Child social media monitoring site, uKnowKids, is under fire for how they responded to reported vulnerabilities…
According to Computer Weekly, the child social media monitoring site, uKnowKids, was recently proven to be accessible to the public by security researcher Chris Vickery. This security gap left the children’s data exposed. This data included names, social media credentials, dates of birth, GPS coordinates, and millions of private text messages.
Initially, Vickery reported the company was very appreciative of him reporting the security hole, so it could be fixed in a timely manner. According InfoSecurity, the company resolved the vulnerability within 90 minutes. However, in a follow-up phone call, Vickery reported uKnowKids “tried all manner of intimidation tactics” on him. These kind of responses to security research findings have the potential to deter researchers from sharing their results.
PC Pitstop’s Vice President of Cybersecurity, Dodi Glenn, was cited in both Computer Weekly and InfoSecurity articles. Glenn reported these organizations need to realize that researchers are not exposing security gaps to hurt the company, but to merely show that if the “good guys” can gain access, so can the bad.