It’s the holiday gift-buying season, which means it’s time to carefully consider security features when buying Internet-connected devices. Plus, a kid’s watch with big security problems and a warning for Black Friday.
Welcome to Cyber Security Today. It’s Friday November 16th. To hear the podcast, click on the arrow below:
The Mozilla Foundation, which makes the Firefox browser, has a web page with mini-reviews of 70 toys, games, coffee makers, pet finders and other products. Many of them rate poorly for security. So here’s a few questions to ask when choosing a wireless gift: Can it spy on you with a camera, microphone or location tracking? If so, does it use encryption? Can you control it through a changeable password? Does the manufacturer issue security updates? Does it delete data it stores on you? Does it have a privacy policy you can understand? Most answers should be on the product’s website. But, does a child’s toy really need to connect to the Internet? To get a look at the list and Mozilla’s thinking go to Foundation.mozilla.org and look for the page “Privacy Not Included.”
One connected product for kids the MiSafes Kid Watcher Plus, a watch that allows parents to track the location of their children. However, this week the BBC reported that a researcher said the device can be easily hacked, the data wasn’t encrypted, nor was the data secured on each child’s account. The researcher said he could track children’s movements, listen in to their activities and make spoof calls to the watches that appeared to be from parents. Neither the researcher nor the BBC could contact the manufacturer.
Speaking of Firefox, the browser comes with a tool called Monitor, which shows if information from your online accounts has been leaked or stolen. This week an updated version of Monitor was released that adds the ability to give an alert if you visit a website that has recently hacked. However, a security company called High Tech Bridge warns this feature isn’t complete protection. Monitor uses a list of publicly-known hacked websites. If the breach isn’t reported, Monitor doesn’t know about it. So you still have to be careful where you go on the web.
Finally, Black Friday, a day in late November when companies offer a number of sales online, has become a tradition this time of year. However, it’s also a time when criminals try to take advantage of your gullibility. Kaspersky says it already has discovered threats targeting 67 e-commerce brands including 33 consumer apparel sites, eight consumer electronic outlets and three online retail platforms. Scams include intercepting what you type to make off with your username and password, and redirecting users to phishing pages. So, as always, when buying online make sure you’re on a safe site. One way is to ensure the Internet address of the site you’re on starts with HTTPS. Always watch every page you get sent to.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Alexa Flash Briefing. Thanks for listening.