Summary:
Due to millions of kids being in sports or other activities, coaches and parents have turned to social media sharing websites in order to make things run more smoothly. The most popular option is a website called Shutterfly, which allows users to upload photos of kids, home addresses, emails, gender information, phone numbers, school names, jersey numbers, and game schedules all in one place. The bad thing is even though Shutterfly claims to have a proviate policy using SSL (Secure Socket Layer) is not using the encryption for much of the website, leaving kids information exposed. SSL is a protocol that shows a user that, that particular site is safe and legitimate. It shows that the website hasn't been hacked and that no one is intercepting information. It's easy to identify SSL because all you need to do is look at the web address and if it has https instead of http, then it is protected by SSL, however most websites don't use SSL for most of their pages due to cost. Information obtained by Mother Jones, show that representatives for Shutterfly were fully aware of the problem of security for at least six months now and have done nothing to fix the issue or warn the users to take their child's information off the site. Two other websites, Eteamz and TeamSnap, do the same thing as Shutterfly, giving very little security. After things were exposed by Mother Jones, TeamSnap quickly started encrypting pages but still left several pages open and insecure. A man named Porterfield decided to test the security of the sites and set up several fake accounts on these websites. He then was able to easily download Cookie Cadger (a hacking program) and hacked all of the pages he created with extreme ease. He was able to get and change information about the kids, as well as add his email address to the mailing list for sports teams so he could get personal information about the whereabouts of the kids. After making his experiment public, Shutterfly and TeamSnap announced they will address the problem and recommended parents avoid putting personal information on the site. Eteamz refused to comment on the issue. Thankfully no major hacking has been done but most of the sites say that there is no reason for concern and Shutterfly even said "There is no option to view the site without signing in to your Shutterfly account.", which was disproved by Porterfield's experiment. The main point Porterfield wanted to make was to make sure parents and coaches are aware of what could happen and how easy it is to do so and prompts them to take all personal information off of the sites.
Reflection:
This is another prime example as to why I do not like signing up for social sites. I sign up for as little as possible (which normally means I only do things when I am required too). It was really nice to know about SSL though and how I can watch out for it now. It gives me a little bit more security on what websites I can really look at and feel safe signing into. However it is scary to know that there is programs out there that can hack into my stuff so easily. It is also scary that children, who do not even know about how necessary it is to protect their information, can have their lives ruined at such an early age and it also posses the question of how safe these kids are. Most children stay at home alone or walk home from school and this just makes that all the more dangerous. There should be laws to just get rid of this stuff. If it is so well known why isn't it gone? I almost wish I lived in the days without computers, then the fear of our lives just being ruined would disappear. I think technology could really be a wonderful thing if steps could be taken to better protect information.
No comments:
Post a Comment