Terry Cutler the Ethical Hacker | Call me at 1-844-296-5649 x 24
Terry Cutler – The Ethical Hacker
Home » Family Friendly Social Site is Leaving Your Kids’ Information Unprotected for Hackers to Find
Articles

Family Friendly Social Site is Leaving Your Kids’ Information Unprotected for Hackers to Find

Family Friendly Social Site is Leaving Your Kids' Information unprotected for Hackers to Find shutterflyMany people believe that once we are behind a computer, we become anonymous. Of course, we should protect ourselves by not posting any sensitive  information on public online spaces, but there are many other ways that you and your family could be easily found without sharing any distinct personal details. Another aspect of cyber security that Digital Locksmiths works with is online safety, particularly for children.

It goes without saying that you should not post personal information in dangerous places like chatrooms, but what about websites that are designed to be safe and family-friendly? It has recently become known that the popular photosharing site, Shutterfly, has been untruthful about its privacy policies . Although the site claims to be entirely protected by SSL––a cryptographic protocol that keeps online communications secure––in its privacy policy , the website is using the encryption for only some aspects of the website. Other popular applications, such as Shutterfly’s popular and free “Team” service is not. The Shutterfly “Team” service has a partnership with the American Youth Soccer Organization (AYSO), and encourages parents and coaches to sign up their athletic groups so they can have a central location to share team photos and roster information, including home addresses, contact information, gender, schools, jersey numbers, and game schedules. While it is great that Shutterfly is securing its users’ credit cards, isn’t it concerning that they are not protecting children?

According to the Mother Jones article, Shutterfly representatives have been aware of this problem for at least six months, but has not taken any steps to remediate the issue, or warned its users of the insecure details on their children. Suddenly, this sensitive information could become accessible to anyone with basic tech skills, and knowledge about cookie-catching software.

There are two popular programs called Firesheep and CookieCadger that have been circulating the Internet since 2011 that make hacking unknowing user’s personal accounts quickly and easily. Provided that you are in the same wifi zone (i.e. in a coffee shop, or other hotspots that aren’t password protected) programs like Firesheep and CookieCadger allows hackers to gain access to even your password-protected websites with the click of a couple buttons. This because once you have entered your password into whatever site you are using, the SSL stops working on sites like Shutterfly that are not entirely SSL-protected. Hackers using Firesheep or CookieCadger can see that you’ve logged into these pages, and now have access to them as well. They would now be able to view all of the user’s sensitive information contained on that site. In the case of Shutterfly, they would now know everything about where you child lives, how old they are, what school they go to, and where they will be and when.

When using websites that you are trusting with personal information, it is crucial to read the privacy policy to confirm that they are protecting your sensitive data. We are living in a digital age, and we must be wary of the bad guys lurking around the web for vulnerable information. For more information on how to keep kids safe online, check out my seminar  that I did in partnership with the Lester B. Pearson School Board in 2011 and 2012.

@terrypcutler

 

Subscribe to our mailing list

* indicates required

Related posts

Bill C-30, a mistress and a group called anonymous

Terry Cutler

TerryCutler’s Blog selected by Feedspot Panelists as One of the Top Hacker Blogs on the Web

Terry Cutler

EC-Council Helps Terry Cutler Become Local Media’s “Ethical Hacker Guy”

Terry Cutler

What should every CEO know?

Terry Cutler

SecurityWeek – Budgets are Tight, but Secrets Should be Even Tighter. Why Aren’t Companies Getting the Message?

Terry Cutler

Canadian Business Unprepared for Cyber Attacks – Why We Should Care

Terry Cutler

LEARN THE SECRETS OF THE WORLD’S MOST SUCCESSFUL CYBER SECURITY EXPERTS. Close I'm Interested

Privacy & Cookies Policy