Security researchers have found several weaknesses and vulnerabilities that the child surveillance app promoted by the South Korean government exposes several mobile devices too. The vulnerabilities include information being given about where a child is and at what point in time, information that can be utilized in wrong ways if it is intercepted by hackers. This parental control app can compromise the security of the young ones as hackers can find information related to the young ones and their location and utilize the same.
Smart Sheriff is the program among several other child monitoring apps that are used in South Korea and allows minors to be tracked by their parents. There were reports of the vulnerabilities of these programs issued by a German software audit company called Cure53.
The software offers no firewall or protective feature to provide privacy to the users, which was found alarming by the software audit firm. These apps that are meant for surveillance, act as baby sitters electronically, allowing parents to know how long a child is using a phone and which websites they are browsing and so forth. The software can allow parents to know the kind of messages being exchanged on the phones of their children and so forth.
The government made it mandatory that smartphones that are sold to under 18 children should be equipped with a surveillance software. This move allowed software like Smart Sheriff to be promoted as parents were encouraged by schools also to download the applications on the phones of their wards.
The audit firm found that databases containing phone numbers of children along with their web browsing data and birth dates are being passed along internet in an unencrypted form which makes them susceptible to be intercepted. The authentication problems make this software easy to be hacked and used for malicious purposes. Even bogus alerts can be sent to parents. Several weaknesses have been found with these apps and about 380000 users are vulnerable to hacking and malware attacks.
The firm then alerted the mobile operators association in South Korea, which developed and operated the Smart Sheriff app. The developer firm, MOIBA stated that the vulnerabilities have been fixed since then. However, the audit firm remains skeptical as to how well the fixes have been done and how effective they will be. Many independent security researchers have also reviewed the Smart Sheriff program and found it to be vulnerable and not impressive.