Just one week after a lecture at the Congress 32C3 Hacker wants to make the German Telekom changes to their child protection software. The IT consultant Alvar Freude had Telekom accused unasked to transmit among other IP addresses and MAC addresses of computers on which the telecom program runs.
The IP address is in a sense the digital telephone number of the Internet user, the MAC address is a unique identifier for network cards: So it is data that could identify users of the software.
As the Telekom notifies on request by SPIEGEL ONLINE, the company wants the transmission of both information now “leave as soon as possible”. Evidence that the data is transferred, users had so far received none.
Age-based surfing as a target
The child protection software Telekom is to help parents to give their children an age-appropriate Internet browsing. The free program for Windows computers has been recognized by the Commission for Youth Media Protection (KJM) as a youth protection program. Using so-called filter modules are designed to ensure that children can attend only suitable for their age sites.
about whether such a filtering programs are useful and whether they are used in Germany in any significant magnitude, had the IT consultant Alvar Freude serious doubts logged in 32C3:
But joy went further and accused the telecom front, with their software to collect more data than necessary. “We see here that is transferred the MAC address each time you start the system,” explained one of his presentation slides joy. “The MAC address is the globally unique hardware address of the network card.” In addition will be passed on to an IBM subsidiary unasked the private IP address. This was “clearly unlawful”.
YouTube
sheet of Freudes lecture (Screenshot): Why these data are transmitted
?
Telekom has confirmed on Tuesday that are actually transmitted “with a so-called license ticket” both data on request of SPIEGEL ONLINE – by pointing out that this transfer will no longer be held.
URL submission is a basic requirement
Another accusation Freudes the company is trying to counter with an explanation: The IT consultant had criticized in his presentation that the software also which wanted the children URLs transmitted without prior consent. For this purpose, it is said of the Telekom: “It is true that when using the parental control software that URLs are received, which the boys try to surf.” This was “a prerequisite to allow the child protection software are also working properly.”
If a child types in the address of a website, the software asks the Telekom According to “first to see if the side corresponding to the age group classification is to be released or not “. Depending on the results page will be displayed or blocked. “For this verification process, the child protection software with the necessary servers must connect, that is: The URL is transmitted”. The child protection software always reach for the most current version of the filter module.As Alvar suggesting joy in his presentation, is, however, practically no users made it clear that the program works in this way. The Telekom refers in its observations to a point in the license agreement, which states in advance of the installation: “The software allows the children mode to access only for children suitable sites These sites have been specially selected by Deutsche Telekom or authorized third party.. It involves a categorized URL database, which is also subject to an editorial supervision by the German Telekom or authorized third parties. “
parents, whether technologically illiterate or not, are likely on the basis of this passage hardly understand can, what data and information transfers the program. Also available on the site so far only Telekom some basic information about the features of the software.
No comments:
Post a Comment