1. Home
  2. News
  3. Tech News
  4. Privacy


Your kids' school apps may be invading their privacy

The 25 least safest apps for students are exposed

The next time your school-age child says they need to open an app to check on their homework assignments or see when their school’s next ball game is, you might be raising an eyebrow once you read this.

A new study from Internet Safety Labs (ISL) found that 96% of the educational apps commonplace in America’s schools expose personal information about children and their families to technology providers, third-party marketers, advertisers and often the internet at large.


Not sure how to choose?

Get expert buying tips about Privacy delivered to your inbox.

    By entering your email, you agree to sign up for consumer news, tips and giveaways from ConsumerAffairs. Unsubscribe at any time.

    Thank you, you have successfully subscribed to our newsletter! Enjoy reading our tips and recommendations.

    Recent Articles

    • Newest
    • Oldest

    Consumers keep adding their names to the FTC’s Do Not Call Registry

    The agency says it’s getting ready for any new technology challenges telemarketers may try and throw at it

    The Federal Trade Commission (FTC) has handed Congress its latest National Do Not Call (DNC) Registry report, which focuses on how consumers and businesses alike have been impacted by unwanted sales pitches and robocalls. 

    If you guessed that there are more and more people who want to be added to the list, you’d be right. There was an uptick of more than 4.1 million registrations from the previous fiscal year, bringing the DNC Registry close to 239 million consumer registrations.

    Making companies put their money where their mouth is

    Many consumers might be surprised to know that businesses and other entities pay to access the registry. The reason is that any U.S. telemarketing company that wants to call a consumer is required to download the phone numbers on the National Do Not Call Registry every single year to ensure they do not call consumers who have registered their phone numbers. 

    The telemarketers are given access to five area codes for free, but they have to pay up to get the other 330 area codes. Some charitable organizations get the list for free.

    Consumer complaints about telemarketing calls aren’t going away any time soon, but with the new TRACED Act hopefully putting a lid on runaway robocalls, there’s a little bit of hope. Nonetheless, the FTC figures that there’ll always be some company somewhere that is going to try and find a new way to get consumers on the phone without playing by the rules.

    “As new technology provides new challenges, the FTC actively seeks to address and confront them by, among other things, encouraging private industry, other government agencies, academia, and other interested parties to create and develop new strategies to help consumers avoid unwanted telemarketing calls,” the Commission wrote in its Registry update.

    The Federal Trade Commission (FTC) has handed Congress its latest National Do Not Call (DNC) Registry report, which focuses on how consumers and businesses...
    Read lessRead more

    Laser pointers can trick smart speakers into following voice commands

    A team of researchers have found a vulnerability in the microphones of many popular smart speakers

    Researchers from Tokyo and the University of Michigan have found that laser pointers are capable of “hijacking” smart speakers. 

    In a paper titled “Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems,” the researchers said they found that voice-enabled devices could be tricked into following voice commands by beaming a laser at them. 

    The team tested the effect of laser pointers on smart speakers that included Google Assistant, Apple Siri, and Amazon Alexa. They found that these devices interpreted the light of the laser as sound. 

    “We have identified a semantic gap between the physics and specifications of MEMS (microelectro-mechanical systems) microphones, where such microphones unintentionally respond to light as if it was sound,” they wrote. “Exploiting this effect, we can inject sound into microphones by simply modulating the amplitude of a laser light.” 

    Privacy threat

    The effect produced “an attack that is capable of covertly injecting commands into voice-controllable systems” at distances of 230 to 350 away. In one instance, the team successfully commanded a Google Home device that was in a room in another building to open a garage door simply by shining a light that had the “OK Google” command encoded in it. 

    The list of devices that were tested and found to be vulnerable to light commands includes Google Home; Google Nest Cam IQ; multiple Amazon Echo, Echo Dot, and Echo Show devices; Facebook's Portal Mini; the iPhone XR; and the sixth-generation iPad.

    The researchers said they have already notified Tesla, Ford, Amazon, Apple, and Google about the weakness. They said that mitigating the flaw would require a redesign of most microphones. Lead author Takeshi Sugawara said one possible way to get rid of the vulnerability in microphones would be to create an obstacle that would block a line of sight to the microphone's diaphragm.

    Researchers from Tokyo and the University of Michigan have found that laser pointers are capable of “hijacking” smart speakers. In a paper titled “Ligh...
    Read lessRead more

    Report finds very little anonymity on the internet

    Most websites track your browsing habits

    If you’re doing anything online that you don’t want anyone to know about, you’re probably out of luck.

    The Washington Post reports a number of websites, from mainstream news outlets to porn sites, are using a hidden code to run a check to find out who you are. Accessing or deploying browsing features like “private browsing” may make no difference at all. In fact, because you’ve turned on a feature like “do not track” may make you more likely to be tracked, security experts say.

    Some of these programs that track you online don’t appear to be that intrusive at first glance. The programs extract mostly innocent-looking data about your computer, such as your screen resolution or the version of the operating system your device is running.

    It’s called “fingerprinting,” with the web taking a photograph of your browsing habits. With this information, a program can know what sites you’ve accessed in the past and create profiles of your behavior. It’s one of the reasons that ads seem to follow you around on the internet.

    The Post report says most of the sites it contacted said “fingerprinting” web users is now  industry standard practice. But one analyst told the Post that “fingerprinting” is user-hostile, with the fact that web users who ask not to be tracked become even more valuable tracking commodities.

    ‘Growing threat’

    According to the Post, Google, Apple, and Mozilla have all agreed that “fingerprinting” is a growing threat to consumers.

    It’s not that websites you’ve visited have your name, address, or any other personal information about you in a database. It’s all a matter of putting information into a pattern.

    As internet users access a website, the site’s code begins asking your computer for things that aren’t part of the usual process of pulling up a page. Knowing what operating system you’re running, what fonts you have installed or what your address is on your internal network distinguishing characteristics.

    If you have turned on “do not track” the site may take a special interest in you. Different websites use different data points to assemble your fingerprint, which is part of what makes it so hard to control. 

    Some websites say they use fingerprinting to protect their customers. They contend that fingerprinting lets them improve online security, such as fighting attempts to use stolen credit cards or passwords.

    If you’re doing anything online that you don’t want anyone to know about, you’re probably out of luck.The Washington Post reports a number of websites,...
    Read lessRead more