ESRB Video Game Ratings Explained – Do Parents Really Care?

It’s been a decade since ESRB (Entertainment Software Rating Board), the popular self-regulatory organization for video games’ content established. Now, it has become a de facto standard for the content ratings in the overall game industry. Here, I’d like to raise two questions.

  • Can ESRB have succeeded in bringing right changes in the gaming industry?
  • Do we need a rating system for computer/video games?

Let’s address the second question first. In a survey conducted by ESRB in the United States last year, 84% of the parents who have participates are aware of ESRB ratings, while 69% of them used to regularly check these ratings before purchasing a game for their kids.

Fifteen years before, exactly in the year 2000, ESRB had conducted another survey on the US taking the same number of parents. Then, they could that – only 61% are aware of ESRB and its rating system.

Yes, parents are transforming. They care the content appropriate for their kids. Ratings have become a scale of what content will be present to kids.

The Role of ESRB in Video Game Content Regulation

ESRB was established on 1994 by Entertainment Software Association. Its objective is to inform consumers about the content of games it reviewed. Such a rating can be seen on a game’s package, on ads, or in game sites. ESRB uses a two-part rating system which includes a rating system that suggests age-appropriateness, and content descriptors to show the content based on which the rating is based.

Identification of Ratings

ESRB ratings are identified through their icons, that are displayed on the game package.

EC (Early Childhood): Game labelled with EC tag have content suitable for kids from 3 years. It won’t have any material that parents need to care about. Most of these games would be educational in nature.

E (Everyone): Appropriate to children over 6+ years. Games in this category may have minimal violence. Games like Super Mario Bros are examples.

E10+(Everyone teen and older): Clearly specifies that unsuitable to children under 10 years of age. It may contain animated blood and mild violence.

T(Teen): Games classified under this label are unsuitable for kids under age 13. These games may contain violence, suggestive themes, moderate language, minimal blood-gore, etc. The Sims series is a perfect example.

M(Mature): Here, the content would be only appropriate for the age 17 and above. These games are characterized by intense violence, blood-gore, sexual themes, strong language, etc. Resident Evil series, Call of Duty series are examples.

AO (Adults Only): Any games featured in this category are not suitable for those aged under 18. Most of these games may contain intense sex/nudity, extreme violence that includes blood and gore. Nowadays, major game console manufacturers are strictly prohibiting the release/sale of AO rated games on their consoles.

RP (Rating Pending): If a publisher has submitted its product and awaiting the rating, it will be marked with RP rating.

Now, it’s the time to look at our first question. Till now in the US, there’re no federal laws that prevent the sale of violent games to children. Here comes the relevance of ESRB. For parents, these ratings offer a great way to choose the right game for their kids. ESRB adopts most effective attributes of MPAA (Motion Picture Association of America) guidelines to improve their enforcement mechanism.

Today, ESRB is the most comprehensive parental guidance system in the gaming industry. Its current rating system is undoubtedly effective in providing moms and dads the right suggestion – to choose games right for their children.

Dark Web and Deep Web: A Journey to the Backstreets of Internet

Many of you may still be thinking that the rumors about Dark Web and Deep Web as a myth. But, it’s true; it exists. It is huge than what you actually think. According to The BGR, you can only access 4% of the internet via search engines such as – the remaining 96% makes up the “invisible web”, or “Deep Web”.

Really, what is this Deep Web?

Simply we can define Deep Web like this “web content that a conventional search engine can’t find”. But, I can challenge you – you’d have also accessed this part of the web. Want to know how?

You might know how search engines like Google work. These search engines rely on pages that contain links to find out relevant content. But what if there are more content of on the websites indexed by Google – that remains uncovered by Google?

Yes, you can access these type of content after performing a direct search on a website. You can find out most of these “Deep Web” content in online Government databases that is typically unindexed by search engines.

Are these Dark Web and Deep Web same?

“Dark Web” might be the term, you’re more interested in. It can be considered as an encrypted portion of Deep Web that can’t be accessible through standard web browsers. These websites usually hide IP addresses of their servers.  So, it’s very difficult to find out who owns a website here.

deep web dark web

Tor network is regarded as  the main gateway to Dark Web or “Dark Net” content available on the internet. This anonymous network can only be accessed with the help of a special browser called Tor browser.

Is it Safe to Browse on the Dark Web?

Due to the lack of accountability, Dark Web has become as the ground for illegal activities such as drug trade, pedophilic activities, human trafficking etc. At the same time, you can access to a lot of valuable information that can’t be accessed through your regular browsing. Hidden Wiki is a true example. It’s a directory that provides links to various online resources such as financial, commercial and so on.

Internet Privacy advocates would be one of the top beneficiaries of Deep Web. Tor browser simply clarifies this – one can easily protect his anonymity from advertisers and officials without creating any of VPNs.

Conversely, the Dark Web can contain potentially dangerous threats also. Be alert with the links you choose as it can be deceptive sometimes. The main intention of anonymous browsing should be to protect your privacy – not to access illegal data.

Pros and Cons of Virtual Parenting

Virtual visitation – Last few years, this was the term used to indicate visual interactions between parents and kids separated by a distance. Webcams, video chats were all the part of these virtual interactions. What about a quick analysis on the merits and demerits of these “virtual parenting” techniques?

One thing is certain – these virtual time can never replace the need for direct interactions with a kid who hasn’t completed preschool. Contradicting voices may raise on this. But, I’d recommend only this -“something is better than nothing”.

Virtual Visitation is the total sum of communication tools to facilitate parent-child relationships. Distance has never been a communication barrier here.

Advantages of Virtual Parenting

Kids have to get proper guidance from their parents at the right time – on various issues they may face. But, there can some situations where kids get separated from their parents for a fairly long period of time. Virtual parenting tools can diminish the extent of this separation.

In 2004, a legislation passed on US state of Utah for authorizing the judges for a “virtual visitation”. Generally known as Saige’s Law, this recommends to

parents are required to ‘permit and encourage’ telephone and Internet communication when the technology is ‘reasonably available’.   

It was a wise move. At then, there were more than 35 million children in the US alone who were separated from their parents.

Well, this legislation influenced law authorities of various US states. Many of them followed Utah’s path to pass bills on the favor of this issue.

Many kinds of research reveal kids feel closer to parents while using technology. In social media platforms like Facebook, most of the kids accept their parent’s friend requests without hesitation.

One of the research reveals this factor also – if online interactions made between parents and kids are positive, it’d affect their offline relationships in a constructive way.

Disadvantages of Virtual Parenting

Parents would be interested to know their kids’ online friends circle. But if they are using any kind of over-intrusive approach know such things, it may create a negative impact on kids. Actually, kids should feel their parents’ engagement in virtual parenting, not there monitoring. I’m saying this on the fact that there are parents who are punishing their kids by seeing the content they publish online.

Ransomware- Past, Present and Future

The term “Ransomware” is quite familiar in cyber security circles now. But, imagine a situation 10 years back- where you’re seeing an alert message on your PC such that your machine/files are locked up and demanding a ransom for unlocking it. Might be hard to conceive, right?

Yes, ransomware can infect your PC’s any time if you aren’t prepared well. Once infected, they may either encrypt your personal files (like Cryptolocker) or block your entire PC access (like WinLocker).

Through various methods, a ransomware can reach on your PC – visiting malicious websites, opening spam emails, opening suspicious email attachments and through many other ways.

Rise of Geographic Tracking Ransomware

Remember Joseph Edwards, a 17-year kid from Berkshire, who hanged himself after receiving a fake police warning to pay a fine of 100 pounds for browsing illegal websites. The case was reported on 2012. It was a ransomware, Reveton (also called Police Ransomware or Police Trojan) infected on Edward’s PC.

Reveton had a specialty. It was capable of tracking geolocation of its victim. Thus, people leaving in the US used to get the warning message from FBI whereas for French people, the messages would be labelled from Gendarmerie Nationale.

CryptoLocker Arrives

It was on 2013, the infamous file encryption ransomware program CryptoLocker, hit for the first time. According to University of Kent’s 2014 security research report, 1/30 systems affected by this ransomware, and 40% of those paid the ransom.

Experts have suggested several measures to mitigate the severity of a CryptoLocker attack. But, these attacks are only increasing in number. In the very next year, CryptoWall, a close variant of CryptoLocker, affected many PCs globally.

Keith Jarvis, Dell SecureWorks counter threat unit researcher, presented a threat analysis report on these ‘CryptoWall’s. By his report, CryptoWall affected 625,000 victims within 5 months encrypting 5.25 billion files and collecting more than $1 million in ransoms!

Future of Ransomware

Joe Marshall is a security researcher at Cisco Talos. In his opinion, in future, we’ve to expect the threat from “self-propagating” malware or cryptoworms.

In a threatpost article, he has shared his thoughts on this. He says “This new ransomware is a mix of old and new. It has adopted self-propagating properties of worms and malware of the past. And it has new tricks when it comes to traversing corporate networks laterally to find the most vulnerable targets,”
Here’s an infographic on ransomware.

Ransomware - Infographic

Share this Image On Your Site

Why You Need to Know More About Parental Controls?

Several times, you might’ve talked to your kids about internet safety and the need to limit their screen time. Right?

But, how often you think about the effectiveness of these conversations? You don’t have to be a child therapist/psychologist to measure this. Some kids will listen to you and behave only the way you want, some will not.

It’ll be good to refer Erik Erikson, the psychiatrist who defined 8 Stages of Social-Emotional Development. For him, each of this stage is a period of “psychosocial crisis” which demands resolution before entering the next stage. He believes that the formal school age of a kid (before reaching adolescence stage), is a period of competence. It’s the period where a child learns life lessons structured by formal rules. Any kind of Guilt or mistrust can make a big impact on child’s behavior.

Let’s get back to practical. Sometimes, you may feel like it’s really difficult to manage your kids’ activities, even you’re with them. But, if you know how to optimally use parental controls, you can provide your children – a safe and productive online experience. Only one point; you can’t provide such an atmosphere if your kids feel like you are stealing something from them.

Kids have to know about the pros and cons of technology, whether we like it or not. Only parents can guide them to choose the right materials for them. It can start from basics.

Mobile Devices: Last week, techcrunch.com published an article on kids’ device usage – based on the studies by Influence Central, a US market research agency. By this report, the average age at which a child get his/her smartphone is 10.3 years.

One more interesting report. It is from Researchers at the University of Washington. They collected data from more than 50 families. More than 90% of the participants, said that their kids start tantrums when their devices are taken away. It also reveals the ineffectiveness of warnings before taking up screens from them. Clearly, this report was pointing out the need to establish a formal screen time for kids.

Now, several mobile devices have their own parental control features- varies from device to device. But, not all smartphones wouldn’t have these features. But, there’re many parental control apps to sort out this problem.

Web Browsers: Most of today’s modern browsers such as Firefox, Chrome, Safari, etc. have in-built parental control features. You can easily filter out websites in these browsers that you don’t want to your kids to see. Browsers like Firefox are ever capable of recognizing parental controls that are already activated on your computer. These parental control restrictions are ideal for tween/teen ages. For pre-school age kids, there’re kid’s browsers like Grom Social and Kidzworld.

Operating Systems: There’s no question on parental control measures implemented in desktop OS’s like Windows and OS X. Make sure that you’re using the latest version of OS- for improved benefits.

Parenting is a tough job. And every parent needs help. There is software to keep an eye on teens. You can set up parental control over online watch, can limit how much time they spend online.

Here’s a complete list of best parental control software.

How Machine Learning is Reshaping Cybersecurity?

The growth of machine learning as a discipline is embarrassing. There’s no doubt that machine learning has shown its potential to enhance search recommendations – by effective analysis of patterns. Day by day, applications of this field are increasing- including text processing, video analysis, voice recognition, email spam filtering, search recommendations, and more.  But, a question is quite relevant here. Can machine learning make an impact on cyber security discussions?

Starting with an online retail portal. Search recommendations are mandatory for an online business. The base of all these search predictions is determined by some data points. All of a customer’s previous data- including recent searches, shopping history, etc. All these collected data sets are targeted to answer only one question; which item the customer might buy?

Many of today’s industry experts are optimistic on machine learning’s power to revolutionize cyber security aspects.

Stephen Newman, CTO at Damballa is one of those persons. He’s sure about ML’s potential to solve advanced threat problems like infected machine identification in a corporate network. In a Dark Reading article, he quotes like this

“A system can watch the traffic going to and from connected devices. While some of the outbound traffic goes to potentially malicious websites, this one piece of evidence doesn’t prove that the user device is infected. This data must be viewed and weighed in context with other evidence”

There are exceptions also.

See what Simon Crosby (CEO of Bromium inc.) has to tell. In an article published in Dark Reading, he argues “Machine Learning Is Cybersecurity’s Latest Pipe Dream”. He concludes that article like this.

“Post-hoc analysis of monitoring data cannot prevent a vulnerable system from being compromised in the first place”

In the coming years, hope we can see more interesting developments in machine learning sector. Algorithms used in machine learning should be superior- enabling us to easily take decisions on data, not from personal intuitions, and to develop a transparent cyber security policy for the firms.

6 Safe and Smart Social Networking Websites for Kids

COPPA (Children’s Online Privacy Protection Act) is still live. It’s only one thing to say- Websites are not allowed to collect information from children under age 13. Yes, websites can impose age-based restrictions. But, what if kids can simply violate these controls?

It is estimated that more than 20,000 kids under 13 are trying to sign up Facebook every day. Evidently, children want to use social networks like Facebook that, give them access to cool games and funny videos. At the same time, parents have to be aware of the content in mainstream social sites- including adult content, identity theft and chance to get bullied.

You don’t have to think this as a problem at all. Otherwise, what’s the relevance of any of the kid-safe social networking websites? Yes, there’re many of such websites.

Here I’m presenting some social networking websites for kids that you can recommend to your kids without any hesitation.

Grom Social

Social Networking Websites for Kids

 

Zach Marks, an 11-year-old boy started this website in 2013. No Kid can’t join Grom Social without his/her parent’s concern (hats off to its mail verification).  Also, parents will get regular updates on their kids’ online activities. Any kid/teen under 15 can join Gram Social Community.

Kidzworld

Social Networking Websites for Kids

It’s not just a social network; there are video game reviews, movie reviews, celebrity news and much more – only the content appropriate to children. Kidzworld can be recommended for kids between 9 to 14.

Yoursphere

Social Networking Websites for Kids

 

Like Grom Social, parents have to involve in a verification process in Yoursphere for their kids’ account activation. Kids can create “spheres” and personal spaces based on their interest. Anyone under 18 can join this.

Fanlala

Social Networking Websites for Kids

 

As the name indicates, Fanlala offers an ideal entertainment platform for kids. There are separate sections for videos, music, interactive quizzes, tv shows, and movies. Credit card authorized parent account  is mandatory in Fanlala for kids under 13.

Franktown Rocks

Social Networking Websites for Kids

 

While considered as a fun multiplayer game, Franktown Rocks offers more- music, social networking, etc. Ideal for kids and tweens between 8-12.

Sweety High

Social Networking Websites for Kids

Designed for teen/tween girls. This fun social network has strong privacy measures also.

Whaling and Spear Phishing: Rethinking Cyber Security at a Corporate Level

Internet Phishers are transforming –by adopting more focused, more systematic levels of cyber-attacks. Due to the same reason, the terms Whaling and Spear Phishing are more or less common in the cyber security world.

What about a time travel and dig on the roots of these terms?

Yeah. Let’s proceed.

It was in the midst of 90’s, a new type of email scam “Phishing” bewildered the internet world. From then, almost 2 decades (still continuing), it’s been a favorite method used by fraudsters to get sensitive information.

As the cyber world advances through years, the nature and volume of phishing were also changing. Spear phishing was the first. It has been here for a long period of time. Its inception can be closely tied up with the rise of social engineering channels. And this can be simply defined as an “E-mail spoofing that targets a particular organization or individual for financial benefits or to access corporate or personal information”.

Norton quotes spear phishing like this.

“The spear fisher thrives on familiarity. He knows your name, your email address, and at least a little about you.”

It was in January 2015, Charles Harvey Eccleston, a former employee of the U.S. Department of Energy, had accused of attempting spear phishing emails to many of his colleagues. All those emails were embedded with malicious programs. The systems that Eccleston targeted were contained so much sensitive information. Eventually, the case grew to a federal crime level.

Below, you can see a sample spear phishing email.

Whaling and Spear Phishing
Image credits: flickr.com

Now Whaling. Perhaps, it’d be better to refer “gambling whaling” rather than sea whaling for the origin of this term. In gambling, high-stake rollers are generally known as whalers or more simply big fishes.

Whaling is somewhat similar to spear phishing in terms of its “targeting” nature. But, Whaling’s targeting is more specific – to executive levels. Whalers unlike common phishers, do not generally target bank credentials or financial assets (At least, visibly). The intention of most of the whaling attacks would be to divulge confidential company information.

Why does Whaling need to consider more seriously?

Whaling and Spear Phishing
A sample whaling e-mail Image credits: codemakit.com

 The content of a whaling email will be hard to ignore. It might be in the form of a consumer complaint, legal subpoena or something that looks like a credible message. The source of the email will be cleverly masqueraded from a legitimate business authority. It may contain either malicious attachments or links to destructive pages.

Whaling Attacks- The beginning

Perhaps, the first reported whaling incident would be 2008 FBI subpoena whaling scam. About 20,000 corporate CEOs were attacked on this planned strike. Out of this CEOS, about 2000 executives were forced to open the whaling link. As a result, a key logger was installed on victims’ machines, and it easily took their passwords. Many of their companies had to face repeated hacking incidents after this.

Here’s a whaling incident happened on 2010.  After researching family backgrounds of a system admin, an attacker sent him an email on the discount of a premium health care plan intended for large families. Since admin had five kids, he couldn’t find anything wrong in opening the form associated with the mail. But, there was a malware embedded within the form. This allowed an attacker to intrude into admin’s corporate network and to access sensitive information easily.

Current Scenario of Whaling Attacks

Mimecast, one of the top email security providers had conducted a research in December 2015. Its results were the warnings of heightened whaling threats.

These are the results.

  • Within the last three months, the volume of whaling attacks has increased to 55%
  • Most popular type of whaling attack is Domain-spoofing (70%) while the least is top-level domain squatting (16%).
  • 72% of the whaling attacks are pretended to be the CEOs.
  • Gmail accounts (25%) are preferred by Whalers. Yahoo (8%) and Hotmail (8%) are also on the run.

Feasible Solutions a Company can take to Safeguard from Whaling and Spear Phishing Attacks

  • Awareness to Action: Senior level executives of a company should aware of the possible consequences on the specifics of this attack.
  • Client Certificates: Verify the authenticity of incoming emails by examining client certificates.
  • DNS Alerts: You can opt for DNS alerting services to know if somebody registers a domain that closely resembles with your corporate domain. If possible, consider getting all the available TLDs for your company.
  • Email Filtering: Setup an email filtering system for your company so that you can flag emails sent from close looking domains.
  • Mock Tests: Carry out mock whaling attacks within your organization. It’ll be useful to see how vulnerable your company is.

What’s your suggestion to safeguard your company’s most valuable assets?  Join a discussion on twitter with @safewithtech and @iambrianfelix.

IoT in Education: How to make Schools and Kids Smarter?

The landscape of present-day Internet of Things, is not that much confined as many of you think. You may find its real-time practices around various sectors including healthcare, transportation, smart homes, wearables, and so on. But, still there’s a prominent sector that has ignored by IoT evangelists and firms: Education. Yes, the impact of IoT in education hasn’t been properly discussed so far.

Times are changing. Some recent survey results conducted among K-12 educational organizations have its proof. In the total participants of the survey, about 46% are optimistic about the changes that IoT can bring within the next couple of years.

Heard about Intel’s Internet of School Things project? Focusing on the transformation of kids by the use of connected devices and digitalized learning materials, Intel has marked its presence. More industry players are on their way towards this kind of projects.

The concept of smart schools may be an old thought, started at the beginning of digitalization. But, an IoT Smart School has more “things” to offer- interactive boards, smart wearables, real-time attendance monitoring, digital books, VR headsets and more.

Special Care for Differently Abled

One of the major implications of IoT in the education will be focused on differently abled students. By getting access to smart wearables, they can overcome their limitations up to a limit. For instance, suppose a student is audibly impaired. By the use of VR headsets, he/she can replace hearing aids and effectively communicate with teachers and other students in the class. It’ll definitely boost up his/her self-confidence to become more productive than ever.

Mobile Learning

The term itself is very promising. It’s not quite new also. From the early period of digitalization, we’ve been hearing this. IoT has the potential to change even the definition of the mobile learning experience by creating a collaborative environment comprising teachers and students. Smart educational tools will be more accessible to the students than ever before. Students can easily get feedbacks from their teachers as well.

Flipped Classrooms

You might have heard about flipped classrooms where students engage in short video sessions at their homes prior coming to classes. Whatever they have learned from these feeds may get discussed at classrooms. Also, projects related to these discussions may carry out.

This teaching methodology is gaining more popularity on these days. Many of the educational evangelists acclaim the merits of this teaching method. IoT has more things to do here, especially by providing students more access to video enabled “smart” devices.

Opportunity to Self-learning

Advanced learning applications in IoT enable students to learn themselves at their own pace. Since, they can easily clarify their doubts either with the help of teachers or with the materials itself, more productive results, we can expect. Ultimately, teachers can analyze their students’ performance easily.

IoT Security Risks & Challenges

As long as Internet of Things remains a hot topic, there’s no fault in foreseeing IoT security risks. Obviously, safety is one of the primary concerns for any IoT firm. But for addressing this issue well, one has to know the volume & depth of the subject.

The world of IoT is growing exponentially over time. Everywhere we can see its manifestations- from personal safety gadgets to sophisticated home subsystems and from electric toothbrushes to HVAC devices- that can be accessed & monitored remotely.

The Journal reported – “According to IT research firm International Data Corporation (IDC), IoT is expected to grow from $656 billion in 2014 to $1.7 trillion in 2020, representing a compound annual growth rate of nearly 17 percent.”

It’s impossible to deny “device security” related facts while covering principal security issue in IoT sector. No wonder why device vendors overlooked in this area; especially if they can release cheap devices compromising device safety or privacy.

Real Time Instances on IoT Vulnerabilities

The discussion is not meant to question pitfalls of the entire IoT Industry- but, in a situation where the vulnerabilities in the digital world are occupying space in our real world, these kinds of discussions often find its space.

Analyze these incidents –

  • It was on the last year hackers, Charlie Miller and Chris Valasek demonstrated a jeep Cherokee can be hijacked– just with a notebook computer at home. And very recently, a cyber security expert from Troy hunt, using just a mobile application hacked a Nissan Leaf car and drained it’s entire battery!
  • Samsung had designed a “smart fridge” last year. It was synchronized with user’s Google Calendar through Wi-Fi. This time, the issue came while validating SSL certificates. The result was -as you imagine, unencrypted Google credentials of the user.
  • On October last year, security researchers from Rapid7 found vulnerabilities in 9 baby monitors. By their report, these monitors can easily take control by hackers and use for illicit activities.

Perhaps, you might heard about Shodan, the search engine for IoT devices. We can even see images and videos from non-encrypted webcams around the world through this.

We tested this on some webcamxp cams in Australia. The results were shocking!

IoT Security Risks - Shodan01
One live feed result from Shodan tested with webcamXP in Australia
IoT Security Risks - Shodan02
Another result from Australia

Shodan reminds us why we need to focus more on IoT security.

Even though ignored in previous times, people have started thinking about the importance to increase IoT security. On the light of previous security breaches and device gap holes, crucial efforts are being taken in order to take them down.

Need for Standardization

The fact is the number of IoT-enabled devices to is never going to diminish. Based on this fact only, we can think about the need for standardized IoT security protocols. But, the problem of lack of mutuality arises when we really address this issue. We may find very little security agreement between those connected devices in many sectors- for example, thermostats or lighting sensors.

Off course, the demand for such protocols may grow as per the new developments in this sector. Collective efforts are expected from device vendors to achieve this.