Entries Tagged "children"

Page 2 of 9

German Government Classifies Doll as Illegal Spyware

This is interesting:

The My Friend Cayla doll, which is manufactured by the US company Genesis Toys and distributed in Europe by Guildford-based Vivid Toy Group, allows children to access the internet via speech recognition software, and to control the toy via an app.

But Germany’s Federal Network Agency announced this week that it classified Cayla as an “illegal espionage apparatus”. As a result, retailers and owners could face fines if they continue to stock it or fail to permanently disable the doll’s wireless connection.

Under German law it is illegal to manufacture, sell or possess surveillance devices disguised as another object.

Another article.

Posted on February 20, 2017 at 6:55 AMView Comments

Confusing Security Risks with Moral Judgments

Interesting research that shows we exaggerate the risks of something when we find it morally objectionable.

From an article about and interview with the researchers:

To get at this question experimentally, Thomas and her collaborators created a series of vignettes in which a parent left a child unattended for some period of time, and participants indicated the risk of harm to the child during that period. For example, in one vignette, a 10-month-old was left alone for 15 minutes, asleep in the car in a cool, underground parking garage. In another vignette, an 8-year-old was left for an hour at a Starbucks, one block away from her parent’s location.

To experimentally manipulate participants’ moral attitude toward the parent, the experimenters varied the reason the child was left unattended across a set of six experiments with over 1,300 online participants. In some cases, the child was left alone unintentionally (for example, in one case, a mother is hit by a car and knocked unconscious after buckling her child into her car seat, thereby leaving the child unattended in the car seat). In other cases, the child was left unattended so the parent could go to work, do some volunteering, relax or meet a lover.

Not surprisingly, the parent’s reason for leaving a child unattended affected participants’ judgments of whether the parent had done something immoral: Ratings were over 3 on a 10-point scale even when the child was left unattended unintentionally, but they skyrocketed to nearly 8 when the parent left to meet a lover. Ratings for the other cases fell in between.

The more surprising result was that perceptions of risk followed precisely the same pattern. Although the details of the cases were otherwise the same -­ that is, the age of the child, the duration and location of the unattended period, and so on -­ participants thought children were in significantly greater danger when the parent left to meet a lover than when the child was left alone unintentionally. The ratings for the other cases, once again, fell in between. In other words, participants’ factual judgments of how much danger the child was in while the parent was away varied according to the extent of their moral outrage concerning the parent’s reason for leaving.

Posted on August 25, 2016 at 11:12 AMView Comments

Cryptography for Kids

Interesting National Science Foundation award:

In the proposed “CryptoClub” afterschool program, middle-grade students will explore cryptography while applying mathematics to make and break secret codes. The playfulness and mystery of the subject will be engaging to students, and the afterschool environment will allow them to learn at their own pace. Some activities will involve moving around, for example following a trail of encrypted clues to find a hidden treasure, or running back and forth in a relay race, competing to be the first to gather and decrypt the parts of a secret message. Other activities will involve sitting more quietly and thinking deeply about patterns that might help break a code. On the other hand, in the proposed CryptoClub Online approach, the CryptoClub Website will provide additional opportunities for applying and learning cryptography in a playful way. It currently includes cipher tools for encrypting and decrypting, message and joke boards where users decrypt messages or submit their own encrypted messages, historical comics about cryptography, and adventure games that involve secret messages.

Posted on February 13, 2015 at 1:13 PMView Comments

Irrational Fear of Risks Against Our Children

There’s a horrible story of a South Carolina mother arrested for letting her 9-year-old daughter play alone at a park while she was at work. The article linked to another article about a woman convicted of “contributing to the delinquency of a minor” for leaving her 4-year-old son in the car for a few minutes. That article contains some excellent commentary by the very sensible Free Range Kids blogger Lenore Skenazy:

“Listen,” she said at one point. “Let’s put aside for the moment that by far, the most dangerous thing you did to your child that day was put him in a car and drive someplace with him. About 300 children are injured in traffic accidents every day — and about two die. That’s a real risk. So if you truly wanted to protect your kid, you’d never drive anywhere with him. But let’s put that aside. So you take him, and you get to the store where you need to run in for a minute and you’re faced with a decision. Now, people will say you committed a crime because you put your kid ‘at risk.’ But the truth is, there’s some risk to either decision you make.” She stopped at this point to emphasize, as she does in much of her analysis, how shockingly rare the abduction or injury of children in non-moving, non-overheated vehicles really is. For example, she insists that statistically speaking, it would likely take 750,000 years for a child left alone in a public space to be snatched by a stranger. “So there is some risk to leaving your kid in a car,” she argues. It might not be statistically meaningful but it’s not nonexistent. The problem is,”she goes on, “there’s some risk to every choice you make. So, say you take the kid inside with you. There’s some risk you’ll both be hit by a crazy driver in the parking lot. There’s some risk someone in the store will go on a shooting spree and shoot your kid. There’s some risk he’ll slip on the ice on the sidewalk outside the store and fracture his skull. There’s some risk no matter what you do. So why is one choice illegal and one is OK? Could it be because the one choice inconveniences you, makes your life a little harder, makes parenting a little harder, gives you a little less time or energy than you would have otherwise had?”

Later on in the conversation, Skenazy boils it down to this. “There’s been this huge cultural shift. We now live in a society where most people believe a child can not be out of your sight for one second, where people think children need constant, total adult supervision. This shift is not rooted in fact. It’s not rooted in any true change. It’s imaginary. It’s rooted in irrational fear.”

Skenazy has some choice words about the South Carolina story as well:

But, “What if a man would’ve come and snatched her?” said a woman interviewed by the TV station.

To which I must ask: In broad daylight? In a crowded park? Just because something happened on Law & Order doesn’t mean it’s happening all the time in real life. Make “what if?” thinking the basis for an arrest and the cops can collar anyone. “You let your son play in the front yard? What if a man drove up and kidnapped him?” “You let your daughter sleep in her own room? What if a man climbed through the window?” etc.

These fears pop into our brains so easily, they seem almost real. But they’re not. Our crime rate today is back to what it was when gas was 29 cents a gallon, according to The Christian Science Monitor. It may feel like kids are in constant danger, but they are as safe (if not safer) than we were when our parents let us enjoy the summer outside, on our own, without fear of being arrested.

Yes.

Posted on August 11, 2014 at 9:34 AMView Comments

Hacking Consumer Devices

Last weekend, a Texas couple apparently discovered that the electronic baby monitor in their children’s bedroom had been hacked. According to a local TV station, the couple said they heard an unfamiliar voice coming from the room, went to investigate and found that someone had taken control of the camera monitor remotely and was shouting profanity-laden abuse. The child’s father unplugged the monitor.

What does this mean for the rest of us? How secure are consumer electronic systems, now that they’re all attached to the Internet?

The answer is not very, and it’s been this bad for many years. Security vulnerabilities have been found in all types of webcams, cameras of all sorts, implanted medical devices, cars, and even smart toilets — not to mention yachts, ATM machines, industrial control systems and military drones.

All of these things have long been hackable. Those of us who work in security are often amazed that most people don’t know about it.

Why are they hackable? Because security is very hard to get right. It takes expertise, and it takes time. Most companies don’t care because most customers buying security systems and smart appliances don’t know enough to care. Why should a baby monitor manufacturer spend all sorts of money making sure its security is good when the average customer won’t even notice?

Even worse, that consumer will look at two competing baby monitors — a more expensive one with better security, and a cheaper one with minimal security — and buy the cheaper. Without the expertise to make an informed buying decision, cheaper wins.

A lot of hacks happen because the users don’t configure or install their devices properly, but that’s really the fault of the manufacturer. These are supposed to be consumer devices, not specialized equipment for security experts only.

This sort of thing is true in other aspects of society, and we have a variety of mechanisms to deal with it. Government regulation is one of them. For example, few of us can differentiate real pharmaceuticals from snake oil, so the FDA regulates what can be sold and what sorts of claims vendors can make. Independent product testing is another. You and I might not be able to tell a well-made car from a poorly-made one at a glance, but we can both read the reports from a variety of testing agencies.

Computer security has resisted these mechanisms, both because the industry changes so quickly and because this sort of testing is hard and expensive. But the effect is that we’re all being sold a lot of insecure consumer products with embedded computers. And as these computers get connected to the Internet, the problems will get worse.

The moral here isn’t that your baby monitor could be hacked. The moral is that pretty much every “smart” everything can be hacked, and because consumers don’t care, the market won’t fix the problem.

This essay previously appeared on CNN.com. I wrote it in about half an hour, on request, and I’m not really happy with it. I should have talked more about the economics of good security, as well as the economics of hacking. The point is that we don’t have to worry about hackers smart enough to figure out these vulnerabilities, but those dumb hackers who just use software tools written and distributed by the smart hackers. Ah well, next time.

Posted on August 23, 2013 at 6:00 AMView Comments

Teens and Privacy

Not much surprising in this new survey.

Many teens ages 12-17 report that they usually figure out how to manage content sharing and privacy settings on their own. Focus group interviews with teens suggest that for their day-to-day privacy management, teens are guided through their choices in the app or platform when they sign up, or find answers through their own searching and use of their preferred platform.

At the same time, though, a nationally representative survey of teen internet users shows that, at some point, 70% of them have sought advice from someone else about how to manage their privacy online. When they do seek outside help, teens most often turn to friends, parents or other close family members.

Posted on August 20, 2013 at 7:10 AMView Comments

Security Analysis of Children

This is a really good paper describing the unique threat model of children in the home, and the sorts of security philosophies that are effective in dealing with them. Stuart Schechter, “The User IS the Enemy, and (S)he Keeps Reaching for that Bright Shiny Power Button!” Definitely worth reading.

Abstract: Children represent a unique challenge to the security and privacy considerations of the home and technology deployed within it. While these challenges posed by children have long been researched, there is a gaping chasm between the traditional approaches technologists apply to problems of security and privacy and the approaches used by those who deal with this adversary on a regular basis. Indeed, addressing adversarial threats from children via traditional approaches to computer and information security would be a recipe for disaster: it is rarely appropriate to remove a child’s access to the home or its essential systems; children require flexibility; children are often threats to themselves; and children may use the home as a theater of conflict with each other. Further, the goals of security and privacy must be adjusted to account for the needs of childhood development. A home with perfect security — one that prevented all inappropriate behavior or at least ensured that it was recorded so that the adversary could be held accountable — could severely stunt children’s moral and personal growth. We discuss the challenges posed by children and childhood on technologies for the home, the philosophical gap between parenting and security technologists, and design approaches that technology designers could borrow when building systems to be deployed within homes containing this special class of user/adversary.

Posted on July 2, 2013 at 12:08 PMView Comments

Internet Safety Talking Points for Schools

A surprisingly sensible list.

E. Why are you penalizing the 95% for the 5%? You don’t do this in other areas of discipline at school. Even though you know some students will use their voices or bodies inappropriately in school, you don’t ban everyone from speaking or moving. You know some students may show up drunk to the prom, yet you don’t cancel the prom because of a few rule breakers. Instead, you assume that most students will act appropriately most of the time and then you enforce reasonable expectations and policies for the occasional few that don’t. To use a historical analogy, it’s the difference between DUI-style policies and flat-out Prohibition (which, if you recall, failed miserably). Just as you don’t put entire schools on lockdown every time there’s a fight in the cafeteria, you need to stop penalizing entire student bodies because of statistically-infrequent, worst-case scenarios.

[…]

G. The ‘online predators will prey on your schoolchildren’ argument is a false bogeyman, a scare tactic that is fed to us by the media, politicians, law enforcement, and computer security vendors. The number of reported incidents in the news of this occurring is zero.

H. Federal laws do not require your draconian filtering. You can’t point the finger somewhere else. You have to own it yourself.

I. Students and teachers rise to the level of the expectations that you have for them. If you expect the worst, that’s what you’ll get.

J. Schools that ‘loosen up’ with students and teachers find that they have no more problems than they did before. And, often, they have fewer problems because folks aren’t trying to get around the restrictions.

K. There’s a difference between a teachable moment and a punishable moment. Lean toward the former as much as possible.

[…]

O. Schools with mindsets of enabling powerful student learning usually block much less than those that don’t. Their first reaction is ‘how can we make this work?’ rather than ‘we need to keep this out.’

Posted on August 24, 2012 at 1:18 PMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.