Hacker Bribed Roblox Insider to Access Kids’ Data

Motherboard reports that a hacker had bribed a Roblox insider to access the data of over 100 million users.

“I did this only to prove a point to them,” the hacker told Motherboard in an online chat. Motherboard granted the hacker anonymity to speak more candidly about a criminal incident.

Beyond just viewing user data, the hacker was able to reset passwords and change user data too […] The hacker said they changed the password for two accounts and sold their items. One of the screenshots appears to show the successful change of two-factor authentication settings […]

Proving a point my a**. This person tried to claim a bug bounty from Roblox. They denied it because he/she acted “more maliciously than a legitimate security researcher.” He messed with the accounts after denial, so his point was revenge.

Update: A Roblox spokesperson informed me that only a small amount of customers were affected, not 100 million, and immediate action was taken to address the issue. Additionally, it was a Roblox insider and not an employee.

A.G. William Barr Wants Tech Companies to Fight Child Sexual Abuse

Attorney General William Barr wants tech companies like Apple to fight online child sexual abuse even more with “voluntary standards.”

These voluntary principles are built on existing industry efforts to combat these crimes.  Some leading companies have dedicated significant resources to develop and deploy tools in the fight to protect children online and to detect, disrupt and identify offenders.  Although significant progress has been made, there is much more to be done to strengthen existing efforts and enhance collective action.

First, as I discovered last year Apple started to scan online iCloud content for child sexual abuse material (CSAM). Many other companies do the same. Second, although encryption wasn’t explicitly mentioned, this is undoubtedly (in my opinion) a new development in the war on encryption. Child predators are one of the scary boogeymen used by the government to erode our privacy even further. I of course do support Apple scanning for this content, but it’s not a black and white issue.

Remember Neopets? It’s Being Turned Into a TV Show

Virtual pet website Neopets is being turned into a television show aimed at 8-12 year olds.

As part of the agreement, Singapore-based Beach House will develop new stories and characters, with Blue Ant’s Canadian studio providing animation services.

The show is still in the early stages of development and its format and style aren’t finalized, but Beach House plans to target the series at eight to 12s. The pair are seeking co-production and broadcast partners for the project.

I wish I still had my login information for Neopets.

Kids Need End-to-End Encryption for Protection Against Corporations

In a report from the Financial Times (paywall), a letter signed by 129 non-profits, think tanks, and academics urge Facebook to reconsider encrypting its apps. They use the “think of the children” argument because encryption could enable more child sexual abuse. But Justin Myles Holmes says we should think of the children and enable end-to-end encryption for them, so their data isn’t used and abused by corporations precisely like Facebook.

If we fail to take action now, we risk a world in which unsavory actors – domestic and foreign – have built rich, comprehensive profiles for every one of our children, following the trajectories of their education, home life, consumer habits, health, and on and on.  These profiles will then be used to manipulate their behavior not only as consumers, but as voters and participants in all those corners of society which, in order for freedom and justice to prevail, require instead that these kids mature into functional, free-thinking adults.

Privacy, Parenting, and Monitoring Your Kids’ Electronics

Wired is publishing a series on parenting, and this article is written by a father who monitors his teens’ electronics.

Later, after discovering my daughter had secreted a contraband Chromebook in her room to watch late-night Friends, all devices would be sequestered in the master bedroom overnight.

And this rule was above all else: The devices all belong to me and my wife, and we are entitled to see anything and everything on them.

I didn’t get a cell phone until I was in college, so my parents didn’t have to worry about me blasting my teenage cringe online. At the same time, this guy sounds like the type to physically remove the door to his kid’s room so they can’t hide from him.

Britain Wants Strict Privacy Rules for Kids

Today Britain rolled out strict privacy protections for kids, like requiring tech platforms to turn on protections by default.

The new rules are the most comprehensive protections to arise from heightened global concern that popular online services exploit children’s information, suggest inappropriate content to them and fail to protect them from sexual predators. The British children’s protections far outstrip narrower rules in the United States, which apply only to online services aimed at children under 13.

Microsoft’s Project Artemis Tool Will Help Find Online Predators

Microsoft has created an automated tool codenamed Project Artemis that can help detect patterns of communication used by predators to target kids.

Building off the Microsoft patent, the technique is applied to historical text-based chat conversations. It evaluates and “rates” conversation characteristics and assigns an overall probability rating. This rating can then be used as a determiner, set by individual companies implementing the technique, as to when a flagged conversation should be sent to human moderators for review. Human moderators would then be capable of identifying imminent threats for referral to law enforcement…

Microsoft was the company that also helped developed PhotoDNA, an automated tool to detect child abuse images. Now it’s moving to text.

Google Wants COPPA to Change so it can Keep Collecting Kids’ Data

The Federal Trade Commission is considering a revamp of the Children’s Online Privacy Protection Act (COPPA). Google wants to help them change the rules, and asked the agency to eliminate rules that categorizes anyone watching kids content online as actual kids.

In September, Google agreed to pay US$170 million to the FTC to resolve claims that YouTube violated COPPA by serving targeted advertisements to children under 13…After the FTC settlement, YouTube told creators that they would have to identify when videos are aimed at children under 13. When that happens, YouTube now turns off ads that rely on web browsing behavior and other targeting data, which earn more for YouTube and creators.

Why Teaching Privacy to Your Kids is Important

Siobhan O’Flynn writes about all the ways that companies like Google collect data from kids in violation of the Children’s Online Privacy Protection Act. It starts when schools increasingly turn to Google services in education.

Alphabet Inc. dominates child-directed and child-featured content online through YouTube Kids and has now colonized online educational spaces through Google Docs, G-Suite, Chromebooks and the associated Gmail accounts for children that are required for use. This means that Google’s access to children’s data spans entertainment (YouTube and YouTube Kids), search and purchase histories (via associated parental accounts), and educational sectors.

School Surveillance: How Millions of Kids are Spied On

When we hear the word “surveillance” we usually think about the NSA, or perhaps tech companies like Facebook and Google. What we probably don’t think about is school surveillance used to spy on kids.

The new school surveillance technology doesn’t turn off when the school day is over: anything students type in official school email accounts, chats or documents is monitored 24 hours a day, whether students are in their classrooms or their bedrooms.

Tech companies are also working with schools to monitor students’ web searches and internet usage, and, in some cases, to track what they are writing on public social media accounts.

Encryption Hasn't Stopped the FBI From Fighting Child Porn

Despite arguments from governments that encryption would hinder their ability to fight criminals, this clearly isn’t the case. In a recent example one of the biggest child porn sites on the dark web was recently taken down.

No backdoors were needed to track down the owner of the server or hundreds of the site’s visitors. For that matter, the FBI didn’t even need a warrant. The FBI did not deploy its infamous NIT (Network Investigative Technique) to track down site users. The flaw was the payment system linked to the site. Users may have thought their Bitcoin transactions couldn’t be traced back to them, but they were wrong.

The Four Horsemen of the Infocalypse: Terrorists, pedophiles, drug dealers, organized crime.

Your Kids' Photos Power Surveillance Technology

The New York Times has a nice feature out today about how a mother found photos of her kids in a machine learning database.

None of them could have foreseen that 14 years later, those images would reside in an unprecedentedly huge facial-recognition database called MegaFace. Containing the likenesses of nearly 700,000 individuals, it has been downloaded by dozens of companies to train a new generation of face-identification algorithms, used to track protesters, surveil terrorists, spot problem gamblers and spy on the public at large. The average age of the people in the database, its creators have said, is 16.

I can’t imagine the gross feeling you get when you see your kids in a database like this.

Disney and Kano Partner for Star Wars Motion Sensor Kit

Disney has partnered with Kano, a company that makes coding kits for kids, on a new Star Wars motion sensor kit.

The Bluetooth-enabled motion sensor includes a circular case, printed circuit board with nine LEDs, and two tops that contain Rebel Alliance and Galactic Empire iconography. Once assembled, it can be used to control lightsabers, Porgs and other Star Wars paraphernalia in a companion app that’s compatible with Windows 10 PCs, Macs, iPads and Amazon Fire HD 10 tablets.

Don't Let Your Kids Download These Apps

The Sarasota County Sheriff’s office compiled a list of 15 apps that they believe pose a danger to young children. Here are the apps on the list:

MeetMe, Grindr, Skout, WhatsApp, TikTok, Badoo, Bumble, Snapchat, Kik, LiveMe, Holla, Whisper, Ask.fm, Calculator%, Hot or Not.

Apple's Privacy Rule for Kids Apps Delayed

At WWDC 2019, Apple announced stricter rules for kids apps. Developers of these apps aren’t allowed to use analytics within them. Ads would also be limited. Apple is now delaying the rule to give developers more time.

Apple says it is making the move in part to better protect users’ privacy by shielding children from data trackers, a move that has been lauded by some privacy advocates. But some developers say they fear that the new rules won’t protect kids — possibly exposing them to more adult apps — and could pointlessly reduce their businesses.

Maybe don’t make preying on kids your business model?