Children Used To Steal Parents' Data

Barence writes "PC Pro's Davey Winder has revealed how pre-school children are being targeted by data thieves. Security vendors have uncovered a bunch of Flash-based games, colorful and attractive to young kids, which came complete with a remote access trojan. The trojan is usually installed behind a button to download more free games, but BitDefender even found one painting application where the very act of swiping the paintbrush over an online pet to change the color of the virtual animal was enough to trigger redirection to an infected site."

And parents wonder

[houstonbofh]

And parents wonder why they can't let the kids use the work laptop. It's because we're Ogres! Ogres, Damnit!

Re:And parents wonder

[William+Robinson]

It is not all that difficult to create different account for the kids and ask them to use it religiously. I normally keep my home folder encrypted, so no matter how smart the Trojan is, will never get access to my data, as long as I am not logged in.

Re:And parents wonder

[Aerorae]

uh...keylogger software? You have to decrypt your documents to use them after all...

Re:And parents wonder

[Gerzel]

Depends on when the keylogger starts vs the login.

If the two accounts are properly separated then the children's account should never have the access to install anything that could be run before the user login. Of course with Windows all bets are off.

Re:And parents wonder

Which operating system does all this malware run on?

Re:And parents wonder

[Endovior]

Virtual Machines. They're a beautiful thing. Trojans, viruses, keyloggers... who cares? Just revert your system back to the last snapshot, and it's like it never happened... and even the worst of what does happen, won't ever affect your important materials.

Re:And parents wonder

[shadowmas]

Generally yes. But remember that anything running on the VM is behind your routers firewall and might be in a more permissive network. So it can be used as a platform to execute a exploit to gain access to other machines on the network, the host machine or maybe even compromise the router/firewall (defualt passwords anyone?).

I use VMs when I test applications if I'm not sure about its origin, but you should always be carefull about how it's network access and such.

Re:And parents wonder

[alex67500]

Which operating system does all this malware run on?

FreeBSD, NetBSD and OpenBSD.

Whoops, sorry. Replied to the wrong thread...

Re:And parents wonder

[kestasjk]

Of course Windows has user and admin account types..

Re:And parents wonder

[shoehornjob]

Of course Windows has user and admin account types.

That's great if you get a parent that can understand the difference and enforce it. I was talking to my wife yesterday about the FCC wanting to enlist ISP's in the fight against various threats (bot networks, trojans etc). They really need to focus on end user education instead. Sure it's great for your ISP to tell you that you have a bot or some other threat on your computer but the damage is already done so what's the point in that. The people I talk to at work already know they have some kind of infection that needs to be cleaned.

Re:And parents wonder

as opposed to a default ubuntu install - hello home directories

Re:And parents wonder

And how do you know when to revert the snapshot.
And how do you recover all the installs since the most recent snapshot.

Re:And parents wonder

[Zero__Kelvin]

" The people I talk to at work already know they have some kind of infection that needs to be cleaned."

I see the same thing all the time, and agree that education is the issue. Most of the people I talk to don't realize that the name of that some kind of infection is Windows!

Re:And parents wonder

[LordLimecat]

If the kid does not have admin access, he can install a userland rootkit, userland keylogger, whatever, but it will not run when other users are logged in, for a few reasons.

For one, non-admins can only add startup programs to their own per-user "startup" folder, or HKCU run key.
For another, the only write access a malicious program would have is to the user's own folder, so it could not trick another user's profile into launching it.
Finally, even if somehow another user's startup menu got a link to that keylogger binary, it would be unable to run it as that other user would not have read rights to the original user's profile.

And all of this is irrelevant: to sniff passwords during login, you need a system driver installed with full admin, not some userland keylogger which is terminated at logout.

Re:And parents wonder

[LordLimecat]

Orrrrr, avoid all the hassle and make everyone non-admin, with a single "Installer" admin account with a password. UAC will take care of all of the magic.

A friend set this up for my brother a few years ago, and I was seriously impressed with what a simple, great idea it is for home users: user cannot just "click next" (they have to consciously enter a password), and it really is easy to train them to use it.

And if they get a virus, its pretty darn simple to login as installer, open Sysinternals Autoruns, and check that user's startup entries. Disinfection takes all of about 3 minutes.

Re:And parents wonder

[flappinbooger]

And parents wonder why they can't let the kids use the work laptop. It's because we're Ogres! Ogres, Damnit!

Gotta use a separate machine. Pick up a discarded old XP machine, clean install, sandbox, chrome, that's all you need for small kids. Older kids might need more power, but they are a different story. Apps like DeepFreeze are useful there, because the 10-15 year old kids are THE single best way to destroy a windows install.

Re:And parents wonder

[Belial6]

At $300 for a decent brand new machine, it makes sense to get a new machine for even small kids. Sure there are some people that just cannot afford it, but for most of us, spending $300 every couple of years on our kids isn't really that big of a burden.

Re:And parents wonder

sure, depends on what people have access to. some people like me seem to have a constant stream of usable but old hardware coming their way. The $300 or less products @ wallyworld are handy for the email/kid/spare internet appliances. I particularly like their occasional laptop specials.

Re:And parents wonder

[HolyCrapSCOsux]

Revert on boot. Only do installs on a clean master.

Re:And parents wonder

Of course it's not. I'm sure you could set up a great system. Problem is, same might not be true of the next guy. Or the guy after that. That's probably just not a risk they want to take, they need to set up their own regulations.

Re:And parents wonder

[izomiac]

It seems like a good solution would be to use one of those commercial "Private Internet Access" type VPNs, and firewall the VM such that it has access to no network adapter except the virtual one. The VM gets unfettered internet access and your local network is safe (so long as nothing breaks out of the VM). IMHO, it'd be crazy to not have such a VPN if you have kid approaching puberty, given how their curiosity might be difficult for Big Brother to distinguish from your perversion.

Re:And parents wonder

[Hsien-Ko]

Not even $300 would do. Just pay for so for a WinXP home license, and find a dropped Pentium IV 2GHz+ off the side of the road. It's more likely than you think.

Re:And parents wonder

[Belial6]

I live in CA, so the electricity cost of running a P4 is more expensive than just buying a new computer.

Well.

At least SOMEBODY is thinking of the children.

Too bad it's all priests and data thieves....

What do you mean used to?

[Jafafa+Hots]

They still do!

uh. um.

nvrmnd

Re:What do you mean used to?

[jimshatt]

No no no, they're "accustomed" to steal their parents data. A habit hard to break...

Re:What do you mean used to?

[imakemusic]

They still do but they they used to, too.

Re:What do you mean used to?

if I had mod points, you would get a +1.

That's a relief.

[TonTonKill]

They used to steal it; I'm glad they stopped. I hope they learned their lesson.

Pre-School?

Okay, so kindergarden is about five years old, right? So that means three and four year olds in "pre-school" (whatever that exactly is). Why, exactly, is a three or four year old using a computer?

Re:Pre-School?

[parallel_prankster]

It is cold here in the winter time so kids cannot go out much. There are only that many other things around the house that you can get them engaged in. Besides, the computer has some cool paint software that kids can play with. There is also one app on the Ipad (among the many) that teaches how to play piano. As long as you don't let them spend too much time on the computer and you can properly monitor their usage, it is fine for kids to be on the computer to get familiar with it.

Re:Pre-School?

[Randle_Revar]

>It is cold here in the winter time so kids cannot go out much

Where do you live, Antarctica?

Re:Pre-School?

[Adriax]

My 4 year old daughter can navigate around youtube pretty easily, finding all the kitten and my little pony videos she could want. She's also smart enough to know which videos are bad and to stay away from them. Same goes for netflix.
My 4 year old nephew can play solitaire with only a little help from grandpa. He also knows his way around several kids sites like pbs kids.

It surprised me when my little one first used my computer, I have a trackball and it didn't faze her one bit.

Re:Pre-School?

This is my excuse for not going to work today: "it's cold outside". Well, it might not be freezing, but I can't walk around in shorts and t-shirts either, can I?

Re:Pre-School?

[flimflammer]

It's more likely people like you will doom our species.

Re:Pre-School?

[ArsenneLupin]

Where do you live, Antarctica?

In Antarctica, it would be summer now.

Re:Pre-School?

[ArsenneLupin]

As long as you don't let them spend too much time on the computer and you can properly monitor their usage, it is fine for kids to be on the computer to get familiar with it.

... and properly monitoring is exactly what isn't happen here. How come kids are let on a computer with such an insecure operating system? This habit will be a bitch to break later on when they are older. As a good parent, you wouldn't let them take drugs either, especially at such a young age!

Re:Pre-School?

[ArsenneLupin]

This is my excuse for not going to work today: "it's cold outside".

Last year, we did get a day off at work due to "excessive" amounts snow on the roads. Only trouble: management announced the "good" news via work e-mail...

Re:Pre-School?

[CProgrammer98]

Because it's the 21st century? We're no longer in the dark ages dude. My kids weer using computers at 3 and 4 20 years ago. It's nothing new. Computer literacy is just as important as reading, writing and math and the sooner the kids start, the better.

Re:Pre-School?

Computer literacy is just as important as reading, writing and math and the sooner the kids start, the better.

Hahahaha! Don't overestimate the value of those skills. It's not nearly as important as reading, writing, or basic math.

To some people, it's pretty important. But I know a *lot* of people who don't know how to use a computer and frankly don't need to.

Re:Pre-School?

[alex67500]

Where do you live, Antarctica?

In Antarctica, it would be summer now.

Still not awefully warm. It's one of the drawbacks of living on a giant ice cube...

Re:Pre-School?

[kyrio]

Looks like you have the same amount of intelligence as the OP. I can't wait for you to starve to death because it's "too cold outside" for getting foodstuffs to feed yourself with.

Re:Pre-School?

[shadowmas]

Why should the trackball faze her any more than any other object in the house. They are all new items as far as she is concerned. Whether they were invented 1 month ago or a 1000 years ago are irrelevant. Everything is new. She'd just learn using a trackball just like learning to use a cup or even walk.

I like to think of the brain as a sponge and knowledge to be water. In kids it's like a dry sponge it has plenty of space and will absorb things quickly. We on the other hand have quite a lot of our spongie brain filled already for better or for worse.

My nephew who is also 4 years old navigates youtube for his cartoon fix. And knows how to start any installed games. He also knows how navigate to flash game sites from history and knows not to click on ads :).

Re:Pre-School?

yeah, antarctic explorers usually are in shorts and a tshirt this time of year, sandals optional as the ground gets baked nicely, rather a nice feeling on bare feet.

Re:Pre-School?

[Zero__Kelvin]

"Only trouble: management announced the "good" news via work e-mail..."

... so what is the problem with that? Did the snow stop the bits from making it passed your driveway onto your computer when you checked your e-mail in the morning or something?

Re:Pre-School?

[Zero__Kelvin]

Trackballs are complicated shit man ... complicated!* When it comes to keeping the proles from asking to use your computer to check their Facebook account it is the greatest deterrent ever. "Sure, you can use my computer. You do know how to use a trackball, right? [blank stare from prole]"

* I personally use a trackball religiously

Re:Pre-School?

[ArcherB]

Okay, so kindergarden is about five years old, right? So that means three and four year olds in "pre-school" (whatever that exactly is). Why, exactly, is a three or four year old using a computer?

There are excellent educational applications and websites for children to use. My pre-schooler uses a site called Starfall that has done an awful lot in teacher her to read, count and do basic math. She absolutely loves it. It also increases in difficulty as she goes on.

My daughter uses Linux exclusively and her account is quite restricted. Installed are the usual Tux apps, TuxPaint, TuxTyping and TuxMath, as well as the GCompris and ChildsPlay. Everything is fairly locked down and I can always increase or decrease availability as time goes on. For example, it will be no big deal to install an email program for her to email Grandma.

All of this is running on my PC and I have not taught her how to log as herself so she can't use the system without me being there. However, it won't be long before I give her own PC with extremely limited access for her to use as she pleases. Again, with Linux, I'm not worried too much about viruses or other malware, and I can configure the system exactly how I want it to be.

Re:Pre-School?

[ArcherB]

It is cold here in the winter time so kids cannot go out much.

If you can't understand the flaw in your logic, and you don't find issue with what you're saying, humanity is definitely doomed - especially if people like you are the majority.

When the high for the week is -5 Fahrenheit, children probably should not be playing outside much.

Re:Pre-School?

[datavirtue]

All the kids are doing it.

Re:Pre-School?

Trackballs are complicated shit man ... complicated!* When it comes to keeping the proles from asking to use your computer to check their Facebook account it is the greatest deterrent ever. "Sure, you can use my computer. You do know how to use a trackball, right? [blank stare from prole]"

  * I personally use a trackball religiously

Trackball (http://www.kensington.com/kensington/ce/ca/p/1444/8589664325/expert-mouse-optical-trackball.aspx)
+ Das Keyboard (http://www.daskeyboard.com/)
+ kneeling chair (http://en.wikipedia.org/wiki/Kneeling_chair)
= Unusable workstation for 99.99% of people who want to borrow your computer.

Re:Pre-School?

[thereitis]

DIDN'T, WON'T and CAN'T are very different things, my friend.

Re:Pre-School?

Apparently to kyrio, not going out as much in very cold weather is equivalent to locking yourself in for months on end and starving. Makes sense I guess. Or perhaps he believes that letting a kid play on a computer for a bit instead of running around in < 0F/-18C weather is bad parenting. Or maybe just finds any parental decision that differs to his own to be wrong.

Re:Pre-School?

[Belial6]

For the same reason that they use any other tools like crayons, pencils, light switches, books, etc.....

I realize that we live in an age of aggressive ignorance, but usually people at least pretend that they are not doing it on purpose.

Re:Pre-School?

You are a retard.

Re:Pre-School?

[izomiac]

I used to just change my shell to Litestep and my keyboard to Dvorak then laugh as people fumbled. It's also was a kick to watch an "I'll install it myself"-type tech scratch his head when C:\Program Files and C:\Documents and Settings had both been moved to dedicated partitions, and C:\ was 1 GB in capacity.

Re:Pre-School?

from the looks of it, he's the only one who isn't a retard, and doesn't want his kids to be retards, either.

Re:Pre-School?

[Belial6]

Your nice to your kids. About week after my son's 2rd birthday I formatted his hard drive and gave him a CD with Ubuntu on it. This is a big reason why I call people who claim Linux is 'Hard to install' aggressively ignorant. If a 2 year old can install it, even before they can read, any adult without mental handicaps should have no problem.

Re:Pre-School?

no, its just the normal life that stops people from checking work email every morning before work. even if once in a few years it might save you the trip.

Re:Pre-School?

Not everyone can work or access work email, from home. You insensitive clod.

Re:Pre-School?

[kesuki]

i started gaming hard when i was 5 years old. i've heard of 3 year olds capable of using a kindle fire to play 'angry birds' so um yeah whats the worst that could happen?

Re:Pre-School?

[NetJunkie]

To learn. My son is 3.5yo and can use an iPad better than most new adult users. I got him a Core2Duo iMac for a steal on Craigslist that he uses for PBSKids.org and other learning sites. If you don't have kids you'd be AMAZED at how fast they pick this stuff up. There isn't something magical about books that makes them the best learning tool. They can easily be supplemented with interactive learning from iPads and computers. My goal isn't to make him an IT geek. I don't give a damn what he does later as long as he is happy..it's to make technology extremely comfortable for him to use. When he gets older kids won't carry books..they'll have eBooks on a tablet. I want that to be as comfortable for him as it is now for me.

And pre-school is just school for younger kids. My son is in a Montessori pre-school with 3, 4, and 5 (kindergartners) year olds. He learns a lot. Now, some pre-schools are really just daycares so they aren't all equal so YMMV.

Re:Pre-School?

Perhaps he doesn't check his work e-mail on his personal computer.

Re:Pre-School?

I feel sorry for you... I'd hate to have a job where they fully expected me to check my work email every morning at home...

Using children to scam parents? Legal, apparently

One word: Smurfberries.

How about...

... parents supervise their children on the internet?

Re:How about...

[cloudmaster]

To be fair, these apps look like legit apps for children. It works much the same way as other malware which would fool most adults. It's not like all parents are computer security specialists - despite all the idiots who love to talk about how their ability to figure out sex suddenly grants them equivalent knowledge to doctors, teachers, bankers, cops, and whatever else they think parenting is equivalent to. :)

Re:How about...

[SpzToid]

In American America the internet minds your children for you.

THINK OF THE CHILRENS

[cosm]

This calls for action. The internet must be cleaned up. All PC's must be outfitted with a Breathalyzer to ensure nobody is intoxicated while driving the mouse. Also, social security cards should be required for every transaction. Congress must solve this complex problem by instituting a 'no toddler left alone' policy by putting friendly DHS staff at the desk of every workstation in every house in the nation. Think of the jobs created! And the children saved! RealID Internet ID Security+ Cards (TM) will now be mandatory for all plebeians. Network monitoring will be installed on every home workstation per mandatory Child-Safe-Cloud-Initiative protocols. The Congress will pass laws dictating internet rationing, and you will be given 1/30 internets everyday. If you go over your internets, you will be taxed over 9000 E-Points, which will be filed on your 1040IEEE-Z form. Fingerprint-Retinal-Anal probes will be given to ensure the AAA during each online transaction. I, senator [INSERT NAME HERE] propose this bill to save the chilrens and this great nation that is under continual attack by anonymous super hackers.

Or just watch the sites your kids go to until the come of proper age. And if at proper age they still are clicking on aforementioned items, well, not everybody can be speshul buttercup, eh mates?

Re:THINK OF THE CHILRENS

[sidthegeek]

And don't forget -- every Internet sign-on will be preceded by a 30-minute documentary funded by the good folks at the RIAA and MPAA on the evils of copyright infringement!

Re:THINK OF THE CHILRENS

[L4t3r4lu5]

Also, social security cards should be required for every transaction.

As I'm not American, I won't be aloud on your "internet".

This does not upset me.

Re:THINK OF THE CHILRENS

[ArsenneLupin]

All PC's must be outfitted with a Breathalyzer to ensure nobody is intoxicated while driving the mouse.

If you're five year old daughter is drunk while using her PC, you've got more to worry about than the insecure software...

Re:THINK OF THE CHILRENS

As I'm not American, I won't be aloud on your "internet".

Good. I like my internet nice and quiet.

Re:THINK OF THE CHILRENS

Don't forget the charges for this. Per message, per minute online, per byte over the wire, send/received, per month, per speed of device, per type of device (if a computer has fiber channel disks, it gets charged more for the same bandwidth), then local/state sales taxes on that.

I wonder how long it will be until we long for the days of just paying $5 an hour on Compuserve, or $12 if using a 9600 baud modem...

True that

[parallel_prankster]

My nephews and niece did this when they used to visit my parents place. Within days of their visit my dad, who is not much of a computer person, will call me asking why windows has stopped working. I got a lot of software installed on their computer to monitor these things, yet somehow the kids always managed to install some crap. One good thing that happened was when they turned their attention to Ipads. It has apps on it that are kid friendly but haven't seen Viruses Trojans etc in Ipad apps yet.

Re:True that

[Dwedit]

No, with iPads, instead you have to worry about games where you pay for in-game goods with real money tied to the iTunes account.

Re:True that

[Telvin_3d]

Anything that involves money coming out of your iTunes account also requires a password. If you have given your 6-year-old the password to a real-money account you deserve whatever you get.

Re:True that

[lindseyp]

downloading 'cookie maker' or whatever game the 6yo is asking for also requires the password, and once daddy's entered it, it's valid for 15 minutes of all-you-can-eat smurfberries

Re:True that

[ThatsMyNick]

Once you install, you can restart the tablet. And the authorisation is forgotten.

Re:True that

[ArsenneLupin]

My nephews and niece did this when they used to visit my parents place. Within days of their visit my dad, who is not much of a computer person, will call me asking why windows has stopped working. I got a lot of software installed on their computer to monitor these things, yet somehow the kids always managed to install some crap

So, did the kids also manage to install Windows, or did somebody else install that particular piece of crap?

One good thing that happened was when they turned their attention to Ipads. It has apps on it that are kid friendly but haven't seen Viruses Trojans etc in Ipad apps yet.

Finally one good use for Ipads :-)

Re:True that

[Pausanias]

You can disable in-app payments globally on iDevices, and *that* requires a separate passcode to undo compared to the regular app installation password.

Also, in my experience Apple are pretty good about refunding you money if things like this happen. Once I bought an expensive app for my parents and they charged it to my credit card rather than my gift card balance. I wrote them about it and they credited me back $50 and said they wouldn't charge me on my gift card either---freebee, just like that.

Re:True that

[mosschops]

Settings -> General -> Restrictions -> Require Password -> Immediately

No more 15 minute password caching :)

Re:True that

[ThatsMyNick]

I knew there has to be a better way. Thanks for putting it out :)

Re:True that

[Kjella]

downloading 'cookie maker' or whatever game the 6yo is asking for also requires the password, and once daddy's entered it, it's valid for 15 minutes of all-you-can-eat smurfberries

It gets better, every purchase resets the timer so if you hand it to them 14 minutes later they have only one minute to make the first purchase but as long as they buy at least once every 15 minutes - not hard if the game is in the "you're out of berries, buy a few more" mode - it'll last the whole session. I think some kid here racked up almost $2000 in an hour's play. Hell, I've disabled in-game purchasing for myself to avoid accidents - if I should want it I'll go back and enable it on a case by case basis.

Re:True that

[sociocapitalist]

Agreed - You CAN log out of the store which stops this from happening but there should be an auto-logout capability.

Re:True that

[tlhIngan]

downloading 'cookie maker' or whatever game the 6yo is asking for also requires the password, and once daddy's entered it, it's valid for 15 minutes of all-you-can-eat smurfberries

Not since 4.x, which all iPads are compatible with. Since 4.x, there's been a separation between the timer used for purchases done at the App Store and in-app purchases. Just because you downloaded an app and entered the password there, doesn't mean the in-app purchase can use the cached credential - you have to re-enter your password again to use in-app purchases (they're on separate timers).

And hey, you can also enable it to always require a password on anything (ignoring the timer). It's hidden under a setting for authority figures . What was it, Children Restrictions? Authority Control Panel? Parental controls?

Re:True that

[mattack2]

WRONG. You posted around 50 minutes AFTER the solution to this issue was already posted in this thread.

Re:True that

[Seraphim1982]

there should be an auto-logout capability.

There is. It's under Settings->General->Restrictions

Heavens!

[naota-kun]

Won't some one think of the chil...I mean adults!

Kids user accounts

[smitty97]

How many two year olds know what a "login" is? Mine does. And my four year old has had one since she was little too. I dont let them use my account. They know how to switch to theirs and even (rightly, I guess) get mad when anyone doesn't use their own login. On the Mac, there's a pretty good whitelist of websites and you need admin privs to allow new applications to run.

Re:Kids user accounts

[cerberusss]

I get mad when anyone doesn't use their own login

Meh. I don't get mad, I just tell the laptop: begin auto-destruct sequence, authorization Picard-Alpha-Seven-Tango. That'll teach teh goddamn' kids.

Re:Kids user accounts

Yeah but if you're relying on Windows' account separation and security... Good luck.

Flash-based games

[PatPending]

Emphasis added:

BitDefender Online Threats Lab, one of the security vendors doing research in this area of cybercrime, uncovered a whole bunch of Flash-based games, colourful and attractive to young kids, which came complete with a trojan that has been designed to appeal to those same youngsters.

The article ends with this:

The moral of this tale? Don't use your laptop as a babysitter, and don't be one of the 24.7% of parents who, according to BitDefender's research, don't supervise their young kids' online activity.

How about not using Flash? (At least not on the kid's account!)

BTW: Did you notice how BitDefender got mentioned a total of four times in seven paragraphs and one pull-quote?

Re:Flash-based games

[Samantha+Wright]

I'm sorry, I (BitDefender) can't (BitDefender) hear you over the sound of how (BitDefender) awesome BitDefender is. (BitDefender)

Re:Flash-based games

[joelwhitehouse]

How about not using Flash? (At least not on the kid's account!)

Well that seems to be the iPad approach!

Re:Flash-based games

[gaspyy]

The issue is not Flash games but tricking the users to download a trojan. I could have happen with HTML5 games as well or anything else.

The solution: have a separate non-admin account for kids.

Re:Flash-based games

[after RTFA]
Ralphie: A crummy commercial? Son of a bitch!

Re:Flash-based games

[ArsenneLupin]

Well that seems to be the iPad approach!

On a iPad, kids won't steal your data. Instead they can steal your money

Re:Flash-based games

[Tanuki64]

Why only for kids?

Re:Flash-based games

[Zero__Kelvin]

"The solution: Ditch Windows."

FTFY

Re:Flash-based games

I liked the part where *omg* the Flash game can just as easily redirect you any damn time it pleases without you clicking the "get more" button. Yeah, that's a real shocker.

Re:Flash-based games

Do you think maybe BitDefender will be on this month's PCPro cover disk?

Cynical? Moi?

Re:Flash-based games

[Almost-Retired]

I think all the posts so far have missed the point entirely.

To me, anyone who targets a child's natural curiosity for that sort of exploitation is demonstrating just how badly the planets gene pool filters need cleaning.

If, in the governments collective wisdom (now there is an oxymoron for you), they would re-instate the days when the post office posters said "wanted, dead or alive", which encouraged the bounty hunters to bring em back draped over a saddle, I think I might be interested in making a little extra money to supplement my meager SS check.

To exploit a child in that manner ought to be subject to capital punishment.

Gene pool filter cleaning as it were. Removing the genes that think like that, has to be good for the race as a whole.

Cheers, Gene
--
"There are four boxes to be used in defense of liberty:
  soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
God grant us the serenity to accept the things we cannot change, courage to
change the things we can, and wisdom to know the difference.

Re:Flash-based games

[PatPending]

Gene pool filter cleaning as it were. Removing the genes that think like that, has to be good for the race as a whole.

Cheers, Gene

Oh, the irony.

What games?

[jesseck]

I have a problem with articles like this... a vague threat is made, that some Flash-based games that kids like to play also load trojans. Great. So, neither the writer of the article or Bit Defender say they know what games / sites to stay away from. Thanks. You know, some foods may cause cancer... so let's stop eating, okay?

Re:What games?

[ArsenneLupin]

I have a problem with articles like this... a vague threat is made, that some Flash-based games that kids like to play also load trojans. Great. So, neither the writer of the article or Bit Defender say they know what games / sites to stay away from.

Read again what you wrote... the answer to your question in your last sentence is in your first sentence.

Wow, really?

[GNUALMAFUERTE]

"But worse still, BitDefender even found one painting application where the very act of swiping the paintbrush over an online pet to change the colour of the virtual animal was enough to trigger redirection to an infected site"

No way! You mean a scripting language reacted to user input such as onMouseOver and executed a forbidden instruction such as redirecting the site, by exploiting a vulnerability in document.location.href? This is clearly ADVERTISEMENT for BitDefender who is mentioned throughout the article as a "researcher" while showing no actual "research".

They are not actually talking about the attack vector, because they haven't found anything. They are essentially saying that a href is a vulnerability because it might lead to an "infected" (whatever that means) site.

Re:Wow, really?

[yourEgg]

Agreed The PC - Pro article is pure tabloid scaremongering. The closest published source i can find on bit defender site is this generic pdf http://www.bitdefender.com/media/materials/e-guides/uk/Protecting_Children_Online_Guide.pdf

Not New

I have been pulling malware off PC's for years and most gets installed through free online games, most of these games are alright but there are some that are quite malicious, some sites are just traps. Most Antimalware companies are aware and clean these security risks and that Bitdefender has discovered. So if BD are actively looking at where these infections are coming from that a good thing :) Maybe this is the way to a (slightly) cleaner internet.

no...

[alienzed]

flash used to steal data. Nothing [new] to see here, move along.

zhoudan

nice post

For this reason....

[Antarell]

My kids have their own computers and don't use mine.

WTH?

[ledow]

What are pre-school children doing using the Internet unsupervised?

What are pre-school children doing on a computer that lets them connect to the Internet at all (this is what NetNanny, software firewalls, etc. are FOR).

What are pre-school children doing clicking on anything that they see on the screen?

What are pre-school children doing using admin-level accounts that allow modification of any settings but their own?

What are parents doing to allow all of the above and then complain about what happens to their PC (or their child)?

Re:WTH?

Because believe it or not, there are still people in this world who don't know dick about the internet, and don't know what it's capable of.

Or another scenario is that they are like many parents (note I did not say all) who don't want to be bothered by actually raising their child themselves, so they use TV, computers, video games, and grandparents to do it for them.

Simple solution

[Vijaysj]

Kids stealing Parents data.. Hmm Identity theft..... Simple solution
Do not tell your kid any of the following
1. Your Birth Date
2. Your Wife's/Kids Birthday (You were born that's enough why do you want to know when)
3. Your mothers name. (Just call her grandma Ok.)
4. Your Postal address zip code etc. (This is home... that is school... you walk from here to there...)
5. Any of your family history.
6. Anything else?

That will teach those Imps to steal my data :-X

Borrowing from the master

[RackinFrackin]

Mr. Soupy Sales

Just use a separate OS like Kiddix

This is exactly why we have Kiddix [kiddix.com] installed on an old PC for our kids.

This sounds like those paedophile HOECS games...

[mattbee]

Important documentary link.

How is this effective?

My kids' PCs are on a separate vlan, they run Windows 7 as a non-admin, and use Chrome.

How does malware on their computer compromise the data on my computer? This article is full of FUD.

Does this only affect Windows?

[Murdoch5]

I'd like to think our kids are smart enough in this day and age not to download any free piece of software they see but if they aren't I have a good hunch this only affects Windows based computers which leads back to the parents making a bad platform choice :-).

Were I to spawn child processes...

I can tell you this. They'll have cellphones, laptop computers, violent video games, etc., and so forth, all starting the same day, and no earlier: the day they turn 18.

Until then, it's 1965, as far as their concerned, and TV just went to color. Although I am not old enough to have been around in that time, I had cheap parents, and so when I was a kid I had a B&W TV only, on which to watch the overly color-saturated shows of the late 70's and early 80's. I think that lack of resolution, readable type, or solid lock on signal is character building in the viewer, so that's how I will raise them.

They can have their 2048P/3D picture (by then) with Smell-O-Vision (TM) when they move out and get jobs themselves. 'Till then, sorry kids, that's what you get. Here, try this. It's called a "book". It's made of dead trees. Venerate their spirits and honor their great sacrifice of life and limb (pun definitely intended) by reading and understanding the words printed on its pages.

Nice Headline

I used to do a lot of things too. But now I don't anymore.

Dumb Idea.

Your kids need to know some of these things, should know some, and they're NOT the ones stealing anyway. Their innocence is being exploited. Do your job as a parent, police their experience online, just as you (should) do with their television and movie watching habits, their choice of books, magazines, friends, etc. Then you won't have to worry about them stealing (or allowing to be stolen) your data.