If you're the kind of parent who wants to spy on everything your kids do, you can force them to install an app like Teensafe, which only works if your kid doesn't use two-factor authentication; you have to give it your kid's device ID and password, so if that data leaks, it would allow anyone to break into your kid's cloud and plunder all their private data.
Naturally, Teensafe stored thousands of parents and kids' usernames and passwords, without encryption, on an insecure server.
The company took the server down after being notified of the security problem by UK security researcher Robert Wiggins.
Most territories do not require that parents obtain their children's consent before spying on them with apps like this.
The database stores the parent's email address associated with TeenSafe, as well as their corresponding child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.
Teen phone monitoring app leaked thousands of user passwords [Zack Whittaker/Zdnet]
Japan's Henn na Hotel chain, owned by the HIS Group, uses "bed-facing Tapia robots" in its rooms; these robots turn out to be incredibly insecure: you can update them by pairing with them using a NFC sensor at the backs of their heads. The robots do not check the new code for cryptographic signatures, meaning […]
In 2017, Equifax admitted that it had doxed America by leaking the nonconsensual dossiers it builds on the nation, covering up the info while its key employees sold off their stock, and then repeatedly lying about the scope of the breach.
Aestetix writes, "We have good news. There will be a HOPE [ed: Hackers on Planet Earth, a beloved, NYC-based hacker con put on by 2600 Magazine] in 2020. And we expect it to be better than ever. For several months, we have been looking for a venue that would have the needed space and flexibility […]
Most people don’t spare a lot of thought on the potting for their plants. Perhaps something with a color that matches the walls, but that’s as far as it goes. After all, the plants don’t care what they’re wearing. Do they? Actually, they might. As eye-catching as the AIRSAI Floating Bonsai Plant Pot is, its […]
With the gains real estate has made over stocks in the past 25 years, it’s easy to see why the rich constantly use it to expand their wealth. What’s slightly less obvious is why only the rich seem to ever break into real estate investment. There are a lot of reasons, but a couple of […]
If you’re a coder, there’s a multitude of avenues for you to take your skills. Whether you’re just jumping into the world of programming or looking to rise up the ranks as an established professional, a wide base of knowledge is key. And this Premium 2020 Learn to Code Certification Bundle is a resource that’s […]