Netflix, and more.

Get 72% off NordVPN Virtual Private Network Service For a Limited...

NordVPN gives you a private and fast path through the public Internet.

All of your data is protected every step of the way using revolutionary 2048-bit SSL encryption even a supercomputer can’t crack.

Access Hulu, Netflix, BBC, ITV, Sky, RaiTV and much more from anywhere in the world. Unmetered access for 6 simultaneous devices. You're sure to find dozens of good uses for a VPN.

Take advantage of the current 72% off deal that makes all of this available to you for just $3.29/month (access deal here).

This is a special deal available for a limited time. This story, "Get 72% off NordVPN Virtual Private Network Service For a Limited Time - Deal Alert" was originally published by TechConnect.

App developers not ready for iOS transport security requirements

A month before Apple is expected to enforce stricter security requirements for app communications in iOS, enterprise developers don’t seem ready to embrace them, a new study shows. The study was performed by security firm Appthority on the most common 200 apps installed on iOS devices in enterprise environments.

The researchers looked at how well these apps conform to Apple’s App Transport Security (ATS) requirements. ATS was first introduced and was enabled by default in iOS 9.
It forces all apps to communicate with Internet servers using encrypted HTTPS (HTTP over SSL/TLS) connections and ensures that only industry-standard encryption protocols and ciphers without known weaknesses are used.

For example, SSL version 3 is not allowed and neither is the RC4 stream cipher, due to known vulnerabilities. Before ATS, app developers implemented HTTPS using third-party frameworks, but configuring SSL/TLS properly is hard so implementation errors were common.

These weakened the protection that the protocol is supposed to provide against traffic snooping and other man-in-the-middle attacks. Currently iOS provides a method for apps to opt out of ATS entirely or to use it only for specific connections, but Apple wants to change that.

At its Worldwide Developers’ Conference in June, the company announced that it will require all apps published on the App Store to turn on ATS by the end of this year. The requirement won’t be enforced at the OS level, but through the App Store review process. Using some of the ATS exceptions will still be possible, but developers will have to provide a “reasonable justification” for using them if they want their apps to be approved. During their study, the Appthority researchers found that 97 percent of the analyzed apps—193 out of 200—used exceptions and other settings that weakened the default ATS configuration. “Among the top 200 iOS apps that we analyzed, 166 apps (83 percent) bypass at least some ATS requirements by setting ‘NSAllowsArbitraryLoads’ attribute to ‘true’ in their Info.plist files,” the Appthority researchers said in their report. “However, not all of them bypass ATS requirements for all network connections.

For instance, a company can still support ATS requirements for network connections with its domain, while allowing ATS to bypass all other connections.” Among the apps that didn’t use HTTPS for all of their connections were popular ones like Facebook, Twitter, LinkedIn, Facebook Messenger, Skype, Viber, WhatsApp, Fox News, CNN, BBC, Netflix, ESPN, Hulu, Pandora, Amazon Cloud Player, Word, Excel, PowerPoint, and OneNote, but also utility apps like Flashlight, QR code readers and games. While it could be argued that some connections don’t need HTTPS because they aren’t used to transfer sensitive data, the Appthority researchers found 10 applications that did send device IDs, email addresses, physical addresses, zip codes, geolocation information and even passwords or secret keys over unencrypted HTTP links. There are many reasons why developers can’t turn on ATS for all connections and are likely to request ATS exceptions during the app review process.

For example, many apps don’t talk only to their developers’ servers, but also to third-party advertising, market research, analytics and image or video hosting services.

The use of HTTPS on these external services are out of app developers’ control. ATS provides fine-grained exceptions like “NSAllowsArbitraryLoadsInMedia,” which can, for example, be used to allow the streaming of video or audio content over HTTP, while encrypting all other connections. However, based on Appthority’s analysis, it seems that so far developers have preferred using the more generic “NSAllowsArbitraryLoads” which disables ATS for all connections, when dealing with such problems. The company didn’t find any app that used the “NSAllowsArbitraryLoadsInMedia” or the “NSAllowsArbitraryLoadsInWebContent” attributes to limit the scope of ATS exceptions.
It hopes that Apple’s new requirements will change that. Many apps that do use ATS disable some of its security features.

For example, none of the apps analyzed by Appthority used Certificate Transparency, which is available in ATS. Furthermore, seven of them disabled SSL certificate validation and 46 didn’t use certificate pinning.

Thirty-eight apps disabled Forward Secrecy and eight apps set the allowed TLS protocol version to 1.0 or 1.1, even though the secure default in ATS is TLS 1.2. “We still expect iOS apps with unencrypted data in enterprise environments, even after January 1,” the Appthority researchers said. “When Apple approves such apps for the App Store, there will still be the security risks associated with unencrypted data for some connections, so it’s important for enterprises to have visibility into and management of the risks related to apps with those exceptions.”

FCC says AT&T is violating net neutrality with DirecTV data cap...

Aurich Lawsonreader comments 36 Share this story The Federal Communications Commission has reached a preliminary conclusion that AT&T is violating net neutrality rules by using data cap exemptions to favor DirecTV video on its mobile network. The FCC yesterday also expressed concerns to Verizon about that carrier's similar data cap exemption policies, but the examination of Verizon is in a slightly earlier stage. The FCC first raised the issue with AT&T a few weeks ago, and AT&T defended its practices in a response. But rather than satisfying the commission's concerns, AT&T's response "tends to confirm our initial view that the Sponsored Data program strongly favors AT&T's own video offerings while unreasonably discriminating against unaffiliated edge providers and limiting their ability to offer competing video services to AT&T's broadband subscribers on a level playing field," said a letter to AT&T yesterday from Jon Wilkins, chief of the FCC's Wireless Telecommunications Bureau. With Sponsored Data, AT&T charges other companies for the right to bypass customers' data caps on AT&T's wireless network. At the time same, AT&T lets its subsidiary DirecTV stream on the mobile network without counting against data caps. DirecTV technically pays AT&T for the privilege, but the money is just shifting hands from one part of AT&T to another. AT&T is using DirecTV's data cap exemption to market the new DirecTV Now streaming service. Data cap exemptions are also known as "zero-rating." While the FCC's net neutrality rules don't ban all forms of zero-rating, the FCC evaluates specific implementations on a case-by-case basis to determine whether they harm competitors or consumers. This would be a violation of the so-called "general conduct" rule that covers anti-competitive or anti-consumer behavior not explicitly banned in the core net neutrality rules against blocking, throttling, and paid prioritization. The FCC said it has "reached the preliminary conclusion that [AT&T's] practices inhibit competition, harm consumers, and interfere with the 'virtuous cycle' needed to assure the continuing benefits of the Open Internet." Commission staff is concerned about the prices AT&T charges companies for data cap exemptions. The FCC apparently doesn't have exact numbers from AT&T, but it made a conservative estimate based on AT&T's statement that its Sponsored Data rates are similar to the discounted wholesale rates paid by major wireless resellers. "We estimate for purposes of illustrating our concerns that an unaffiliated mobile video service provider would have to pay AT&T $16 a month to offer zero-rated service to a customer who uses just 10 minutes of LTE video per day, increasing to $47 for a customer using 30 minutes per day," the FCC wrote. "These costs alone would represent 46 percent to 134 percent of DirecTV Now's $35 retail price, against which third parties will be competing for AT&T Mobility customers, and would be borne in addition to all other costs of providing service by the unaffiliated provider." The FCC asked AT&T to respond to one more set of questions by December 15 "in order to finalize the Bureau's review of this matter." Among other things, the FCC wants information on average and median usage of DirecTV streaming compared to competing services like Netflix, Hulu, and Sling; the names of companies that have purchased data cap exemptions from AT&T or are negotiating with AT&T for exemptions; and more specific answers to questions about the Sponsored Data rates that AT&T charges other companies. Previously, AT&T argued that it treats its subsidiary DirecTV the same as other video providers and that DirecTV streaming without caps on AT&T's network is a pro-consumer challenge to the cable TV industry. AT&T provided a statement to Ars today, saying, “These are incredibly popular free services available to millions of customers. Once again, we will provide the FCC with additional information on why the government should not take away a service that saves consumers money.” AT&T may not have much to worry about. President-elect Donald Trump, an opponent of net neutrality rules, can appoint a new FCC chairperson when he takes office on January 20. While the net neutrality rules would still be in effect, a Republican-led FCC could simply choose to drop the AT&T investigation and in the long run might overturn the rules entirely. Verizon data cap charges harming open Internet, FCC says Separately, Wilkins sent a letter to Verizon yesterday about the company's FreeBee Data 360 program, which also charges online service providers for data cap exemptions. The FCC's wireless bureau "believes that the FreeBee Data 360 offering to edge providers unaffiliated with Verizon, combined with Verizon's current practice of zero-rating its affiliated edge services for Verizon subscribers, has the potential to hinder competition and harm consumers." The "primary participant" in Verizon's zero-rated data program is Go90, a video service offered by Verizon itself, the FCC said. Ars wrote about Verizon's treatment of Go90 compared to competing video services 10 months ago. Verizon's position that competitors are offered data cap exemptions on the same terms as Go90 "fails to take account of the notably different financial impact on unaffiliated edge providers," the FCC wrote. "For example, while there is no cash cost on a consolidated basis for Verizon to zero-rate its own affiliated edge service, an unaffiliated edge provider's FreeBee Data 360 payment to Verizon is a true cash cost that could be significant. Unaffiliated edge providers not purchasing FreeBee Data 360 would likewise face a significant competitive disadvantage in trying to serve Verizon's customer base without zero-rating." The FCC's letter to Verizon is similar to the initial letter sent to AT&T a few weeks ago. Verizon seems to be "acting in ways that may harm the open Internet, such as preferring [its] own or affiliated content [and] demanding fees from edge providers," the FCC wrote. The commission wants a response by December 15. Verizon provided a statement to Ars, saying, "We will review and respond to the inquiry as requested. In the meantime, we remain quite confident that our practices are good for consumers, non-discriminatory and are consistent with current rules."

TiVo’s “TV Guide” patents are DOA at appeals court

Enlarge / Netflix company headquarters in Los Gatos, California.David Paul Morris/Bloomberg via Getty Images reader comments 10 Share this story A five-year-old patent brawl between Netflix and Rovi (now TiVo) has reached a turning point, with the US Court of Appeals for the Federal Circuit upholding a major lower-court victory by Netflix. The litigation between the two companies began in 2011, when Netflix sued to invalidate a batch of patents on Rovi's digital entertainment guides, for which Rovi had demanded Netflix pay licensing fees. The patents described ways of navigating TV and other video content online.

Even after Netflix lawyers bested Rovi at the International Trade Commission and then pounded all five patents out of existence at district court last year, Rovi said it would push forward with an appeal. Now it's clear that Rovi's strategy to patent digital TV guides has hit a wall. Just a few days after Rovi's lawyers made their oral argument, a panel of judges at the Federal Circuit upheld (PDF) the lower court's decision in its entirety without comment. Rovi's patents covered very basic ways of organizing video content, including one on using "combination categories" like "sports dramas" or "romantic comedies." Another was on bookmarking shows across devices, which Rovi argued was a new idea when it filed its patent. "A novel abstract idea is still an abstract idea," US District Judge Phyllis Hamilton informed the company in her opinion, which has now been upheld. Rovi sued and settled with other companies over its patents, including Amazon, Hulu, Toshiba, Sharp, and China-based Haier. In April, Rovi acquired TiVo, another company that has turned its patents into a revenue stream.
It soon took on TiVo's name.

Executives of the merged company told investors they were going to focus more on licensing IP than building hardware. But even with TiVo's big litigation wins, the company couldn't ultimately stop itself from becoming an afterthought.

The big bets that companies like TiVo and Rovi made on software patents aren't panning out, especially since the Supreme Court's Alice decision has made it substantially easier to invalidate patents that describe basic business processes. Neither TiVo nor Netflix immediately responded to requests for comment on the decision.

Symantec Norton Security Premium (2017)

You absolutely need antivirus protection for your Windows boxes—that's a given.

But a full-scale security suite does much more than just protect against the various types of malware.
Symantec Norton Security Premium contains virtually every security component you can imagine, and a number of them are Editors' Choice products in their own right.
It lets you install Norton security on up to 10 Windows, Android, macOS, and iOS devices.
If you need to protect a large collection of diverse devices, look no further. A 10-license one-year subscription for Norton Security Premium costs $89.99, and includes 25GB of hosted online backup.

Bitdefender Total Security Multi-Device 2017 gives you five licenses for that price, or ten for $10 more. Kaspersky is a little more expensive, with five licenses for $99.99.

And for the same price as Norton, McAfee lets you install protection on every device in your household. Required ReadingMy typical pattern when reviewing a security product line is to start with the standalone antivirus and then summarize the antivirus review as part of my review of the full security suite.
If there's an even bigger mega-suite in the mix, I summarize the entry-level suite review. However, I'm going to take a different path this time. This product has precisely the same excellent security components as Symantec Norton Security Deluxe.

These include top-scoring antivirus, award-winning Android security, no-hassle firewall, consistently accurate phishing protection, a full security suite for macOS, and more.

The Premium edition adds five more licenses along with parental control and online backup, neither of which is tightly coupled to the suite's other components. Please read my review of the Deluxe edition first, then come back here for my evaluation of the added Premium features. Online and Local BackupSecurity suite vendors like to promote that their products include online backup—it gives them a nice check mark in the features table. However, all too many of them simply offer a branded version of some partner product that their users could get for free directly from the partner.

Check Point ZoneAlarm Extreme Security 2017 offers 5GB of backup space that you could just as easily get directly from IDrive, for example. Norton's Windows-specific backup component is a completely in-house product, and sells separately for $49.99 per year. PCMag's Max Eddy didn't think much of Norton Online Backup, comparing it unfavorably with other standalone backup services.

But compared with backup components in other security suites, it looks pretty good. The online backup component comes pre-configured with a default backup set that defines what to back up, where to store backed-up files, and when to run the backup.
It includes files in and below the Documents folder for each user, but specifically omits possibly massive video files and email files by default. You can edit this backup set to fit your own needs, or create any number of additional backup sets. The default destination for your backed-up files is Norton's secure online storage, but you can also back up locally. While CD/DVD backup was removed in this edition due to low usage, any other drive that shows up in Windows Explorer is a fair target.

That includes local hard drives, remote drives, network drives, and even some cloud storage services.

The backup system in Kaspersky Total Security doesn't come with online storage, but you can link it to your Dropbox account. By default, backup occurs automatically when your computer is idle.

That's probably best for ongoing maintenance, but you may want to manually launch the first backup when you're done with your system for the day, as the first time can take a while.
Subsequent backups only transmit new and changed files, so they run much faster. You can also schedule a backup set to run on a weekly or monthly schedule. You can also choose to throttle back the bandwidth used for backup, an option that's only needed if you don't choose to back up during idle time. The restore feature also comes pre-configured with logical defaults.
It restores files from the most recent backup (though you can choose another) to their original locations (though you can select a different destination).

By default, it waits for you to search out the file or files you want to recover. You can optionally browse all backed-up files, or restore the entire backup set.

And you can access your backup sets as if they were local files and folders by opening the Norton Backup Drive in Windows Explorer. Webroot SecureAnywhere Internet Security Complete also offers 25GB of hosted storage for backing up and syncing files.
It keeps up to ten versions of files and lets you create links to securely share backed-up files.

BullGuard Premium Protection also lets you share files from its 25GB of online backup. Norton just keeps the latest version, and secure sharing has been dropped in the current version.

Few consumers actually used the feature, and it made overall security more complex, according to my Symantec contact. The fanciest backup system in the world won't help if it never gets used. Norton makes backup almost effortless, which is as it should be. Parental ControlYour Norton Security Premium subscription also includes Symantec Norton Family Premier, a $49.99 value if purchased separately. Yes, the combined price of Norton Online Backup and Norton Family Premier is greater than the price of this entire suite, and much greater than the $10 you spend to upgrade from Norton Family Delux.

That's a great deal. As with Net Nanny, Qustodio Parental Control 2015, and other modern parental control systems, all configuration and reporting takes place online, with a small client app on each Windows, Android, or iOS device, to handle local monitoring and enforcement of House Rules.
Sorry, Mac users, this component isn't for you. To get started, you log in to your Norton account online and create a profile for each child.

The profile includes name, birth year, gender, and an optional photo or avatar. You can also add personal information that you don't want the child to share online. Next, you add a device that the child uses or, if it's a PC, the child's Windows user account. You can install the local Norton Family parental control agent on the current device or email a link. Keep going until you've created a profile for each of your kids; there's no specific limit on the number of child profiles or devices. With that task out of the way, it's time to define House Rules for each profile.

First up is Web Supervision, which manages content filtering.

Based on the child's age, Norton selects from the 47 content categories and determines whether to block those categories or just give the child a warning. You can pick your own custom set of categories and choose to block, warn, or just silently monitor.

ContentWatch Net Nanny 7 is even more flexible, letting you choose allow, block, or warn separately for each category. When Norton blocks access to a site, it displays the reason.

The child can send parents a message explaining the attempt to visit the site, or report that the site is categorized incorrectly.
If a child proceeds to the site despite a warning, parents get notification. Norton actually checks page content if necessary.
I found that it allowed access to a short-story website but blocked its erotic stories.
It filters secure (HTTPS) traffic, so kids won't evade it by using a secure anonymizing proxy.

And it didn't cave to a simple three-word network command that disconnects some less-clever parental control systems.
I couldn't find any sites that should have been blocked but weren't. Forcing Safe Search has become difficult now that popular search portals enforce use of HTTS.

Bitdefender and Trend Micro simply dropped that feature from parental control, though Trend Micro Maximum Security attempts to cover up naughty pictures in search results. Norton has taken a different tack.
Search Supervision enforces Safe Search on Ask, YouTube, Google, Bing, and Yahoo.
It does so using a browser extension, so a clever child might work around this restriction. Your child can turn off Safe Search and briefly see inappropriate links or pictures until the browser extension turns it on again. Video Supervision keeps track of the videos your child watches on YouTube or Hulu.
Social Media Supervision simply tracks the existence of your child's Facebook account and reports if the child used a spurious age to set up the account, or posted personal information. All of the components I've mentioned thus far are enabled by default, but Time Supervision is not.

Turning this feature on automatically schedules when the child can use the device and sets a daily maximum for screen time, based on the child's age.

For example, my imaginary 13-year-old's schedule allowed access from 6 a.m. until 9 p.m. daily, and until 10 p.m. on Friday and Saturday.
Screen time was capped at two hours for weekdays, five hours on the weekend.
If you want to tweak these settings, you must edit each day separately. You can also choose whether to cut off access or just issue a warning. Kids can check their remaining time by clicking the Norton Family icon in the notification area.

There's also an option to send a request for more time.

Android devices can still be used after hours, but Norton prevents all app activity other than calling emergency contacts. Note that time scheduling applies separately to each device the child uses.

The equivalent feature in Net Nanny is cross-device, so your kid can't time out on the PC and just switch to Android. Mobile Parental ControlThree more components become available when you assign an Android device to the child's profile.

Android protection is equivalent to Norton Family Parental Control (for Android). Some mobile parental control systems offer geofencing, meaning you can get notification when your child enters or leaves a specific location. Norton's Location Supervision doesn't do that, but if you enable it the child's device reports its position periodically, and you can view current and past locations on a map. App Supervision lists all non-default apps installed on the child's Android device.
See something you don't like? Just check the box to block use of that app. I couldn't actively test the advanced Text Supervision feature, because my Android test devices all lack cellular data connection. Here's how it works.
In the default Monitored mode, the child can text with any contact that's not specifically blocked. Norton logs all text conversations with unknown contacts. Parents can review the conversations and mark the contact as Blocked or Unmonitored.
In Blocked mode, unknowns can't contact your child at all until and unless you mark them as Unmonitored.
In Unmonitored mode, all contacts not specifically marked as Blocked are permitted, with no logging. If your child uses an iOS device, you can still install Norton's parental control, the equivalent of Norton Family Parental Control (for iPhone). However, there's just not much to it. You do get content filtering, but it only works in the app's internal browser.

During installation, the app explains how to set up Restrictions so your child can't use Safari or Chrome, disable Norton, or download other browsers. Once that's done, you get the full power of Web Supervision. Location Supervision is also available, just as it is on Android.
Video Supervision and Search Supervision both work. However, on an iOS device there's no Time Supervision, Mobile App Supervision, Text Message Supervision, or Social Media supervision.
If you really need full-powered parental control on iOS devices, look to Editors' Choice Kaspersky Safe Kids (for iPhone). Parental Reporting and NotificationSo far I've just talked about how you use Norton to define and enforce House Rules.

The other half of the equation is what Norton calls Activities—the logs of what your children have been up to.

The Activities summary shows the same eight types of supervision, with an overview of the latest activity. You can filter the summary to just look at one device, in which case you'll see a message stating "This feature is not supported" for categories that don't apply to that device. Clicking on one of the panel opens a more detailed view, and in most cases you can drill down even farther.

For example, the Web Supervision summary shows the most-used categories.

Clicking it gets a full list of all sites visited, warned, or blocked.

And clicking a specific site displays that site's categories, a thumbnail, and any message that the child sent.
Search Supervision displays a word cloud of search words in the summary and lists precise search terms when you click. On the Video Supervision summary, you see thumbnails of the videos your child has watched.

Drilling down lists the videos, along with the device used for viewing and a date/time stamp.

And clicking an item in that list lets you view the video's description or jump straight to the video itself. Your Norton Family account can have more than one designated parent—that makes sense, but it's not a common feature. Parents get email notification of quite a few events.

These include visiting a blocked site, sending information that was defined as personal, and installing an app that blocks Norton Family, among other things. You can turn off any or all of these if they get to be too much. As you can see, this is an extremely comprehensive parental control system, its only weakness being the limited iOS support.

As a standalone product, it's an Editors' Choice. A Star-Studded SuiteIf Symantec Norton Security Premium were a movie, it would have a star-studded cast.
Its antivirus component is an Editors' Choice, as is parental control system.

As a separate product, its Android security app is also an Editors' Choice.
Various components earn excellent scores in independent lab tests and in our own tests.

And it even offers a full security suite for macOS, something few competitors accomplish. Norton Security Premium is an Editors' Choice for cross-platform multi-device suites, and it's a great choice as long as its ten licenses suffice for your needs.
If your household needs security for even more devices, consider our other Editors' Choice in this area, McAfee LiveSafe.
It doesn't score as well as Norton in testing, but you can use it on every device in your household, no limits. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

Circle Go (for iPhone)

There's a growing trend in parental control toward whole-network solutions, tools for managing all devices on the network from a single, central control point.

The huge benefit is that you don't have to install a parental control app on every device. However, these systems generally break down as soon as your kids leave the house.

Circle Go aims to solve that problem, at least for mobile devices.

Available now for iPhone and soon for Android, Circle Go extends the reach of the hardware-based Circle with Disney beyond the home network.
In testing, I found the experience of roaming with Circle Go indistinguishable from the hardware-based in-network experience. A Circle Go subscription costs $9.95 per month and lets you protect up to 10 iOS devices.
If you decide you don't like it before 30 days have elapsed, you can get your money back.
It's not an independent product; you can't even sign up for a subscription if the Circle website doesn't detect the Circle with Disney device on your network.

And you don't just go sign up.
Instead, you enter your email address and wait for an invitation, which, according to the site, might come right away or might take a week or more.

For me, it took one day. The Circle with Disney device goes for a one-time price of $99. Over time, that makes it a good deal compared with subscription-based products.

For example, you pay $79.99 each year for a 10-license subscription to ContentWatch Net Nanny 7.
Symantec Norton Family Premier is just $49.99 per year, with no limits on the number of kids or devices, but, even so, after two years it costs more than Circle. Unfortunately, that price advantage goes out the window when you subscribe to Circle Go.

At almost $120 per year, it's among the most expensive parental control products I've reviewed. While I don't imagine many families have more than 10 iOS devices, Circle Go does impose that limit, while the basic Circle device has no limits.
I'm no expert on pricing, but I would've expected an add-on service like this to sell for more like $9.95 per year. Circle With DisneyBefore saying more about Circle Go, I'll recap my review of Circle with Disney. Of course, you can read the full review for a more in-depth exploration. Circle with Disney is a small, white, nearly featureless cube.

As soon as you plug it in to a power supply, it's ready to go.
It has an internal battery, so once it's charged up it can even work without being plugged in. To manage the device, you must use the Circle Home iOS app—sorry, Android-only households, at present you're out of luck, but the company promises an Android version soon.

The Circle app walks you through all the steps necessary to pair the device with your network and set up profiles for your family members.

For each family member, you specify a filter level (Pre-K, Kid, Teen, Adult, or None).

Depending on the filter level, the device blocks access to certain popular Internet-connected apps and to specific categories of online content. Once again, this device is a separate purchase, but Circle Go won't work without it. As part of the setup process, you need to add each family member's devices to the corresponding profile. You get a list of every single device on the network, some with helpful names like Neil's iPad and others with useless names like The Device or android-6f0f0ee8bd2.
If you're not sure about an item in the list, you can dig in to see its MAC address and match that to the actual device, or log in to Circle on the device itself and check the displayed device name. Once you've matched the actual device to its name in Circle's list, you can give the device a friendly name. The Peace Wireless Router parental control device also lets you add a friendly name to devices you've identified. With Clean Router, it's easy; just log in from the device in question and click a button to name it. It's very important to identify any Internet of Things devices in your network and put them on Circle with Disney's list of unmanaged devices. You don't want the device interfering with your Internet-aware refrigerator, doorbell, or garage door opener! Any devices other than the unmanaged ones and those assigned to a family member get controlled by the Home profile.

This includes any new device that shows up in the network. For each profile, you can set a daily time limit on Internet access overall, or on any managed application or content category. You can also set it to cut off all Internet access during the child's bedtime.

And if the kids aren't behaving, a single tap on the parental app's Pause button suspends Internet access for every managed device.

That will get their attention! When your child tries to visit a site that matches a blocked category, the browser instead displays a laconic message, "Looks like you've been filtered." This notification page also contains an endlessly scrolling collection of age-appropriate content from Disney. Yes, that's where the "with Disney" comes from. In testing, the device proved effective.
I did find that when it tried to block a secure (HTTPS) website, the browser displayed a scary warning about a possible attack.

That's because it uses ARP spoofing (sometimes more ominously called ARP Poisoning) to manage devices on the network.
I observed similar warnings when testing the Peace Wireless Router and XOnet. Whole-network parental control systems have one weakness.
If the child connects with a different network, or turns off Wi-Fi to connect via the cellular network, parental control is stymied.

The same is true of DNS-based systems like OpenDNS Home VIP and SafeDNS.

At its initial release, Circle with Disney suffered this same limitation, but the introduction of Circle Go extends its reach. How Circle Go WorksDuring setup, Circle Go installs a Mobile Device Management (MDM) profile on the device and also configures a Virtual Private Network (VPN). With these modifications in place, Circle Go has complete control over Internet traffic into and out of the device, whether via Wi-Fi or the cellular data network.

Familoop Safeguard (for iPhone) uses a similar MDM and VPN combination.

The iOS edition of Qustodio Parental Control 2015 offers VPN-based filtering as an option, but it's not nearly as easy to set up. The VPN routes network traffic through Circle's servers, which apply the same tracking and filtering rules that you defined on your home network.
It's not directly connected to the Circle device in your home, but the servers forward captured data to your home Circle frequently, and don't retain any data after forwarding it, not even aggregate or anonymized data.

The Circle device itself does all its work within the local network; it doesn't send anything to the cloud. Hands On With Circle GoFor testing, I used an Apple iPhone 6 for configuration and installed Circle Go on an Apple iPad Air.

Confusingly, the app you install is not called Circle Go; its name is MyCircle. Once you've installed MyCircle on the child's device, you tap a button to set up Circle Go. The MyCircle app first searches your network to find the Circle device; the app and the device communicate with each other automatically. Next, the installer displays the Circle Go MDM profile and waits for you to accept its installation. You'll have to enter your passcode at this point.

As with Familoop, you get a warning that installing this profile allows the Circle Go cloud server to control your device. When this step is finished, Circle Go is in charge! I found that the Circle Go experience was indistinguishable from using the device within my own network.

Blocked websites triggered the same warning page, with its endless list of Disney content.

During the defined bedtime hours, any attempt at Internet access just displayed the message, "Looks like its past your bedtime." The Circle Web page showed my Internet usage, broken down by category.

And from the parental app, I saw the same brief activity report. There was one very tiny difference. When you create a new profile, the Circle Home app represents it by a circle containing the child's initial. You can replace that initial with the child's photo.

The same circle appears on the webpage that appears when filtering kicks in.

During my remote testing, I noticed that the picture didn't appear, just the initial. When Circle Go's VPN is active, a VPN icon appears at the top of the screen.

A clever child might take that as a clue and turn off the VPN's Connect on Demand feature.

According to the FAQ, this should trigger a parental notification, but when I tried it, nothing happened. Uninstalling the MDM profile did get me a cryptic notification saying, "78FD94196DD5 is no longer Circle Go enabled." That's not terribly informative. Continuing, I swapped roles, setting the iPad to control the Circle device and the iPhone to represent the child's device.
I turned off the phone's Wi-Fi, forcing it to use cellular data.
I could tell Circle Go kicked in, because the VPN icon appeared.

And as before, the experience was precisely the same as when connecting through the local network. Still a Few LimitationsCircle Go works on any device that supports iOS 9 or later.

For example, it's fine on any iPhone since the 4S, and any iPad since the iPad 2.
Some parents give devices to children on a hand-me-down basis; if your kids are using really old iPods, phones, or tablets, Circle Go can't help you. Circle Go keeps control even if the kids mooch a neighbor's Wi-Fi, or switch off Wi-Fi and use cellular data. However, a tech-savvy teen could simply uninstall the MDM profile and turn off the VPN.
In testing, I found that disabling the VPN didn't trigger a notification, meaning that the child could surf freely, outside Circle's control. Uninstalling the MDM profile did cause a notification, but as noted, it didn't clearly identify which device was involved. The product's FAQ page points out that Hulu and Netflix don't allow access through the VPN.

They'll work when the child is at home, because the VPN automatically shuts off at home.
In addition, some school networks block the use of VPNs in general.
If that's the case, your child won't have Internet access at school except through the cellular network. A Pricey EnhancementKeeping control when the kids aren't home has always been a bugaboo for whole-network parental control solutions like Circle with Disney.

The addition of Circle Go is a big step toward solving that problem, at least for iOS devices. However, at the current price, this simple add-on costs more per year than almost all of the full-scale parental control tools I've reviewed. For your kid's other devices, I'd still suggest installing a traditional parental control tool alongside Circle with Disney. Our top picks are ContentWatch Net Nanny 7 (up to 10 children, no limit on devices), Qustodio Parental Control 2015 (five children, five devices), and Symantec Norton Family Premier (no limits). Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

Should broadband data hogs pay more? ISP economics say “no”

Don't be stingy guys.It's Memorial Day, all Ars staff is off, and we're grateful for it (running a site remains tough work).

But on a normal Monday, inevitably we'd continue to monitor the world of ISPs—especially how the major players handle big data users. Our Nate Anderson looked at the economic side of the decision in July 2010, and we're resurfacing his piece for your holiday reading pleasure. Just over a year ago, Time Warner Cable rolled out an experiment in several cities: monthly data limits for Internet usage that ranged from 5GB to 40GB.

Data costs money, and consumers would need to start paying their fair share; the experiment seemed to promise an end to the all-you-can-eat Internet buffet at which contented consumers had stuffed themselves for a decade.

Food analogies were embraced by the company, with COO Landel Hobbs saying at the time, "When you go to lunch with a friend, do you split the bill in half if he gets the steak and you have a salad?" In the middle of the controversy, TWC boss Glenn Britt told BusinessWeek something similar, though with less edible imagery. "We need a viable model to be able to support the infrastructure of the broadband business," he said. "We made a mistake early on by not defining our business based on the consumption dimension." This basic argument has a compelling logic—pay for what you consume—and it came with a side order of "implied apocalypse." Unless a major shift in pricing happens in the near future, TWC's Internet business won't be "viable" and the infrastructure won't keep pace with demand. This key assertion underlies numerous industry experiments with consumption pricing (AT&T just wrapped up a trial of its own tight data caps in a few test markets, and other ISPs have mooted the idea for years).

Few consumers are in a position to judge such claims; maybe the sky is falling. Maybe home Internet use is unsustainable without far more caps or far less data. Maybe those Netflix and Hulu users really are pigs at the broadband trough. But there's reason to doubt.

Big ISPs usually rely on peered connections to other major ISPs, connections which incur no per-bit cost.

As for the cables in the ground, they've been there for years.

The equipment back at the headend must be installed once, after which it runs for years.

Cable node splits and DOCSIS hardware upgrades are relatively cheap. Requesting one additional bit does not necessarily incur any additional charge to the ISP. If most Internet costs are fixed (and the National Broadband Plan agrees that they are), and if bandwidth is dirt cheap, what "charges" are heavy Internet users ringing up for ISPs like Time Warner? As a New York Times writer summed it up in the middle of last year's debate: I tried to explore the marginal costs with Mr. Hobbs. When someone decides to spend a day doing nothing but downloading every Jerry Lewis movie from BitTorrent, Time Warner doesn’t have to write a bigger check to anyone. Rather, as best as I can figure it, the costs are all about building the network equipment and buying long-haul bandwidth for peak capacity. If that is true, the question of what is "fair" is somewhat more abstract than just saying someone who uses more should pay more.

After all, people who watch more hours of cable television don’t pay more than those who don’t. Mr. Hobbs declined to react to my hypothesis about how costs are almost all fixed costs. To get some answers, we dug into TWC's financial statements, then spoke to the company and to its critics. One thing quickly became clear: it's good to be an ISP.
In fact, it's better than being a cable operator, since there are no multibillion-dollar payments to content creators.

As TWC said in a recent filing, "Once again, High Speed Data was our best performing Primary Service Unit category." A very good year TWC's revenues from Internet access have soared in the last few years, surging from $2.7 billion in 2006 to $4.5 billion in 2009.

Customer numbers have grown, too, from 7.6 million in 2007 to 8.9 million in 2009. But this growth doesn't translate into higher bandwidth costs for the company; in fact, bandwidth costs have dropped.

TWC spent $164 million on data contracts in 2007, but only $132 million in 2009. What about investing in its infrastructure? That's down too as a percentage of revenue.

TWC does spend billions each year building and improving its network ($3.2 billion in 2009), but the raw number alone is meaningless; what matters is relative investment, and it has declined even as subscribers increased and revenues surged. "Total CapEx [capital expenses] as a percentage of revenues for the year [2009] was 18.1 percent versus 20.5 percent in 2008," said the company a few months ago. In fact, CapEx has declined for the industry as a whole.

As the National Broadband Plan noted, the big ISPs invested $48 billion in their networks in 2008 and $40 billion in 2009. (About half of this money can be chalked up to broadband; the rest of the improvements were done to aid cable or phone service.) To recap: subscribers up, revenues up, bandwidth costs down, infrastructure costs down.

This might seem like a textbook case of "viability"; what were execs like Britt and Hobbs talking about last year when data caps were held up as a necessary safeguard against doom? It's about bandwidth labor Several months ago, while on a business trip to Manhattan, I entered a nondescript building near the Flatiron building and rode the elevator to the top.
Inside was one of TWC's main New York operations centers, hosting an astonishing array of cable and Internet gear.

But the real showpiece was the monitoring room, a darkened room with control hardware, computers, and a wall of TVs showing every cable channel currently running out over TWC's network. It looked brand new and obscenely expensive.

Engineers slipped in and out in silence.

A huge pile of boxes on the floor held a new set of replacement TVs. When I make my career shift from ink-stained wretch to Evil Genius, this is exactly the sort of room I will build in order to plot my world domination. "It's not a cheap endeavor to run a network like we do," said TWC's tweeting VP of Public Relations, Alex Dudley, when I had spoken to him the week before. Here was an obvious reminder of what he meant. This point is hammered home by most ISPs—the billions of dollars of new investment, the upgrades, the capacity building.

But it's a point only meaningful in the context of revenues.

A company's financials don't lie, and TWC's financials showed a declining percentage of revenue spent on infrastructure even as profits soared and bandwidth costs dropped.
I pressed Dudley on Glenn Britt's statements about viability.
If these are problems, they're problems most companies want to have. Britt is "a long-term-view kind of guy," Dudley said, and with broadband use surging, "all of the ancillary costs affiliated with broadband are going up." This didn't quite compute, since bandwidth and network investment were actually declining as percentages of revenue. But according to Dudley, those two numbers don't tell the whole story.

TWC's single biggest expense for Internet access is not network investment or bandwidth.
It's labor. As Internet use increases, TWC techs, engineers, and executives need to make adjustments such as DOCSIS upgrades at the cable company headend or "node splits" that divide a shared cable loop in two when bandwidth use hits certain metrics. Paying all of these people costs money, and those costs increase as the network is more heavily used. (This differs from how Landel Hobbs defended the company at the height of the backlash against TWC last year. He quite clearly stated that bandwidth creates real costs for the company and that those need to be covered. "For those who want to use a tremendous amount of bandwidth, there should be a charge, because that costs money," he told the Times.) Besides, Dudley said, TWC does invest plenty of money in raw infrastructure.
If CapEx spending was down in 2009, chalk it up to the company's video subscribers, which declined a bit over 2008. One big piece of TWC's CapEx is buying all those cable set-top boxes (which are then rented on a monthly basis by subscribers), and fewer subscribers mean fewer new boxes to purchase. The company's critics couldn't disagree more with this entire line of argument. "Greed" "Hogwash," says Free Press research director S.

Derek Turner. "Their OpEx [Operating Expenses, which includes labor] is not growing; if anything, it's steady.

Their CapEx is decreasing both in overall terms and as a percentage of revenue." Turner has little patience for the "woe is me" arguments that ISPs trot out to defend a shift to data caps or per-bit pricing.

Free Press, a constant critic of the big ISPs, says it has no philosophical problem with a move to a consumption model for broadband—but such a shift should accurately reflect costs, not serve as an excuse to gouge customers by companies already swimming in cash. TWC's data capping trial in 2009 featured "literally ridiculous overage amounts that had no relation to underlying costs," Turner said.

And the danger isn't just to consumer pocketbooks, it's to the entire Internet ecosystem. Who will start using the next high-bandwidth YouTube or Netflix when doing so results in big fees? If not done right, consumption pricing "will cripple innovation." Turner concedes that networks cost money to build and maintain, but he argues that the costs are wildly overstated.

For instance, Comcast is one of the ISPs furthest along with DOCSIS 3.0 upgrades, which do require a labor-intensive card swap at the headend and new modems in people's homes.

But even as it makes this investment, the company's OpEx and CapEx are declining.

As for node splits, many are "virtual" these days and don't require much labor. Bandwidth has become dirt cheap; despite the fear-mongering about the "exaflood" and the "zettaflood" and (presumably) the "yottaflood," bandwidth costs drop significantly every year.

As the National Broadband Plan noted earlier this year, international bandwidth has grown by 66 percent each year for the last five years—but the cost of IP transit has dropped 22 percent a year at the same time. Congestion can happen even on networks with tremendous bandwidth, but consumption pricing doesn't generally care about congestion (if it did, ISPs could exempt all traffic in the middle of the night, for instance, when congestion is generally absent). So why the push for consumption pricing? Turner has his own theory. "This is nothing more than greed," he says. "The industry may be maturing, and therefore margins aren't rapidly increasing the way they were." Consumption pricing could be a way to boost margins.

As for ISP complaints that heavy users cost them more money, those are just "excuses that they give." Still rare But low data caps are still not widespread in the US wireline business.

That's due in large part to public resistance to the idea. When TWC expanded its capping trial last year, it took only a couple of weeks for a New York Congressman (the now-disgraced-and-resigned serial tickler of his male staffers, Eric Massa) to pledge a "Broadband Internet Fairness Act" that would "prevent job killing broadband downloading caps." Despite a few trials (sorry, Beaumont, Texas), consumption Internet pricing remains unusual. Unless ISPs find a way to make a more compelling case for its necessity—and its fairness—it may remain so.