U of T's Citizen Lab finds faulty South Korean child-monitoring app returns
Citizen Lab researchers have found that a South Korean child-monitoring smartphone app removed from market in 2015 because of security flaws was reissued under a new name and continues to put children at risk.
published an Associated Press report on the findings from Citizen Lab, which is located at U of T's Munk School of Global Affairs.
鈥淪outh Korean authorities believe monitoring and censoring children鈥檚 smartphone use is part of the state鈥檚 duty to protect teenagers against harmful content such as pornography,鈥 the article stated. 鈥淭here is broad public support for the government to stop online behaviour that is deemed to be an addiction. The government spends public money to help users break habits of excessive computer gaming and Internet use.鈥
South Korea is the first jurisdiction in the world to require minors have content filtering applications installed on their mobile phones. One of the most popular child-monitoring apps was Smart Sheriff, which was developed by the Korean Mobile Internet Business Association (MOIBA) with extensive funding from South Korea's telecommunications regulatory body, .
In 2015, the internet watchdog group with Smart Sheriff that could be used to collect sensitive information from users, take control of user accounts, and disrupt service operations. Following the report, MOIBA released a new version of the application, but it too was found to contain security flaws, at which point MOIBA removed Smart Sheriff from the market.
Citizen Lab says that Cyber Security Zone, which was released as a replacement to Smart Sheriff, is 鈥渋n fact, a rebranded version of Smart Sheriff鈥 and has many of the same security issues, leaving children's private information vulnerable to hackers.
鈥淥ur research shows that the Korean government has sponsored applications that fail to meet basic privacy and security standards, the functionality of the apps go beyond the requirements of the mandate, introducing privacy risks, and the vendor of the apps, MOIBA, has not been transparent with the Korean public about security and privacy issues,鈥 the Citizen Lab report states.
The Associated Press reports that MOIBA has denied that the two systems are the same, and an official of the group said a review by the government found security was satisfactory with Cyber Security Zone.
Citizen Lab co-authored the report with Cure53, a German auditing firm, and civic group OpenNet Korea.