Connect with us

Tech

Daycare monitoring apps are ‘dangerously insecure,’ report finds

Published

on


Popular daycare and childcare communications apps are “dangerously insecure,” according to newly published research, exposing children and parents to the risk of data breaches with lax security settings and permissive or outright misleading privacy policies.

The details come from a new report from the Electronic Frontier Foundation (EFF), which published the results of a months-long research project on Tuesday.

The research, conducted Alexis Hancock, EFF’s director of engineering for the Certbot project, found that popular apps like Brightwheel, HiMama, and Tadpoles lacked two-factor authentication (2FA), meaning that any malicious actor who was able to obtain a user’s password could log in remotely. Further analysis of application code revealed a number of other privacy-compromising features, including data sharing with Facebook and other third parties, that were not disclosed in privacy policies.

After being contacted by the EFF, Brightwheel implemented 2FA and claims to be ”the first in the early education industry to add this extra layer of security.” HiMama reportedly said that it would pass on the feature request to its design team but has not yet implemented the additional security feature. It is not known whether Tadpoles has an intention to implement 2FA.

Network traffic analysis shows the Tadpoles app sending user event data to Facebook.
Image: EFF

Hancock started researching the privacy and security settings of various daycare apps after being asked to download Brightwheel when enrolling her two-year-old daughter in daycare for the first time. Hancock told The Verge that she initially enjoyed using the app to receive updates about her daughter but became concerned about a lack of security given the potentially sensitive nature of the information.

“At first there was a lot of comfort in seeing [my daughter] during the day, with the images they were sending me” Hancock said. “Then I was looking at the app like, huh, I don’t really see security controls I would normally see in most services like this.”

With a background in software development, Hancock was able to use a range of tools like Apktool and mitmproxy to analyze the application code and investigate network calls being made by each of the childcare apps, and she was surprised to find a number of easily fixable errors.

“I found trackers in a few apps. I found weak security policy, weak password policies,” Hancock said. “I found vulnerabilities that were very easy to fix as I went through some of the applications. Really just low hanging fruit.”

The EFF’s new report is not the first to draw attention to serious flaws in applications trusted to keep children safe. For years, researchers have raised concerns over security weaknesses in baby monitor apps and associated hardware, with some of these weaknesses exploited by hackers to send messages to children. More broadly, a survey of 1,000 apps likely to be used by children found that more than two-thirds were sending personal information to the advertising industry

Hancock hopes that reporting on these privacy and security flaws could lead to better regulation of child-focused apps — but nonetheless, the findings have left her concerned.

“It made me feel, as a parent, even more afraid for my child,” she said. “I don’t want her to have a data breach before she’s five. I’m doing all I can to make sure that doesn’t happen.”



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Tech

Spotify stealth launched a hit show with this controversial duo

Published

on


Spotify has a brand new original topping its podcast chart, but it would probably prefer if you didn’t know about it.

Last week, Spotify launched a new pop culture show, Breaking Bread, on Spotify Live. Breaking Bread’s recordings now rank at number 11 on Spotify’s top podcast chart after holding the number two spot for most of the week, putting it just behind Joe Rogan. The show’s popularity — and the reason the company might be staying quiet about its new hit — is due to its two hosts: Jackie Oshry Weinreb and Claudia Oshry (aka Instagram’s girlwithnojob), who come with a huge built-in audience. While the sisters have delivered their massive fanbase to the app, they have a controversial history that could be problematic for Spotify at a time when the company is being extra cautious.

The sisters had a short-lived show in 2018 on Oath, Verizon’s now-defunct media brand, that was canceled after The Daily Beast reported that their mom is notorious conspiracy theorist and anti-Muslim activist Pamela Geller and that the sisters had both previously posted racist and anti-Muslim statements on social media. The sisters apologized, deleted their Twitter accounts, and relaunched with The Morning Toast as an independent podcast. Some fans have been uncomfortable with their unwillingness to disavow their mother’s activities, but their audience is undeniable. The Oshry sisters have more than 3.5 million Instagram followers between them, their flagship podcast currently ranks in the top 100 on Apple Podcasts and Spotify, and they maintain what appears to be a robust Patreon base (the stats are now private, but as of 2019, they had more than 9,000 subscribers). The Oshry sisters did not respond to a request for comment.

But if the Oshry sisters are controversial, you wouldn’t know it from their show. The Morning Toast is mostly run-of-the-mill pop culture fare, and Breaking Bread is much of the same: Kim Kardashian’s Marilyn Monroe dress, Hailey Bieber’s skincare line, Britney Spears’ wedding. The Spotify Live platform also allows fans to participate in the show, asking for advice on light topics like puppy training and bachelorette woes.

Following the model of other Spotify Live shows like After Hours with Alex Cooper and Dating Harry Jowsey, the original show takes place on the Live app and is posted as a podcast on Spotify later. Unlike those shows, Breaking Bread received no promotion from Spotify. The company did not issue a press release about the show and did not push it on any of its social channels. The only promotion seems to have come from the Oshrys themselves on their social accounts and podcast.

That may have something to do with the backlash Spotify has received for its nine-figure deal with controversy machine Joe Rogan. Rogan has the undisputed biggest podcast in the world, and as Spotify grows its podcasting might, the company needs him. But Spotify’s unfailing support for Rogan has caused some reputational, if not monetary, damage. Spotify declined to comment on why they chose to partner with the Oshry sisters or whether their past has anything to do with the lack of promotion for the show, but with the way the company has approached Breaking Bread, it seems to be going for the Oshrys’ substantial fanbase without the baggage.

Even if Breaking Bread itself is inoffensive, it is debuting at a time when Spotify is being particularly careful. Last week, the company announced a Safety Advisory Council to assist in its content moderation policies (a move Geller called “a government sponsored internal coup”) and cut a new deal with Integral Ad Science to firm up its brand safety analytics for advertisers.

But the company also is trying to boost its social audio app Spotify Live (previously branded Spotify Greenroom) at a time when social audio is flailing, and Breaking Bread may be its biggest hit yet. If the Oshrys continue to deliver numbers, the show will be hard for the company to ignore.





Source link

Continue Reading

Tech

 The Facebook Watch app may no longer support Apple TV

Published

on


Facebook’s app for smart TVs, which lets users tune into various videos, shows, and livestreams on the platform, may no longer be available on Apple TV, as first reported by 9to5Mac. Some users say they’re no longer able to access the app after its most recent update.

In a thread on MacRumors, one user shares an image of the notice they received after attempting to open Facebook Watch on their Apple TV 4K: “The Facebook Watch TV app is no longer available, but you can still find lots of videos on Facebook at www.facebook.com/watch.” Several other users report having the same experience.

Facebook rolled out its Watch app on Apple TV in 2017 after first launching it on Samsung smart TVs. The app is also available on various other smart TVs and consoles, as well as on Facebook’s mobile app and desktop site. Users who still want to use the Watch app on Apple TV should be able to cast Watch from their phone to their TV, but this obviously isn’t as convenient as simply opening up an app.

It’s unclear if the Facebook Watch app is no longer available due to a glitch triggered by the recent update, or if Facebook pulled the app from Apple TV entirely. Apple TV is still listed as one of Facebook Watch’s supported platforms. The Verge reached out to Apple and Facebook with a request for comment but didn’t immediately hear back.



Source link

Continue Reading

Tech

Apple’s mixed reality headset may feature an M2 processor

Published

on


The latest version of Apple’s long-rumored mixed reality headset features the company’s recently announced and 16GB of RAM, according to Mark Gurman. The Bloomberg reporter shared the tidbit of information in his latest newsletter – along with details on a “deluge” of devices Apple plans to release over the next year, including a new .

As , most recent reports, including those from Apple analyst and , have suggested the augmented and virtual reality headset would feature two processors. According to Kuo, one of the SoCs would have the same capabilities as the company’s M1 chip, while the other would be a lower-end chip designed to handle data from the device’s sensors.

After years of rumors, there’s been increasing evidence Apple is getting closer to the day when it will finally announce its mixed reality headset. In May, a Twitter user found evidence Apple likely used a shell company to for “RealityOS.” Earlier in the year, developers also to the operating system in App Store upload logs. More recently, Tim Cook told he “couldn’t be more excited about the opportunities” presented by augmented and virtual reality, and told the publication to “stay tuned and you will see what we have to offer” on that front.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.



Source link

Continue Reading
Advertisement
Economy14 mins ago

FirstFT: Nato to bolster Baltics

Metaverse24 mins ago

Korean IT names add open-source and upgraded functions on metaverse platforms

Real Estate35 mins ago

“Significant investment” planned for Amelia Island boutique hotels acquired by Dallas company

Opinion42 mins ago

SOS Opinion | Response to the World Police Summit, with Jean Phillippe Cossé, DMG Events

Markets45 mins ago

😱India USA $3 Billion Drone Deal | Business Stock Market News Daily |#shorts #stockmarket #ytshorts

Economy1 hour ago

The high cost of producing cheap food

Cryptocurrency1 hour ago

ANZ’s stablecoin used to buy tokenized carbon credits

Forex1 hour ago

EUR/USD retreats towards 1.0500 on USD rebound ahead of key data, ECB’s Lagarde

Bitcoin1 hour ago

What are Bitcoin covenants, and how do they work?

Metaverse1 hour ago

Metaverse features expected in HTC’s new phone

Real Estate2 hours ago

Morgan Properties pays $8.5M for 5-acre Millennium IV parcel in Conshohocken

Opinion2 hours ago

SOS Opinion | Biometric enhancements, with Philip Verner of CEM Systems

Markets2 hours ago

LIVE: Biden Holds Formal Press Conference | NTD

Metaverse2 hours ago

Developers In India Key To Metaverse: Meta India Md | Bengaluru News

Real Estate3 hours ago

NFI Industries to occupy new 264,600-square-foot industrial building in Quakertown

Opinion3 hours ago

SOS Opinion | Building customer relationships, with Amy Worthy of Morse Watchmans

Markets3 hours ago

Stock market😎😎😎 status#shorts#trading#trending #stockmarket#sharemarket #startup#business#viral#ipo

Metaverse3 hours ago

Cannabis Companies Try the Metaverse as a New Marketing Platform

Opinion4 hours ago

Journalism Student Voices Her Opinion on Governance in Punjab Over A Decade | Talk To Bhupen

Markets4 hours ago

Stock Market 💸💰💸 status#shorts#trading#trending #stockmarket#sharemarket #startup#business#viral#ipo

NFT2 weeks ago

Unity and Gala Games Join Forces to Build the VOXverse

Tech2 weeks ago

FAA wants dozens of changes before SpaceX expands Texas launch site

Opinion2 weeks ago

SOS Opinion | A fresh offering to the market

Opinion2 weeks ago

Electric switchboard manufacturer Expert Opinion | Best Plastic manufacturing business Idea

Metaverse2 weeks ago

KaraStar: A Metaverse Game with Specific Benefits For New Users

Metaverse2 weeks ago

REALM Metaverse Gaming to Launch Mobile Beta App on June 21 By CoinQuora

Metaverse2 weeks ago

L’Oréal’s Chief Digital Officer on Web3, the Metaverse – WWD

Economy2 weeks ago

Echoes of 1970s for UK economy

Metaverse2 weeks ago

Podcast: What does worship feel like in the Metaverse?

Tech2 weeks ago

Blizzard claims it won’t monetize ‘Diablo IV’ like ‘Diablo Immortal’

Tech2 weeks ago

Resident Evil Village Winters’ Expansion arrives on October 28th

Metaverse2 weeks ago

Here’s a Complete Guide to Investing in the Metaverse

Economy2 weeks ago

FirstFT: The yen continues descent to 24-year low

Bitcoin2 weeks ago

The CFTC’s action against Gemini is bad news for Bitcoin ETFs

Metaverse2 weeks ago

ISG Launches Advisory Business to Help Clients Explore and Prepare for Web3, Metaverse Opportunities

Economy2 weeks ago

UK job vacancies at record high despite stalling economy

Opinion2 weeks ago

MAD Armut & Mac Opinion On FNC vs G2 | LEC Post Game Lobby Interview

Tech2 weeks ago

Sony would love if you bought its $3,700 Walkman for over-the-top audiophiles

Real Estate2 weeks ago

After over a year of delays, $140M Bremerton project nears completion

NFT2 weeks ago

Upcoming Christie’s NFT Auction to Help Scientific Psychedelic Research

Trending

0