The Magic Kinder app created for families with children is promoted to be a safe space for children because the parent has total usage tracking app via special settings that only you can access the interior of ‘app. Now, security experts have warned that there have been mass privacy issues with this app created by Kinder, the well-known trademark of Ferrero.
UPDATE Please note that an update was already ‘fixed bugs unearthed in previous versions, then the version currently available for download from the Android and Apple store should be free from vulnerabilities.
lack of encryption within the application for Magic Kinder smartphones and other deficiencies in the used security protocols would allow hackers to experts of violating the app and then enter the user’s smartphone on which the app is installed, say experts Hacktive security .
the security company says in a company blog post that an attacker could exploit known vulnerabilities to “read the children’s chat, send them messages , photographs and videos or change your profile information such as date of birth and the
sex. “
Among the various functions from the app Magic Kinder offer there is the” Family Diary “, a kind of social Network for children where they can share content: this space, before the upgrade that solved the bug, a hacker also not very experienced could be able to violate it.
the Magic Kinder application for Android smartphones, they were recorded over 500,000 downloads, has been developed by a subsidiary of Ferrero International, the company behind Nutella, Kinder and Ferrero Rocher, as recalled by the British site the Register.
“We offer you the peace of mind of knowing that your children are safe in the environment Magic Kinder. You can add avatars, set time limits and decide how much content can download your son. “Reads the description of the app Magic Kinder, offering content such as games, stories, videos, and various activities such as quizzes and colors meant to be instructive and fun , so that children can interact while they learn.
Joe Bursell, marketing manager at the Pen Test Partners offering independent security consultancy, told the Register that ‘ Magic Kinder application contained many basic safety problems. “Quest are not subtle problems and hard to find,” said Bursell. “You would be able to access the proxy ID in a few minutes of testing (…) there are no checks authorization on any of the requests. This means that anyone can: send a message to your children, read your diary family, and modify other data about people, such as sex. “But the worst thing is that the app” does not use encryption, “he Bursell added, before the Kinder would update the app to a more ‘secure version.
the application version now downloadable tranquilize which – according to a report in the’ Ansa – is one in which they were resolved bugs found in previous versions. “the flaw is corrected with the last recent updates of the app for Android and iOS” he writes ANSA reported that he had spoken with Carlo Pelliccioni of Hacktive Security.
No comments:
Post a Comment