Start with the honest picture of what protection is up against: not hackers — residents. The person with the most time, the most motivation, and physical possession of the device is the one it protects; the bypass instructions are a search away on any open machine at the library; and the contest runs every day for years. Mainstream parental controls lose this contest on schedule because of where they live: an app policing a device is a tenant policing a building — and the building's actual rules (settings, uninstalls, factory resets, safe modes) outrank every rule the tenant posts in the lobby.

The peeling layers, named

Understanding tamper-resistance means understanding the ladder of what "removing protection" can mean, from top to bottom:

“The question is never "can it be bypassed?" — given infinite cleverness, anything can. The question is "what does a bypass cost, and who finds out?" Real tamper-resistance makes the answer: a lot, and everyone.”

kolbo.life

What fused-in actually buys

  1. The reset stops being an exit. Factory reset on an owner-managed device lands back in managed provisioning — the maneuver that defeats the settings layer becomes a loud no-op. This single property retires the most-used bypass in the genre.
  2. Removal is detection. What cannot be prevented absolutely can be made unhideable: the device that leaves management reports it — to the parents, the school's dashboard per the mosdos policies — converting the silent bypass into an immediate conversation. Enforcement's real product is honesty between the parties.
  3. The protection updates itself. Fused-in protection patches on the platform's schedule, not the resident's consent — the update rail that keeps the walls current against the bypass-of-the-month, which is where app-layer products quietly rot.
  4. The walls don't depend on vigilance. No weekly parental audit, no cat-and-mouse — the defaults-ship-settings-decay principle resolved at the deepest layer available. The family's attention goes back to the family.

The honest limits, stated plainly

Tamper-resistance is a property of a device, not of a life: the resident can still borrow the neighbor's open phone (the visiting-devices reality), and no architecture replaces the relationship — the teen negotiating openly per the trust-ladder model is the actual goal; the enforcement exists so the negotiation happens in daylight instead of in workarounds. And the strongest claim any honest vendor makes is not "unbypassable" but auditable: here is where the protection lives, here is what removal costs, here is who gets told. Families evaluating any product deserve exactly those three sentences — and should walk away from any vendor who answers with adjectives instead.

Frequently asked questions

The security layer

Protection for the device already in your pocket

KolBo Secure protects any iPhone or Android — tamper-resistant enforcement, a self-service portal, and real human support. Starting at $14.99/month.

Secure a device

Enrollment, configuration, and billing in one portal — minutes, not appointments.