Thursday, June 10, 2010

Technology alerts parents when kids are targets of sexting, cyberbullying

The trouble with being paid to write blogs is that you often neglect your own. So, suddenly, a week has gone by with no update here. Bad me!

I feel very passionately about this week's topic, though: A new service called KidPhone Advocate that was dreamed up by a mom from Colorado whose teenage boy was targeted by a would-be sexual predator via mobile phone. You can get the low-down on the service in my SmartPlanet blog entry. But the crux of the matter is that it will monitor the texts that your child sends and receives for signs of inappropriate behavior. Certain slang, for example, that would lead you to believe that your son or daughter is dabbling in drugs.

You can even add an additional service that will ensure the children CAN'T text while driving!

Let it be known that I am not in favor of "spying" as a rule, but generally speaking mobile phones and smart phones were designed for adults. The parental controls that you can layer onto your home computer to ensure appropriate usage just don't exist on smartphones. At least not right now. It seems to me that one of the smartest things that mobile phone and wireless operators could do moving forward -- given how widely mobiles are used by our children -- is pay more attention to their needs. I'd wager to say that the first operator out of the gate with better controls would find that it had a competitive advantage with those customers seeking family plans.

Friday, June 4, 2010

What, me worry? Why I'm angry (not afraid) over Apple iPad security incident

Last night, I received the email (yes, it came in email) that I had been somewhat dreading since the middle of last week. The salutation: "Dear Valued AT&T Customer." And, yes, the note was about AT&T's 3G service breach related to the Apple iPad.

You can tell lawyers wrote this missive because even though the company acknowledges the "issue" in the very first sentence, it never says whether, in fact, my email was one of the ones that was exposed. I could almost see the lawyers standing behind someone composing this email, whispering, "Admit nothing."

Here's the text of the first paragraph: "Recently there was an issue that affected some of our customers with AT&T 3G service for iPad resulting in the release of their customer e-mail addresses. I am writing to let you know that no other information was exposed and the matter has been resolved."

Um, OK, so was my email one of the ones released?

Later on, I hear that: "I want to assure you that the email address and ICC-ID were the only information that was accessible. Your password, account information, the content of your email, and any other personal information were never at risk. The hackers never had access to AT&T communications or data networks or your iPad. AT&T 3G service for other mobile devices was not affected."

The rest of the email expends excruciating technical detail explaining what "unauthorized computer hackers"  did to cause this mess. Those evil hackers! I can tell you, if I wasn't somewhat remotely technical, I would be scratching my head right now to figure out what this note is trying to say. Are you apologizing or warning me?

As far as I can tell, what happened is pretty simple: a group of hacking thrill seekers used the log-in information pre-population feature associated with the iPad to take advantage of a poorly written AT&T log-in scheme. In other words, AT&T was sloppy. The hackers were curious.

The iPad is the first device that some of my really non-technical friends have started buying, although I think relatively few bought the 3G model because of the price. But by getting all technical in its explanation, AT&T probably further distanced itself from the very customers that it was trying to assuage. I take further offense to its advice to watch out for phishing schemes. Hello, AT&T, you're the one that released my email address (maybe?) 

Frankly speaking, my livelihood relies on exposure, so I don't really mind whether my email is revealed. But I do mind if someone uses it to pretend that he or she is me -- the practice known as spoofing. There's an outside chance that this could have happened if these hackers were more interested in financial gain than they were in publicity. But I'm not really worried at this point. 

There is one practice that I'm rethinking as a result of this incident: allowing web sites to pre-populate my name and password. I just spent a couple of hours last night going through all my accounts and ensuring that I had all my passwords in order through a nifty little ID applet for my iPhone called SplashID.

Do you have tabs on all your passwords? This iPad incident should serve as a wake-up call.