Latest in Children

Image credit:

Mandatory South Korean parental control app is a security nightmare

31 Shares
Share
Tweet
Share
Save

Sponsored Links

Back in April, South Korea required that wireless carriers install parental control apps on kids' phones to prevent young ones from seeing naughty content. It sounded wise to officials at the time, but it now looks like that cure is worse than the disease. Researchers at the University of Toronto's Citizen Lab have discovered 26 security holes in Smart Sheriff, the most popular of these mandatory parental apps. The software has weak authentication, sends a lot of data without encryption and relies on servers using outdated, vulnerable code. It wouldn't be hard for an intruder to hijack the parent's account, intercept communications or even scoop up the kids' personal details. The worst part? Some of these vulnerabilities apply on a large scale, so a particularly sinister attacker could compromise hundreds of thousands of phones at once.

Citizen Lab was quick to notify the South Korean carrier association (MOIBA) that developed the app, and the group claims that the flaws have already been fixed. However, the discoverers aren't buying that line. They believe that "very little" has been resolved, and that one of the fixes may have created a new hole. Oops. No matter what the scoop is, the findings underscore the risks involved in demanding that providers bundle apps -- exploits that normally have a limited impact quickly turn into major issues.

[Image credit: AP Photo/Ahn Young-joon]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
31 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Amazon Prime perks now include mobile game add-ons

Amazon Prime perks now include mobile game add-ons

View
Yamaha updates its THR desktop guitar amps for the first time in years

Yamaha updates its THR desktop guitar amps for the first time in years

View
Facebook’s latest AI experiment helps you pick what to wear

Facebook’s latest AI experiment helps you pick what to wear

View
iFixit's iPhone 11 Pro Max teardown investigates charging rumors

iFixit's iPhone 11 Pro Max teardown investigates charging rumors

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr