Family Tech Blog

Tag: security

  • Fortnite Hacked!? How to Protect Your Kids’ Account Information

    Fortnite Hacked!? How to Protect Your Kids’ Account Information

    A vulnerability discovered by Check Point security researchers, could have allowed hackers access to over 80 million accounts on the popular Battle Royale game Fortnite. The breach would allow hackers to see account information, use the account credit card to make in game purchases, and even listen in on player’s in game chats. The vulnerability has been fixed by Epic Games but they are making recommendations for users to secure their accounts in the future. Since the hack that was discovered didn’t need a password, changing your password on your Epic account regularly wouldn’t have saved you from this leak. Epic recommends using “two factor authentication” to keep you from being vulnerable to attacks like this. A few months ago they even provided a free avatar emote for those who opt in to two factor authentication.

    What Parents Should Know

    First of all, it is important to understand security and how breaches like this happen. Your children are using games, social media accounts, and web services that collect tons of data on them. Much of it is kept stored by the companies that are collecting it but the servers that this data is stored on aren’t always as secure as you would like them to be. The hack that affected Fortnite was found by accessing accounts through a website that was published by Epic Games fourteen years ago. Hackers could access player’s logins through the site and then listen in on their conversations and use their payment information. These vulnerabilities are there because the internet is so big and so open that who can blame Epic Games for forgetting about a little stats site it put up in 2004? This is why it falls to the consumer to protect our own information.

    What is Two Factor Authentication?

    It’s really simple. You enter your password to access a website. If you’re like me you have passwords stored on your computer and in an app on your phone so you can get to them easily and login as quickly as possible. Two factor authentication seems annoying because it adds a step. If used properly, however, it should only ask you to enter your second form of identity verification if you are logging in from a new device or location and it is really one of the safest forms of security available right now. When you get that email that asks you why you had a login from your mom’s computer across town and you roll your eyes because you know it was you checking your Facebook page because your phone died, just remember, this form of verification is one of the only ways to keep your data safe nowadays.

    Passwords are infamously weak and often saved to the point that we have forgotten them. Our kids likely have learned their password creation skills from us and therefore their abilities to form a strong, memorable, but secure password or passphrase is embarrassing. Remember that you should always use multiple different forms of characters like numbers, letters. symbols, and a combination of caps and non-caps. Make your passphrase longer than you’d like and save it somewhere. Teach your kids to have different passwords on all of their accounts, not just variants of the same password either. I use a password generator and storage software to keep track of mine. I have a really really long passphrase that I have memorized to log in to my password storage software so that my other passwords can be unique and secure.

    Final Advice

    Finally, I recommend talking to your kids about the kind of information they post online and store on their online accounts. Remind them that what happens online is permanent. Photos will exist forever, social media posts will come back to haunt them, and that conversation they’re having while playing Fortnite may not be as private as they thought. Many adults are just now learning about how to keep our information secure online, I feel that it’s critical that we teach our kids how to do the same thing. Their data is more valuable that any of us ever imagined it would be.

  • A Warning For Parents Buying Android Tablets for their Kids this Christmas

    A Warning For Parents Buying Android Tablets for their Kids this Christmas

    Android Tablets are a great option for parents who want to get their kids some form of screen device without breaking the bank. The addition of Android FamilyLink has made Android and even better choice for our kids’ introductory tech device. They are affordable, fairly easy to use, and most all apps our kids want to play or use are available through the Google Play store. There is, however an issue that faces parents when they are ready to set up these devices for their kids: compatibility.

    Compatibility is the ability of a device to run the software you are trying to install on the device. Android FamilyLink requires operating system 7.0 or higher in order to work on your child’s device. That means that if your device runs an older version of Android, the app that connects your parental control settings to their device won’t even be available to install from the app store.

    I ran into this problem today while helping a family set up controls on the brand new tech devices they had purchased for their two girls. I initially thought it odd that on one device I could login an account as a child and on the other I could only make a basic adult Google account. Then, halfway through setup I realized that one tablet would run FamilyLink while the other would not. Both of these devices had been purchased from the same place on the same day and were brand new, not refurbished or used, but the operating system was different in each tablet. One was running Android 4.4 while the other, the one that let me set up FamilyLink, was running Android Version 7.1.

    I understand that newer software will not work on older devices but these are two devices being sold at the same time as brand new. There is nothing, without further investigation, that would cause a parent to expect they couldn’t do all the same things on both tablets. The truth, though, is that not all Android Tablets are equal. We won’t get into opinions on Apple vs Android but I will make this comparison: when Apple updates their operation system ( iOS) they ping all of the devices at once and encourage installation of the newest version of the software. Android, however, is a crap shoot. You have to go see if your device will be compatible with the newer software every time a new one comes out. The main reason for this is that different companies make phones that run Android while Apple makes the device, the operating system, the app store. Basically the whole shebang.

    People have different tastes and whether it’s the way the software functions, the look and feel of the phone, or just not wanting to spend as much money, Android will always be a significant part of the smart device market. My advice isn’t to just always use Apple products. I will encourage parents, instead, to always look at the specifications of any device you want to buy and see what operating system it is compatible with. If you are buying an Android product and want to instal FamilyLink, the device must run 7.0 or higher for the FamilyLink Children and Teens app to show up as downloadable in the Google Play Store. Otherwise, you’ll be looking for some third party app or combination of third party apps to add parental control functionality to your devices.

    Need help? Shoot me a message HERE.

  • The Family Tech Blog Needs You

    The Family Tech Blog Needs You

    As you make your #givingtuesday plans please consider BecauseFamily. As a small startup non-profit I can guarantee that your donation goes to help us protect kids and teens by bridging the technology gap between them and their parents.

    No VP or CEO pockets to line with cash, no big fancy expensive parties or fundraisers to finance. Just a guy doing his best to spread the word about the importance of screen safety for our families. Please donate and share.

    Visit becausefamily.org/partnership to learn more.

  • Surprise! Fortnite for Android is a Security Nightmare!

    Surprise! Fortnite for Android is a Security Nightmare!

    Fortnite is the biggest of big deals in gaming. Kids play it, adults play it, boys play it, girls play it, and it’s making Epic Games tons and tons of money but their desire to not share that money with Google may be putting some of their millions of players at risk. Namely the players who are installing the game on their Android phones.

    “With Fortnite’s influence over more than 125 million players, teaching people to download apps outside of the official store is exposing millions of people to a risky practice, researchers warned.” – CNET

    Experts are warning that Fortnite’s “side loading” method of installation, which bypasses the Google Play Store, is opening up users to a ton of security risks. One such risk was found by Google’s team only two days after the game officially launched on Epic’s site. The flaw allowed hackers to exchange the game file for any file they wanted as long it was named the same thing as the installation file it replaced. This meant hackers could have put whatever malware, spyware, or virus into another file and millions of devices would have been infected. Also, since it’s release, over 1/3 of the malicious files found by Google security experts have been Fortnite themed. 

    The solution to this is obviously to roll out an update, herein lies the biggest issue with side loading software, it is difficult to push a forced security update out without an app store. This means that users will either have to seek out an update or allow it to install when they boot up the game. If someone has the game installed for a while without playing it, any corruption will stay in their phone until an update is found or forced by opening the app. 

    What Parents Should Know

    If your child wants to play Fortnite, I recommend letting them do so on their computer or a console. My advice is to not allow your child to play the game on Android at all. I recommend not allowing side loading of apps at all either as this opens their device up for major security threats. If you are using Android Family Link to manage app installations then sideloading will completely undermine your methods of parent control. If you’re monitoring activity and see something called An .APK file you’ll know that side loading is happening and you should talk to your kids about what they’re installing on their device.

  • PODCAST: Will My Family Get an Amazon Echo Dot for Kids?

    PODCAST: Will My Family Get an Amazon Echo Dot for Kids?

    Podcast: Play in new window

    Subscribe: Apple Podcasts | Spotify | RSS

    Family Tech Update: YouTube has taken down over 8 million videos, is it enough? Snapchat has games on their camera, and Amazon wants to listen to your kids.

    Screen-Free Week Hashtag: #BFScreenFree

     

    Social Media Links

    Facebook: http://facebook.com/becausefamily

    Instagram: http://instagram.com/becausefamily

    Twitter: http://twitter.com/becausefamily

    Newsletter Sign up

    Ministry Updates:: http://eepurl.com/R7Btr

    Weekly Blog Posts:: http://eepurl.com/cvnhXD

    Websites

    Ministry Site:: http://becausefamily.org

    Tech Blog:: https://safe.becausefamily.org

    Michael’s Speaking Info:: http://kmichaelprince.org

    Donate and Affiliate Links http://BecauseFamily.org/partnership

    Music by Kevin MacLeod at http://Incompetech.com

  • Amazon Echo Dot For Kids Released on the Same Day an Alexa Security Flaw Was Announced

    Amazon Echo Dot For Kids Released on the Same Day an Alexa Security Flaw Was Announced

    Voice is the new screen. That’s what all the tech gurus are saying these days. We’re moving beyond tapping to simply speaking. “OK, Google,” “Alexa,” even “Cortana” have become standard parts of our vocabulary. Even our kids know how to play music, stories, or get help with their math or spelling from a voice-activated assistant of some kind. Voice command started with Siri and quickly became a standard feature in all smartphones and even in some of our vehicles. What seemed like science fiction only 15 years ago is now a common tool for most of our culture.

    We are all hyper-aware, now, of the amount of information tech companies are gathering from our internet use. Since we carry fully connected devices around with us everywhere we go and use them to broadcast our daily routine on social media, there isn’t much that is hidden. Recently, though, we’ve become a bit cautious of how much of our data we share with these companies. It’s one thing to let Google know we like seeing ads on YouTube for our favorite movie genre, but tracking our location and schedule is a bit far.

    A test by security group, Checkmarx, found a security flaw that allowed them to design an app that would leave the Alexa microphone on long after you’ve finished using Alexa. Then, the app would send the hacker a transcript of what the mic picked up while you didn’t know it was turned on. Checkmarx found this flaw earlier this month and reported it to Amazon. It was corrected immediately.

    “Customer trust is important to us and we take security and privacy seriously,” the company said in a statement. “We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do.” – Amit Ashbel, director of product marketing for Checkmarx

    This obvious flaw is the first of its kind that has been made public. There is no way to know how long it has been around or if it has been used by anyone to collect user data. Amazon was fast to fix the issue but only after a third party research group found the problem in the first place. There are always security risks with any smart-home or virtual device and having a microphone that is always on compounds that risks. The popularity of Alexa and Google home is ever increasing, though, despite these risks. With the outcry against Facebook for their data collection and usage, it seems interesting to me that these fully connected, in-home virtual assistants are becoming so common. So common, in fact, that they’re being designed for our kids.

    Enter, the Echo Dot for Kids

    The news of this breach was released today, and interestingly, so was Amazon’s new Echo Dot for Kids. The Alexa enabled personal assistant speaker comes with a protective case, a replacement warranty (for the inevitable drop on the hardwood floor), a year’s worth of Amazon Freetime, built-in parental controls, and a bunch of skills (apps) that are geared towards kids. The Dot will read to your kids, help them with homework, play kid-friendly Audible audiobooks and more. The Echo Dot for Kids is $79.99 on Amazon.com.

    What Parents Should Know

    Being able to lock your kids out of explicit music and audiobooks, disabling entertainment features in favor of educational skills, turning off voice purchasing, and other parental control options make the Dot for Kids a pretty appealing piece of technology. I am, however, very skeptical of putting a marketing company’s microphone in my kids’ rooms. I know that doesn’t sound like the opinion of a tech nerd but my distaste for targeted marketing to minors and collection of the data of children will always outweigh the desire to be in with what’s trendy in technology.

    Though the Alexa security flaw has been resolved, I wonder how long it will be until another workaround is discovered? I bet it’ll be pretty soon. Here’s why: Amazon is trying to strike a balance between a way to gather the most information about your family as possible and still make you feel that your information is secure. There will always be functionalities in their systems that allow them to gather just that little bit more than you know they’re collecting. When a security company (at best) or hackers (at worst) find these functionalities, they exploit them to meet their own needs. Sometimes the need is to sell the workaround info to the company to keep it all quiet and sometimes it’s worse, the collection of data for sale or use. We all seem to be ok with Amazon or Facebook or Google having a bunch of our private data. After all, it is often used to make our lives easier and more convenient. The problem comes when something like the Cambridge Analytica fiasco takes place and we have our information being sold to the highest bidder or used to target us with fake news and advertising.

    Unfortunately, as long as we have devices that take in our likes, dislikes, conversations, and habits, we will have companies using that information to further strengthen their bottom line. All I am saying is that, as families, we have to draw our own line. My line is drawn pretty strictly against voice-activated assistants in our home, especially ones designed to be used by my kids. Your line will be somewhere different than mine but I advise you to be knowledgeable about any tech you bring into your home. If you aren’t sure what something does or how it really works, I wouldn’t buy it or use it in the first place. I know that sounds a bit counter-cultural, but the culture seems pretty ok with giving away all of their personal information and then panicking when they find out it’s being misused. I don’t blame companies for that, I blame people. Facebook fooled us once, perhaps shame on them, if you’re fooled again, shame on you.

     

     

     

     

  • Top “Family” Android Apps Found to Collect Kids’ Data Without Parental Permission

    Top “Family” Android Apps Found to Collect Kids’ Data Without Parental Permission

    It’s so nice to just head to the Google Play store and grab a couple of free apps to keep your child busy for a few minutes. There are a lot of free options and Google Play has a “Designated for Families” section to help you know if the app will be safe. Unfortunately, many app developers haven’t been following the rules. Android’s compliance rules are very specific about requiring apps to stay true to the Children’s Online Privacy Protection Act (COPPA.) That means there are certain types of data they aren’t allowed to collect without parental permission and other types they can’t gather at all. A recent research project has found that the majority of these apps ignore the rules of COPPA entirely.

    Overall, roughly 57% of the 5,855 child-directed apps that we analyzed are potentially violating COPPA. – Proceedings on Privacy Enhancing Technologies

    The study found that most apps collect the data of their users, even though the apps are geared towards an audience under 12 years of age. The research group formed from North American and European universities developed an automatic system to study nearly 6,000 apps. They looked at data such as ad tracking, location tracking, ID sharing, and wifi address tracking. Many of the transmissions were unsecured which put data at a greater risk.

     

    What Parents Should Know

    When an app is free there are some things you need to consider. There’s a reason it is free, not because they want to give you free access but because developers make their money in other ways. Obviously, advertising is one of the ways, the other way is your personal information. Things like your location, device type, web search habits, and internet history are very valuable resources to advertisers. App developers are able to gather this information and sell it for marketing purposes. The common phrase is data is the new currency.

    There are certain laws concerning the collection and use data of people under the age of 13. This study shows that many android app developers are ignoring the rules. This proves that the method of self-regulation may not be viable when it comes to protecting our information and privacy.

    My recommendation is that parents pay very close attention to the privacy practices of the apps they use for their kids. Read the terms and agreements. Read their privacy policies. Most importantly, understand that a free app is free because they are selling something else. Namely, your and your family’s personal information.

  • Here’s How To See if Your Private Data Leaked to Cambridge Analytica

    Here’s How To See if Your Private Data Leaked to Cambridge Analytica

    There is a tool to help you find out if your data was leaked to Cambridge Analytica. There may not be much you can do about it, but it is interesting to see if your app approval habits led to the sharing of your private data. Facebook has said that they’ll be highlighting the tool on the top of everyone’s news feeds but in case you haven’t seen it or don’t see it, here’s how to find the tool on your own.

     

    I recommend you check this out for your own Facebook account as well as any accounts your kids may use. Just in case you don’t have a minute and a half to watch the video above, I’ve listed the steps below for you. Thanks for reading FamilyTechBlog.com and remember to be careful how much access you give apps to your social media data.

    1. Open your Facebook App
    2. Click on the “Hamburger Menu” to the bottom right. (Three stacked lines.)
    3. Scroll all the way down to the bottom of the menu.
    4. Select “Help and Support”
    5. Select Help Center
    6. Search {Cambridge}
    7. Select the first auto complete option.
    8. That’s where it tells you if you’ve shared data with Cambridge Analytica.

    Thanks again, and share this with your friends.

  • PODCAST: Should I Delete My Facebook Account?

    PODCAST: Should I Delete My Facebook Account?

    Podcast: Play in new window

    Subscribe: Apple Podcasts | Spotify | RSS

    Family Tech Update: PUBG is on mobile – YouTube content policies have driven gun videos to PornHub – why your Facebook data isn’t safe, even if you delete your account…

    CNet Article: https://www.cnet.com/news/facebook-cambridge-analytica-data-mining-and-trump-what-you-need-to-know/

    Blog Posts Mentioned:

    Facebook Data: https://safe.becausefamily.org/tutorial-how-to-download-all-of-your-photos-videos-and-messages-from-facebook-at-once/

    Video Games and Boys: https://becausefamily.org/podcast-is-my-son-addicted-to-video-games/

    Battle Royale Games: https://safe.becausefamily.org/podcast-three-apps-your-kids-should-uninstall/

    Social Media Links

    Facebook: http://facebook.com/becausefamily
    Instagram: http://instagram.com/becausefamily
    Twitter: http://twitter.com/becausefamily

    Newsletter Sign up

    Ministry Updates:: http://eepurl.com/R7Btr
    Weekly Blog Posts:: http://eepurl.com/cvnhXD

    Websites

    Ministry Site:: http://becausefamily.org
    Tech Blog:: https://safe.becausefamily.org
    Michael’s Speaking Info:: http://kmichaelprince.org

    Donate and Affiliate Links

    http://BecauseFamily.org/partnership

  • Your Gun Video Searches May Take You to Pornography Sites

    Your Gun Video Searches May Take You to Pornography Sites

    After the shooting in February, many user generated content sites are making changes to how they handle media about firearms. YouTube is the latest to make changes to their guidelines with an emphasis on videos about assembling, building, and customizing guns.

    Videos that feature “instructions on manufacturing a firearm, ammunition, high capacity magazine, homemade silencers/suppressors, or certain firearms accessories … This also includes instructions on how to convert a firearm to automatic or simulated automatic firing capabilities.” are not permitted on YouTube. – Youtube Guidelines

    Since these changes have taken effect, some of the channels that feature firearms are going to be making changes to how they broadcast their content. Obviously, their videos are no longer welcome on YouTube so some are looking for a different outlet. PornHub, one of the leading adult video sites on the internet, is the destination of one popular firearm focused channel. InRangeTV, stating that “YouTube’s newly released vague and one-sided firearms policy makes it abundantly clear that YouTube cannot be counted upon to be a safe harbor for a wide variety of views and subject matter,” has begun to upload new and past content to PornHub as of this week.

    What Parent’s Should Know

    People of all ages are fascinated by guns. I’ve had dads and teens and even older elementary aged kids ask me if filters that they have installed would block their favorite gun videos and sites. The fact, now, is that more of those niche interest videos will be moving onto sites like PornHub.

    Even Google searches for gun videos will likely now result in links to sites that feature pornography and other extreme content. This brings a subject that is often considered interesting by many conservatives of all ages into the world of content that they would not consider appropriate. So what should parents do?

    My recommendation, if your kids enjoy watching videos about guns and will follow them anywhere the Internet takes them, is to install accountability software and a filter to any of their devices. A filter will block content you don’t want them to see. Accountability software will help you find if they got a hold of any websites you don’t approve of. I recommend Accountable2You because they have frequent updates and their iOS app will scan any browser on an iPhone or iPad. And as far as filters go, Net Nanny is also a good quality option.

    Whatever your views on guns and the age appropriateness of videos about guns I think we can all agree that putting content kids may be interested in viewing on sites made explicitly for adults is a dangerous proposition. Be vigilant and do something to keep your kids off of the sites.