Living

Many gifts aren’t all fun and games; some may pose security risks

TNS

It’s always a relief when your kids unwrap their gifts on Christmas morning, as you finally can sit back and relax. But that doesn’t mean your responsibilities are wrapped up.

When setting up wireless phones, iPods, tablets and other electronics, including toys and video games connected to the cloud, you should act to prevent hacking, viruses and intrusions on your child’s privacy. Then teach them to use their new gadgets wisely.

If all this work makes you yearn for the days when your biggest worry was why you had bolts left over from assembling your kid’s bike, I’m with you. Consider this the new version of “some assembly required.”

For starters, make sure your home’s Wi-Fi is encrypted and password protected. Security starts there because many of your devices and toys will be connecting through that service.

Treat your phones and tablets as you would a computer. Install virus protection software and schedule it to run frequently and update automatically. Set up passwords so the devices can’t be used – and any personal information on them accessed – if they’re lost or stolen.

Set your devices so they don’t automatically connect to the nearest Wi-Fi, suggests Paul Paget, CEO of Pwnie Express, a Boston company that provides businesses with security for their wired and wireless devices.

That will prevent your devices from connecting to any nefarious networks set up for the purpose of stealing your information.

Turn off the Wi-Fi on your devices when you leave your home or when you don’t need that service, Paget said, so you don’t accidentally connect to a bad guy’s network.

Teach your children to obtain apps only from official app stores such as Google Play and the Apple App Store. Avoid downloading them from unknown sources because they might not be adequately investigated for safety. Bad apps can do a variety of damage, ranging from installing spyware on your phone to sending out costly text messages without your permission. Keep your apps updated, too, as updates may include security patches.

Some gaming apps allow players to make “in-app purchases” to unlock new levels or buy items for characters to use, such as a car for a racing game. Those purchases cost real money that you must cover by loading prepaid cards or linking to a credit card or your phone bill. Make sure your kids know that, or block them from making in-app purchases.

Some toys and electronics require you to set up accounts before you can use them. That involves entering names, addresses, birth dates and possibly other information. Don’t enter more information than you need to and if you’re prompted for information that doesn’t seem to be necessary, such as Social Security numbers and financial information, question why.

If the data are stolen, your child could be exposed to identity theft.

VTech, a maker of electronic learning products and baby monitors, announced a data breach last month from its Learning Lodge app store, which allows customers to download apps, games, e-books and other content to VTech products.

About 5 million customer accounts and related children’s profiles were affected. Stolen data included children’s names, genders and birth dates.

That information could be used to commit identity theft against children. While there’s nothing you can do about the breach, you can watch for evidence of your child’s identity being stolen, such as odd mail or email suddenly showing up at your home.

Cutting-edge toys now connect to the cloud, so be aware that your child’s interactions with that toy could be exposed, too.

Questions have been raised about the privacy and security of Hello Barbie, a doll that uses Wi-Fi to hold real-time conversations with children. The doll records audio, uploads it to a server, receives a computer-generated response and speaks it back.

Earlier this month, Bluebox Labs and independent security researcher Andrew Hay published a report saying they’d found potential security flaws in the mobile app and server to which the toy connects.

ToyTalk, the software company providing the technology to make Barbie talk, said it was not aware that anyone had been able to access Wi-Fi passwords or children’s audio data. It said the audio is not stored on the doll and is encrypted when sent to servers. ToyTalk said the doll has been certified as compliant with the Children’s Online Privacy Protection Act.

Paget suggests taking the same precautions with these types of toys as you would with phones and other electronics. Read the directions so you understand how they work and see if you can set them so they don’t connect to just any open Wi-Fi network.

If you are concerned about how toys use and store recorded information such as your child’s conversations, check to see if you can opt out of having that information shared with third parties.

This is an emerging area of technology and it will take a while for potential security risks to be exposed, Paget said.

“We’re just starting to see these things hit the market so it will take the hackers a little bit of time to catch up and see what they want to do,” he said.

Don’t let that stop you from enjoying the latest toys and gadgets. Just recognize they aren’t all fun and games anymore.

  Comments