Teen phone monitoring app leaked thousands of user passwords - Sensationalist Headlines

https://www.zdnet.com/article/teen-phone-monitoring-app-leaks-thousands-of-users-data/ The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed. Although teen monitoring apps are controversial and privacy-invasive, the company says it doesn't require parents to obtain the consent of their children. But the Los Angeles, Calif.-based company left its servers, hosted on Amazon's cloud, unprotected and accessible by anyone without a password. ... The database stores the parent's email address associated with TeenSafe, as well as their corresponding child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.

That's what you get for using random junkware. When I was a kid, if my Father couldn't trust me with a phone without it having all that spy shit on there I just simply wouldn't have a phone. Nothing wrong with having a little bit of first party parental control like the GPS stuff and bedtimes but this is a bit much.

How do companies that make apps like this completely manage to flub the back end portion? It's not even hard to obscure passwords. It's literally 7 lines of code in PHP. You're literally raking in hundreds of thousands of dollars, but you can't put 5 minutes into salt and hashing your passwords?

which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed. I hated that episode

Why the fuck is there a "teen monitoring app" in the first place, that's kindaaaa creepy

It's not meant to be used to constantly monitor your child's every step, rather to make sure they aren't somewhere they're not supposed to be, or if they get kidnapped they'll have a general location as too where they are.

Tbh these kinds of things primarily serve the purpose of being a creepy helicopter parent and enabling you to pull it up to instantly win any argument arbitrarily.

apps like this are a serious invasion of someone's right to privacy, minors should not be exempt from having rights to such

In my opinion, teenagers need it more than any group. They need space to grow and to find themselves. Without it, they will rebel just for the sake of rebelling.

I get parental controls and location monitoring, but the other stuff is pretty creepy tbh. At least yours bothers to clear history

You can do most of this with first party already in Android, I bet iOS has the same. Again if you can't trust your child to responsibly use something then you shouldn't give it to them in the first place.

I believe they use it to log into the phone/accounts to snoop. Which means they can't just store a hash. Though some basic encryption would take just about as much effort...

Unprotected S3 bucket. This shit just keeps on happening, some idiot disables all access controls to figure out why they can't connect to it, and then they don't fix their shit.

To be honest, nowadays unless parents are firm on teaching their kids how to properly use one, they're kind of posting practically everything they do and have been for years. Social media kind of makes it easy for them to feel connected to folks if they're given a phone early on enough, and they'll post so much that anyone trying to get info on them could probably easily find out everything they need to begin with. It makes sense for parents to try to watch their kids in this regard, and it makes all too much sense that junkware tricked them easily into thinking they had an easy and accessible means of doing it that only made everything worse with the passwords leaked.

lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed. What is this, "Mormonism: the app"?

the fact an app like this exists in the first place is a bigger crime but holy shit either way

One of my friends has Net Nanny on his computer and some control thing on his phone. He’s nearly 20. Some parents need to btfo.

Just uninstall them?

I believe both pieces of software call home to Helicopter Mom when uninstalled.

What's she going to do, ground him?

Reminder you have no obligation to love someone just cuz of the vagina you came out of

A reminder that if cell phone conditions determined by the parent are the make and break for loving them then you've got some other problems going on

I was talking about the general idea of it, but having 0 privacy as a teen can be extremely detrimental to QoL. GPS tracking is one thing but needing to see all calls, texts, etc is being a controlling sociopath.

Your point has as much context as you're willing to provide it. Circumstances will not always be the same but one thing to note is a good chunk of the time parents are invasive because they care. To hate them for being nosy when it's out of genuine concern for your own well being is fairly shitty from my point of view. Then again you have those parents that get absolutely high over having control of someone. I wouldn't blame you for having a disliking towards them. Genuine abuse should not be tolerated but some peoples definition of it can be a tad bit soft at times. Total control over your life is abuse but being a tad bit snoopy with your text messages on a phone plan that they pay for isn't. Again I think my father had the right idea and I plan on implementing it when my children come into the world. Don't give them something if you can't trust them not to misuse.

Y'all must have been much more well behaved children than I was, I think back to the stuff I pulled and think these measures would have been reasonable.

Bad kids will be bad, good kids will be good, but most of us will just be regular kids. I would have hated to have been spied on at any moment in time by my parents, especially to such an extent as reading texts, knowing my location, who and when I was calling.... Fucking hell, that little freedom will scar a kid

I believe that teenagers need to do stupid shit to find out why it's stupid. It's simply not enough to be told that it's stupid, you have to discover that for yourself.