- Network of fake news sites in Michigan appears to be right-wing propaganda effort Today 6:30 AM
- ‘BoJack Horseman’ hints at a brutal reckoning in its final season Today 5:30 AM
- How to stream Barcelona vs. Slavia Praha in the Champions League Today 2:00 AM
- How to stream Chelsea vs. Ajax in the Champions League Today 1:00 AM
- People are using #WheresLindsey to criticize Graham over Trump ‘lynching’ defense Tuesday 8:22 PM
- 2 Proud Boys sentenced to 4 years in prison for attacking antifa protesters Tuesday 7:20 PM
- Paul Joseph Watson is very upset by bartender serving beer with her butt Tuesday 6:24 PM
- Twitter developing a policy to combat deepfakes Tuesday 5:28 PM
- The Nate Diaz vs. Jorge Masvidal bout at UFC 244 is perfect for NYC and its fight mecca Tuesday 5:27 PM
- Alexis Bledel named most dangerous online celebrity Tuesday 5:02 PM
- Kylie Jenner trademarks ‘rise and shine’ after meme success Tuesday 4:50 PM
- ‘Watchmen’ website expands what you know about its alt-history Tuesday 4:31 PM
- Smoke ’em, pass ’em Week 8: Mark Walton szn Tuesday 4:26 PM
- Venmo’s first-ever credit card to launch in 2020 Tuesday 3:46 PM
- Wet Kylo Ren may turn everyone to the dark side Tuesday 3:15 PM
Flaw in popular U.K. classroom software exposes vast trove of kids’ personal data
The company has responded in all the wrong ways.
One of the most popular Internet filtering tools in the U.K. has been found to have a flaw exposing hundreds of thousands of children’s personal information.
British security researcher Zammis Clark has discovered a security vulnerability in the encryption protecting Impero Education Pro, which is used in 27% of British K-12 classrooms.
Teachers use the program to limit kids’ Internet access, manage classrooms, and, in an odd twist, prevent Islamic radicalization by flagging keywords like “jihad,” “jihobbyist,” and “message to America.”
As the Guardian noted, the newly revealed flaw “could allow almost anyone to gain full access to computers running the Impero software, run software such as spyware on the systems, or access files and records stored on them.”
Impero, which is based in Nottingham, U.K., and has an office in Portland, Oregon, has issued a patch for the flaw, but the company has been slow to deliver it, according to several of the affected schools.
Impero has a reputation for hard selling and slow communicating. A great deal of the company’s public response has involved indicting Clark for publishing the flaw. Less attention has been paid to the alarming breach itself. Impero has sent a takedown notice to Clark and said he “maliciously and illegally hacked our product.”
According to Clark, the software has a default password of “password” and lacks decent authentication. If a hacker can gain access to an Impero server, any machine connected to it is seriously vulnerable.
Photo via Todd Petrie/Flickr (CC BY 2.0)
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers