SSL and internet security news

children

Auto Added by WPeMatico

IoT Teddy Bear Leaked Personal Audio Recordings

CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had such poor security that it exposed 800,000 customer credentials, and two million audio recordings.

As we’ve seen time and time again in the last couple of years, so-called “smart” devices connected to the internet­ — what is popularly known as the Internet of Things or IoT­ — are often left insecure or are easily hackable, and often leak sensitive data. There will be a time when IoT developers and manufacturers learn the lesson and make secure by default devices, but that time hasn’t come yet. So if you are a parent who doesn’t want your loving messages with your kids leaked online, you might want to buy a good old fashioned teddy bear that doesn’t connect to a remote, insecure server.

That’s about right. This is me on that issue from 2014.

Powered by WPeMatico

German Government Classifies Doll as Illegal Spyware

This is interesting:

The My Friend Cayla doll, which is manufactured by the US company Genesis Toys and distributed in Europe by Guildford-based Vivid Toy Group, allows children to access the internet via speech recognition software, and to control the toy via an app.

But Germany’s Federal Network Agency announced this week that it classified Cayla as an “illegal espionage apparatus”. As a result, retailers and owners could face fines if they continue to stock it or fail to permanently disable the doll’s wireless connection.

Under German law it is illegal to manufacture, sell or possess surveillance devices disguised as another object.

Another article.

Powered by WPeMatico

Confusing Security Risks with Moral Judgments

Interesting research that shows we exaggerate the risks of something when we find it morally objectionable.

From an article about and interview with the researchers:

To get at this question experimentally, Thomas and her collaborators created a series of vignettes in which a parent left a child unattended for some period of time, and participants indicated the risk of harm to the child during that period. For example, in one vignette, a 10-month-old was left alone for 15 minutes, asleep in the car in a cool, underground parking garage. In another vignette, an 8-year-old was left for an hour at a Starbucks, one block away from her parent’s location.

To experimentally manipulate participants’ moral attitude toward the parent, the experimenters varied the reason the child was left unattended across a set of six experiments with over 1,300 online participants. In some cases, the child was left alone unintentionally (for example, in one case, a mother is hit by a car and knocked unconscious after buckling her child into her car seat, thereby leaving the child unattended in the car seat). In other cases, the child was left unattended so the parent could go to work, do some volunteering, relax or meet a lover.

Not surprisingly, the parent’s reason for leaving a child unattended affected participants’ judgments of whether the parent had done something immoral: Ratings were over 3 on a 10-point scale even when the child was left unattended unintentionally, but they skyrocketed to nearly 8 when the parent left to meet a lover. Ratings for the other cases fell in between.

The more surprising result was that perceptions of risk followed precisely the same pattern. Although the details of the cases were otherwise the same -­ that is, the age of the child, the duration and location of the unattended period, and so on -­ participants thought children were in significantly greater danger when the parent left to meet a lover than when the child was left alone unintentionally. The ratings for the other cases, once again, fell in between. In other words, participants’ factual judgments of how much danger the child was in while the parent was away varied according to the extent of their moral outrage concerning the parent’s reason for leaving.

Powered by WPeMatico

Cryptography for Kids

Interesting National Science Foundation award:

In the proposed “CryptoClub” afterschool program, middle-grade students will explore cryptography while applying mathematics to make and break secret codes. The playfulness and mystery of the subject will be engaging to students, and the afterschool environment will allow them to learn at their own pace. Some activities will involve moving around, for example following a trail of encrypted clues to find a hidden treasure, or running back and forth in a relay race, competing to be the first to gather and decrypt the parts of a secret message. Other activities will involve sitting more quietly and thinking deeply about patterns that might help break a code. On the other hand, in the proposed CryptoClub Online approach, the CryptoClub Website will provide additional opportunities for applying and learning cryptography in a playful way. It currently includes cipher tools for encrypting and decrypting, message and joke boards where users decrypt messages or submit their own encrypted messages, historical comics about cryptography, and adventure games that involve secret messages.

Powered by WPeMatico