If you collect data to track children for parents, it’s probably a good idea to put a password on the database holding all that tracking data. In today’s episode I share a security industry drama around a researcher reporting just such a flaw, but not getting the best response. More importantly, I share resources you could leverage to make sure you don’t make the same mistakes this company did.
(Episode Runtime: 3:55)
Direct YouTube Link: https://www.youtube.com/watch?v=fC1XPIU3yiY
EPISODE REFERENCES:
- Child Tracking firm doesn’t put a password on their database – Graham Cluley Blog
- MacKeeper research discovers and discloses the insecure database – MacKeeper
- uKnowKids breach warning and response to the disclosure – uKnowKids
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply