Posts

Monday Morning: Taking out the Garbage

Most of the time, I’m here in Michigan and I’m taking out the garbage every Monday. — Bob Seger

Morning-after blues now set in, feeling the weight of too much beer and cheese, doing the Walk of Shame, reeking of regret. Gotta’ love American excess in all things, including sports.

Take out last night’s garbage, pour yourself an herbal tea or a detox smoothie, and let’s get back at it. Speaking of garbage…

VW expected to make appetizing offer to U.S. passenger diesel owners — BUT…

The German car maker has still not decided whether vehicle owners will be offered cash, car buy-backs, repairs or replacement cars, Kenneth Feinberg told the Frankfurter Allgemeine Sonntagszeitung.

In other words, everything compensation manager Kenneth Feinberg said on behalf of VW for a German media outlet is vaporware. Best to keep in mind Feinberg has previously represented shining examples of corporate ethics like BP after the Deepwater Horizon spill.

Zika, Zika, Zika…
The virus is now driving some people mad — and they’re not even infected. Like Republican presidential candidates who believe persons traveling to the U.S. should be quarantined if they come to the U.S. from Brazil (Christie), or could be quarantined if they have been infected (Carson). Or scientists pushing to kill all the Aedes aegypti mosquitoes, without much thought for what removal of a species of insects will do to the rest of the ecological system which they’ve made home. Viruses are opportunistic; lose one host and they’ll hop to another. Are scientists modeling that next likely host?

Electronic toy maker VTech offers to buy LeapFrog
LeapFrog was popular with my kids 10 years ago; their line of educational toys helped my kids’ grades with spelling test games. But LeapFrog made a strategic error leaving the smaller handheld games for children’s tablets, and is now limping along. VTech has its own problems with technology, like the recent breach of user data, exposing millions of children and their families. Perhaps LeapFrog’s information technology will help shore up VTech’s through this acquisition.

Death from outer space
A bus driver in India may have been the first recorded casualty of a meteorite this weekend. Three others were injured when the meteorite exploded, leaving a small crater and broken windows.

Gong Xi Fa Cai or Gong Hey Fat Choy to you, depending on whether you speak Mandarin or Cantonese, as we enter the Year of the Monkey. Oops, perhaps you shouldn’t take out the trash just yet, especially if it requires sweeping. It’s bad luck to do so on the first new moon of the year — you might sweep your good luck out the door! Oh, your team lost last night? Sweep away. Best wishes for a prosperous new year!

Internet of Things: Now, with ‘Breachable’ Kids Connect and ‘Hackable’ Barbie

HelloBarbie

[graphic: Hello Barbie via Mattel’s website]

The Internet of Things (IoT) already includes refrigerators, televisions, slow cookers, automobiles, you name it. Most of these items have already experienced security problems, whether personal information leaks, or manipulative hacking.

Now the IoT includes toys — and wow, what a surprise! They’re riddled with privacy and security problems, too.

Like VTech’s privacy breach, exposing data for more than 6 million children and parents including facial photos and chat logs through its Kids Connect technology. The company’s privacy policy (last archived copy) indicated communications would be encrypted, but the encryption proved whisper thin.

Or Mattel’s Hello Barbie, its Wi-Fi enabled communications at risk for hacking and unauthorized surveillance. The flaws include this doll’s ability to connect to any Wi-Fi network named “Barbie” — it was absolutely brain-dead easy to spoof and begin snooping on anything this doll could “hear.”

It’s amazing these manufacturers ever thought these toys were appropriate for the marketplace, given their target audience. In VTech’s case, it appears to be nearly all ages (its Android app on Google Play is unrated), and in the case of Mattel’s Hello Barbie, it’s primarily girls ages 6-15.

These devices are especially iffy since they tippy-toe along the edge of the Children’s Online Privacy Protection Act of 1998 (a.k.a. COPPA, 15 U.S.C. 6501–6505).

Parents share much of the blame, too. Most have no clue what or how federal law covers children’s internet use under COPPA, or requirements under the Children’s Internet Protection Act (a.k.a. CIPA, 47 CFR 54.520). Nor do the parents who buy these devices appear to grasp this basic fact: any network-mediated or Wi-Fi toy, apart from the obvious cellphone/tablet/PC, is at implicit risk for leaking personal data or hackable. How are these devices risking exposure of children’s data, including their activities and location, age-appropriate toys?

This piece at Computerworld has a few helpful suggestions. In my opinion, the IoT doesn’t belong in your kids’ toybox until your kids are old enough to understand and manage personal digital information security to use the internet safely.

Frankly, many parents aren’t ready for safe internet use.