Ask Slashdot: Remote Support For Disconnected, Computer-Illiterate Relatives

An anonymous reader writes I use email to communicate with my folks overseas. Their ISP only allows dial-up access to their email account (there is no option of changing ISP), that can receive messages no larger than 1MB nor hold more than 15MB (no hope of changing that either). They are computer-illiterate, click on everything they receive, and take delight on sending their information to any Nigerian prince that contacts them, "just in case this one is true". Needless to say, their PC is always full of viruses and spyware. In my next yearly visit, instead of just cleaning it up, I'd like to gift them with some "hardened" PC to use for email only that would hopefully last the year before someone has to fix it. So far, these are the things I have in mind:

• Some kind of linux distro, or maybe even mac. Most viruses over there are windows only and propagate via Autorun.inf or by email attachments, not having Windows could prevent both.
• Some desktop environment that hides anything unrelated to connecting to the net and accessing their account (dial-up software, email client, web browser, exchanging files between their hard disk/email attachments and USB drives). By "hide", I just want the rest to be out of the way, but not entirely removed, so that if necessary, I can guide them over the phone. For this, Ubuntu's Unity seems like a particularly bad solution, but a Gnome desktop with non-removable desktop shortcuts (is this possible?) for the file manager, browser, email client and dial-up program could work. An android system is unlikely to work (they have no wifi, and they were utterly confused with Android's UI).
• This could be a life saver: some kind of extension to the email client that executes commands on specially formatted emails (e.g., signed with my private key), so that I can do some basic diagnostics or install extra software if I have to. This las point is important: they currently rely on acquaintances who may not be competent (they can't evaluate that) if something happens between my visits. They, most likely, wont know how to deal with anything non-windows, so all tech support would fall on me. (This is the reason I haven't moved them from windows yet.)
• Another very useful extension would be something to automatically re-assemble attachments split into several emails, to overcome the 1MB message limit.

Does any of that exist? If I have to build that system myself (or parts of it), do you have other suggestions? For the inevitable and completely reasonable suggestion of getting someone competent for tech support: I've tried that too. The competent ones don't last beyond the third visit.

Dial up can still access gmail

[VTBlue]

What is the issue with using a web mail provider? Gmail optimizes for low bandwidth links.

Re:Dial up can still access gmail

[Daniel_Staal]

You are making the assumption that Gmail isn't blocked, and that the users in question would be open to changing their email addresses.

Also, webmail over dialup has the distinct disadvantage of requiring you to be online to read your email. This ties up your phone line, and may cost money. Batch-download is normally a better solution over intermittent links: Connect to get your email, disconnect, read it, write replies, connect to send. Total time online: usually less than a minute.

Re:Dial up can still access gmail

[isilrion]

Original poster here... apparently I clicked "Post anonymously". Oops.

Their "ISP" (note the quotes) wont allow web access other than to the web interface (running Horde/IMP) of their email server. They are stuck with SMTP/POP3.

Gmail optimizes for low bandwidth links.

I didn't know that! Is it something I need to configure? When I visit and manage to access the internet for a few minutes, gmail has been unusable (even google's search page takes over a minute to load. Uggh). So hints on how to optimize gmail for very slow links are helpful, not for my folks, but for me.

Thanks!

Re:Dial up can still access gmail

[stoborrobots]

... most viruses require a constant high speed connection...

You must be new here - I'm young in internet years, but even I remember the number of viruses flying around in the days of floppy disks and dial-up modems, long before constant high speed connections...

Re:Dial up can still access gmail

[isilrion]

My really question is this. How do they get viruses? most viruses require a constant high speed connection. without it the virus itself can't do much.

There are two main ways: email attachments and USB drives. Almost every USB drive in that I've seen in that country has an Autorun.inf that installs one virus or another (sneakernet: usb drives are the main form of data transmission over there). I disable autorun every visit... but either I'm doing it wrong, or the "techs" they hire enable it again.

Re:Dial up can still access gmail

[Lally+Singh]

There's an offline gmail chrome app that lets you work that way. Also, turn on two-factor for them. They can receive the number via SMS, and it'll help prevent them from being phished. Once set up, it's easy to understand how to do it, and they only need do it every month. (There are a few email providers that provide 2-factor).

gmail can check a pop3 account on your behalf, and you can set your 'from' address (I haven't checked the constraints on what you can set it to...). So there's not necessarily a need to change email addresses to use gmail.

if gmail is blocked, then you're in an unusual situation where nobody here can give you good advice without knowing more about what's going on.

I'm advocating gmail here for three reasons:
(1) Really good spam filters and phishing warnings that can help keep out scams
(2) Two-factor authentication
(3) Easy setup with a chromebook.

With the last, they can keep all their stuff on drive (and you can just log into drive to help them), and you can chromote in to see their desktop and help. Even video-chat while chromoting.

Re:Dial up can still access gmail

[viperidaenz]

Disable it via group policy then. gpedit.msc

Re:Dial up can still access gmail

[unrtst]

I'd make this one really simple. Use an auto-updating Linux (like Mint), then setup a menu with few choices. Nothing Windows, and if you send a Mac, be sure it can be supported in their locale.

Updates, IMO, will be one of the biggest issues. I ran into this with a local (almost/soon-to-be) relative who was stuck on dial up. I just didn't do anything about their VERY slow computer until I got them onto something with some more speed (they were on dial up aol!!!). How in the world do you update/fix windows XP if someone is on dialup? I'm sure it's possible - I downloaded CD's back when I was on 33.6 - but I don't have weeks to spend doing that. I'm not sure exactly what the answer to that should be.

With that in mind, and with the stories of many virus infections and poor support from their friends, I'd probably try some sort of VM arrangement. Maybe something like:

* boot to something minimal and hardened (vmware ESX, linux + kvm, whatever you're most comfortable with really)
* set it up to automatically boot the VM, so that's really (almost) all they see
* VM install should have multiple disks
* disk1: OS, fully updated before you send it there, and take a snapshot
* disk2: data, copy there stuff here or plug in an external drive of theirs or whatever

If something goes really wrong, just go back to the snapshot.

Consider putting another VM on there that can do offline virus scan of those other disks (maybe clamav), and possibly integrity checks.

Could also put another on there that does a call home to you (dialup, wait for connection, ssh somewhere and setup a tunnel - go over 443 or 80 for a better chance of it working, and maybe use dyndns for the hostname).

Others above recommended gmail. Some other provider should be chosen if at all possible. I like gmail, and am also a fan of fastmail.fm, but pick whatever you want. Pick one that can pull mail from other providers, offers OK amounts of storage, imap (and/or pop3, but imap would be preferable so the data stays on the server and you can wipe their machine easier), and virus and spam protection should be decent too. Having webmail available would also be good, because then you can jump into their mail and clean it up if needed :-)

For remote access, forget about proxying commands through email. That's a bit crazy.
Just setup ssh on it and have it run on a variety of ports (22, 80, 443, 65000, whatever), and bookmark something like "whatismyip.com" for them to go to and tell you their IP.
If you MUST have some other proxied command method, there are some for various IM clients, and there's stuff like logmein. It's trivial to have pidgin run stuff in the shell via a plugin, for example. At least this could be part of something they don't use every day.

Re:Dial up can still access gmail

[isilrion]

Oh, I remember that. I thought they had implemented something better. Yep, over there, you give up long before the "Hi! You're a second class citizen" message. I recall that I used some python module that crawled gmail when it was really bad, and that there was some 3rd party "gmail lite" website that creeped me out but people used it nonetheless.

Apparently /. doesn't let me post too frequently. I've got pretty interesting suggestions in this thread, I won't be able to thank them all or clarify their questions. In case I can't and they come back and read /this/ response: Gmail is not an option. It would be ideal (imap or pop3), but everything beyond their local email servers is firewalled. They can browse a handful of sites via a squid proxy server in their network, but gmail (or any other competing "open" email provider) isn't among them.

Re:Dial up can still access gmail

[ozmanjusri]

Does Chrome OS even support dial-up?

It could, with an ethernet dial-up modem.

Having said that, I think the best solution would be Debian with Eldy installed, and a few scripts for parent-specific needs (like a revert-to-default/familiar setting) linked to big, clear buttons.

Re:Dial up can still access gmail

[ls671]

This isn't practical when you don't have a dedicated phone line for it and even then many ISPs had systems set up to not allow you to keep connections on constantly like that.

Also, I remember signing up with a big telco where I live that advertised unlimited access. I phoned them and told them up front that I was going to be on 24/24 and they said; no problems, so I signed.

I quickly discovered that they would hang up after 6 hours. We had to dial-in again and they seemed to purposely change the IP address everytime, anyway, I never got the same IP twice in a row.

God what fun I had using dyndns short DNS records TTL and all kinds of "adjustments" to have something relatively stable. User knew the network would go down for 10 minutes everyday during a business day and they got used it.

OK, I have to stop. I am laughing my heart out.
 

Re:Dial up can still access gmail

[mwvdlee]

Some stupid student had pictures of himself naked with his gay friend in his University home folder! ;-)

Some normal student with a sexlife had private pictures in his private University home directory.

although I was tempted to post the gay guys pictures somewhere public.

Why would you do that? What exactly tempted you?

Re:Dial up can still access gmail

[Buchenskjoll]

If you where tempted to post intimate pictures you found on someones account publicly, you're no whitehat, you're an asshat.

Re:Dial up can still access gmail

[vtcodger]

All I know about Chromebooks is what I just read at Wikipedia. But they seem to have USB ports. There certainly are USB fax modems out there and they are cheap. I just set one up on a netbook so we can ditch the ancient fax machine pushed back in a corner of the bedroom. I don't know for sure that the Trendnet USB modem we bought works with Linux/ChromeOS, but it certainly runs well enough with Windows XP to get a login prompt from a local Netzero node.

There's actually a robust solution available.

You don't need an exotic hardware or software configuration. You just need new folks.

Standard remote access

[Dwedit]

Use a SSH or VNC server, and also use a dynamic DNS client so you have a hostname instead of some random IP address, Then you can control the machine directly when it's online. VNC might be really slow over dialup though, you'd need to use Tight encoding with JPEG quality cranked all the way down to make it usable at all.

I usually end up tunneling VNC over SSH, and the VNC server only allows connections through the tunnel.

Re:Standard remote access

[isilrion]

Unfortunately, SSH or VNC require a direct TCP connection. They are firewalled (I should have called them "ESP: email service provider" rather than ISP), except for that mail server. We can't even jabber/irc/anything.

Wtf??!

So... Like.... Get them a fax machine instead

May I suggest an Etch-A-Sketch?

[SJester]

No malware is written for it, it is impervious to network attacks, and it can be restored to the original system image just by shaking.

Get them a console

Get them a console (as in a game console) with an internet browser app built in. Something like a Wii or a PS3 or something. Set it up so the home page is the webmail interface.

Safe as you're ever going to get I reckon.

Re:Get them a console

[CaptainDork]

I didn't mod it, but did you read the part about they are on dial-up and not allowed to do email by browser?

Re:Chrome

[stevez67]

No.

Re:Sorry

[Daniel_Staal]

Actually, an iPad sounds like exactly what he's looking for: Locked-down, with specific functions accessible. There's even some provisions for remote maintenance by authorized personnel. (He'd have to get OS X server and configure things first, I think, but it should be possible.) Main problem is dealing with connecting it to a dial-up link.

Chromebook

[schweini]

I can whole-heartedly recommend any cheap chromebook. They are basically completely support free, and can be reflashed in an instant.
I'm not sure how well they work with dial-up, but can't really see why they'd perform worse than any other modern browser.

I dont know how to hook them up to POTS line, though. But i guess there is some kind of solution for that.

On another note: where do they live that they don't have access to slightly higher-speed 3G internet? I've travelled through third world countries, and cell-phone-internet seems to be almost omnipresent in some form or another.

Re:Chromebook

[nine-times]

I think you're going to run into a general problem here, in that modern computers are generally not built to work off of such slow Internet connections. They're constantly getting big updates and patches.

Some people have pointed you in the direction of Chromebooks, which to my knowledge doesn't have a POP3 client available because Google assumes you'll have web access. There may be other reasons why it won't work.

I think your first instinct might be best. Install Linux. Figure out exactly what applications they need, and install only those apps. You can probably hack something together to run a script when they receive an email from you, but I think you'll be better off just having them run a script manually (tell them 'click on this button') that will collect diagnostic information and email it to you, if you want to do that.

Pick a relatively stable distro (Debian?), strip it down to the bare necessities and use a lightweight desktop environment. Set it to only download security patches. For any updates more than that, bring a disk when you visit.

I'm afraid none of this will keep them from responding to Nigerian scammers. Maybe set up their email to only accept messages from whitelisted addresses? Or maybe your parents just can't have the Internet.

Re:Chromebook

[isilrion]

Absurdly enough, I hadn't even thought about trying to teach them to run a script manually. Even for that I needed a fresh perspective :D. One problem down (I think). Thanks!

System updates over dialup are painful/impossible

[swillden]

Though even an out-of-date Linux distro is going to be safer against malware than Windows, keep in mind that it's almost impossible to keep one of the major distros updated with security patches via dialup. I tried that with my father in law's computer for a couple of years, setting up a cron job to dial up automatically late at night, every night, and chip away at the downloads. It fell further and further behind.

Other than the fact that I don't know if any of them even support dialup, a Chromebook seems ideal for this application. Updates are smaller and less frequent, and ChromeOS is strongly hardened as compared to a standard distro, so it's less worrisome if they miss some. Chrome Remote Desktop would enable you to take control of the machine when needed (that actually works on any platform) and while it's painful at dialup speeds I have used it successfully.

Fetchmail, dovecot and sieve

[frooddude]

Use fetchmail to pull from their account, drop it in their "inbox" managed by dovecot and create a whitelist via sieve (mail filter). You might even be able to get sieve to do that whole 'exec by email' thing if you want.

The real key here is that what they see in their 'inbox' is only what you allow them to see since you're dropping everything except your approved From addresses (or similar criteria).

Option 2: switch to snail mail and cancel their ISP account.

Re:Sorry

[peragrin]

google is your friend.
http://www.dd-wrt.com/wiki/ind...

Lock down the Windows desktop

[C0L0PH0N]

I support a Windows 7 PC in our community center (retirement community). I simply installed Drive Vaccine (http://www.drivevaccine.com/), which is cheap and allows you to either lock the PC down entirely (no virus infection possible :)), or keep say a "documents" folder writable, but locks the rest of the PC down. This PC has run for several years, and is restored to a "baseline" after each restart. Never an infection, as it can't survive the reboot. Users can surf the Internet all they want, and write and receive emails etc, etc. Occasionally, I unlock it to do updates of various sorts, but then I lock it down again. Sounds perfect for your parents.

Your Relatives should not be on the Internet

[wisnoskij]

They ... click on everything they receive, and take delight on sending their information to any Nigerian prince that contacts them, "just in case this one is true".

Your Relatives should not be on the Internet. Not only will they be scammed out of possibly every cent they have, but they are probably sending spam and viruses to all of us.

You want a ChromeBook

[BitZtream]

Thats about the easiest solution to your problems. Pretty much every other solution you see in this thread is going to require more maintenance than a windows machine. You can't expect a bunch of armchair admins to provide you sensible answers, 90% of the response you get here are going to be custom solutions that aren't completely thought out and require 100 times more effort than the person giving them to you realizes. You're just getting spew from a bunch of guys who think they are super clever.

The solution is to make it so you don't need to support them, and if all they do is browse the web, a Chrome Book is the answer. The down side is that they become Google's bitch, but its probably worth it for your needs.

Re:You want a ChromeBook

[steveha]

Agreed on the ChromeBook.

I'm not sure about making a ChromeBook use dial-up, so the solution is to somehow get a WiFi router on dialup.

I think there used to be WiFi routers that could manage a modem directly, but there isn't much call for them these days so I doubt you can find one.

You could set up a computer with Linux just to manage the dialup, and plug that into the router's WAN port. But maybe you can just customize a router to do what you need:

Buy a router that is well supported by open firmware and has USB ports. Install the open firmware, login as root, then customize the router to do the dialup with a USB modem.

In the past, I have used TomatoUSB with an Asus RT-N16 router (costs about $80 new). It was a pleasure to work with. The router gives you about 24 MB of usable storage using onboard flash memory, but you can trivially plug in a USB flash drive and have gigabytes of storage if you need it. But you can probably set up the needed scripts to manage the modem in the 24 MB space.

There are newer routers with bigger onboard flash if you prefer. I only mention the Asus RT-N16 because I have actually worked with one, and it's very inexpensive. And it has plenty of CPU speed and RAM for this application.

The above solution is cheaper than using a computer to manage the dialup, and should be bulletproof. Also your relatives are unlikely to mess with it.

P.S. Hmm, I did a quick Google search and there are still routers with dialup support. Here's one for about $150... I've never used one so I don't know how well it works.
http://www.greatarbor.com/products.html#GAC-252

You could lock down Windows

[enjar]

My first instinct is to recommend iPad -- I got my parents one and they haven't booted the Windows machine in years, the dial-up aspect of that could be tricky (you would need a router that dials out via modem -- it's doable, but might be more complex and assumes the presence of a mail client on the iPad that talks to the ISP ... hopefully it's POP or IMAP, but without specifics it's hard to know. But if you must use Windows, it's not an impossible situation. You just need to know where the knobs and switches are, and enable them.

A lot of other modern stuff is going to not work well with the dialup option.

For the purposes of the discussion, I'm assuming they are on Windows 7. If they aren't on Windows 7, they need to get there, at least. If they are still on XP that just sucks because a lot of the below stuff isn't there.

Parental controls:
I have children and have done a fair bit with the parental controls. In this case, instead of the parental controls being used for kids you would be using them for your parents, which also works. To enable the parental controls, you create a username for your parents as a regular (limited) user. This will prevent them from doing a lot of stuff right off the bat, like installing software. You also should make sure that UAC is enabled. You can create a Admin user for yourself. Once you have set that up, you can download the remainder of the controls from https://familysafety.microsoft... , and then control the user account for your parents. You can control what is accessed on the Internet, if they can download stuff, programs they can run, etc.

You can also do a LOT with Group Policy. Type gpedit.msc at the Run Window and lock down everything you don't want them to change. You can lock down the Desktop, among other things.

Windows also has the ability to send a Remote Assistance request via email or as a file attachment, which uses Remote Desktop to allow screen access and control. Given that you are going to be doing this over dialup to some other part of the world, you can set your client appropriately to minimize bandwidth utilization by dropping the amount of colors being shipped back, not showing the desktop, etc -- it's all under the "Experience" tab of the Remote Desktop client, and I've successfully used it over some pretty slow connections with decent results -- it will outperform VNC in many areas, especially screen refresh time since you can cut out a lot of the unnecessary stuff.

If you are going to do the above, get it sorted out on the beginning of your next visit since when you lock stuff down it's not hard to be too tight and stop stuff from working that should actually be working.

Wifi-Dialup Router and Chromebook

[captjc]

Apparently there are Wireless routers that are designed to connect via dialup (for instance This Router.) With that, I would go with a Chromebook / Chromebox or an iPad.

Given the constraints, that is probably the best you can get. However, you could probably experiment with an old Win CE Thin Client or an old WebTV and try to get either to work, but neither are particularly great solutions.

Bootable Disc or USB Stick

[h4ck7h3p14n37]

Send them a bootable disc or USB stick with a Linux or BSD distro on it. They can use a second USB stick for any data they want to retain.

Re:Missing Information

[isilrion]

Oh, good point. I wish I could edit the original post. They use POP3 + SMTP. The ISP runs a Horde+IMP webmail server, but it is a used only as a last resort (too complicated/slow/expensive over dialup). They do need persistent storage, those 15 Mb fill up very quickly. CDs/CD drives last long enough, I'll look into that live-cd solution. I hadn't thought of it. And unfortunately... yes, I'm serious.

Re:Make them pay a professional

[CaptainDork]

Bulldust.

How in the Sam Hill does your post make any sense?

Did you read that the OP only gets to visit them once a year? You still think they will wise up quickly? Then you disrespect them?

I disrespect you, for them, by proxy. I proxyspect you.

--

OK, so you're out. I have to do everything.

To the OP:

Modify their user account to make them a standard user (not admin) and set certain restrictions. Because their are several versions of Windows, I respectfully refer you to Google.

That was easy.

Deep Freeze

[apraetor]

Set the computer up with all the software they'll need, disable any admin access by them, install something akin to Deep Freeze. Every time they reboot things will revert automagically. You can create a small partition for the email app's data folders to serve as a persistant store, or you could just migrate them to simple webmail. GMail can check pop3/imap accounts for you.

How about

[Zanadou]

How about a Macintosh SE/30 and Cyberdog?

I'm only half serious.

um...

[Charliemopps]

You don't need any of that.
Get a LiveCD of any os you want. Burn it, you're done.
You boot to the CD/DVD and its a clean OS every boot. They can't break it because they can't write to it.

To be really safe, tape the DVD drive shut.

Re:Missing Information

Where is "over there"? I'm having a hard time understanding how they could be so disconnected and yet you can make an annual visit. Does your trip include several weeks of walking through enchanted forests?

Re:It doesn't make sense

[isilrion]

Hmm, so you are saying it is not really an ISP. It is only an email provider. And so we are not really talking about something like a 3rd world country, it is not so much a matter of infrastructure but of control (Cuba perhaps?).

Correct (with some nuances irrelevant for the situation being discussed). I'd rather avoid satellite solutions, just to ensure that I (and my family) stay entirely within the law. I used that email service for years and that ISP was pretty decent (given the restrictions). If you are savvy enough, you can do with those 15Mb much more than what one would expect. The breakdown is just the combination of my family being "not savvy" with the restrictions. If they had TCP conectivity but were illiterate, I could try to leave the some "backdoor" (vnc, ssh, remote desktop, whatever) and coordinate with them to "fix" their issues. Most of the issues, btw, are "the [ISP name] went away", meaning "I deleted or moved the desktop icon". I have done that with relatives not in Cuba. Or, if they lacked a TCP connection but were savvy, I could just communicate with them and tell them what to fix.

This slashdot topic was a long shot. I had some ideas in mind, most too complex / brittle to be worth implementing and I wanted a opinions from a savvy crowd. I should have asked years ago! There was a suggestion of a Wifi-dial-up modem combo device + a tablet that I hadn't thought of, and while it doesn't cover all my "requirements", it may be a sufficient improvement over the current situation to be worth trying. In any case... I have almost a year to think about it and prepare, and now that I was given some ideas worthy of consideration, I'm grateful. I hope at least one comes to fruition.

Re:Sorry

[PipsqueakOnAP133]

The original Apple Airport base station had a built in modem which would dial on demand, NAT the dialup connection, and share it with both wifi and ethernet.

Pairing that with an iPad means that all the effort Apple put into banishing jailbreakers from the platform would do wonders for the trojan problem.

Re:Forget their computer

[chipschap]

Believe it or not, I did have Firefox autolaunch on startup and she didn't like it, she wants to feel like she's actually using the computer by clicking the icon herself!

Re:It doesn't make sense

[WarlockD]

Here is another food for thought. Allot of people are talking about fancy "chrome books" or "iPads". Hell, someone even dug up UUCP from the grave as a remote communication solution, baring ssh connections might be scrubbed from the state. The big problem is that, while I can make an educated guess where your family is, I can honestly say it doesn't matter. Whatever solution your going to implement:

YOUR FAMILY IS GOING TO HAAAATTTTEEE IT.

Oh they won't say it to your face, they will just ask if they can keep the old computer "as a backup" and just use that once your gone. I know this. I know this from 10 years of experience of helping my grandma, her friends, her friends friends, and working at Unisys as a drive around tech for both enterprise and consumers. My american born Korean friend knows this as well and has tried hard to find similar solutions. At the end of the day, all people want to surf the web, go to links friends and family talk about, and emal/text. Computer literacy ONLY helps the safety of said activity's. When my grandma discovered her grand-kids were all on Facebook, she didn't care that she set up 3 accounts with different passwords, but I was able to strengthen that out by having chrome force sign her in one. My friends mom would constantly complain about the linux install because it wouldn't play flash properly, so he had to switch her back to XP. These are just a few examples I can mention, and you WILL get these calls.

Just remember, any "teaching" you do must be "with" them. Not "to" them. From their perspective, everything is working on their end. Their computer might be selling their information to the highest bidder and telling everyone how their penis can grow larger with one payment to the Nigerian, but they can still get pictures from family, they can still get messages. They can still see the latest football game scores.

Do the wifi idea. Hell do one better. Set up a small embedded system with a built in modem. They sell embedded boxes, but an old p4 with a modem should work. PFSense is something I would suggest. I forgot the package but there is a way to set it up to act as an email proxy. Have it drop all attachments that aren't images. It can even unpack zip files and check if its just images in those. Have it dial in daily keeping the email box clear. Just say it just checks your mail every day at 1am or such. Its like 4 am and I am half out of fuel and I am sure you have looked at some of these products. They will still get viruses as I don't think it will have the bandwidth to keep the updates up, but at-least you can have it track their surfing habitats and can block country's they have no reason to go to. Talking to you Russia and most of Africa:P

I hate to say it, but this is the best way for someone who is computer illiterate and doesn't use the computer much to care. You come in saying "just plug this between the computer and the modem to make the internet faster/safer" They don't feel alienated on the limited computer knowledge they learned and you can, they keep the computer/interface they are used too, and at the very least, have some control over the data going in and out.

Whatever you decide just ask yourself, "Does this improve their experience? If not, what would happen if they just chunk it and not tell you?"

As a side note, if it wasn't to much of an extreme luxury for the country its going to, I would recommend also an iPad for the interface. That single thing has introduced text messages, Facebook and god help me gaming to my grandma. If it wasn't for the large constant patches it needs and the very high chance it would get stolen, I would recommend it too.

Old Mac

[Richard+Kirk]

I gave my mum (95) an old PowerPC laptop I got for the price of buying a replacement power supply. It is running a version of OS that probably is no longer updated, but turning off automatic updates doesn't hurt.. I have also stuck on an Applesript that e-mails me when the machine powers up, which she does every morning to let me know she is OK. She is probably a bit less click-happy then your users.