The Security on Cheap Kids’ Tablets Has More Holes Than Swiss Cheese

Bluebox shocked no one last November when they revealed that cheap Android tablets came with bonus security problems, and this security firm is back again this week with a report which shows that cheap kid's tablets are just as ridden with security issues.

While that comes as no surprise, this time around I would be concerned. Not only do the kids' tablets share many of the same security shortcuts as regular tablets, several tablets tested in this report also sent personal info over the web in the clear.

The Security on Cheap Kids' Tablets Has More Holes Than Swiss Cheese e-Reading Hardware Security & Privacy

Bluebox tested a total of 9 tablets currently available on the US market. They didn't include the Kids Fire tablet from Amazon, but Bluebox did test the Nabi 2 (above) as well as tablets from Kurio, Orbo, Smartab, and a number of other tablet makers which I've never heard of.

The 9 tablets cost anywhere from $50 to $140 (for the Nabi 2), and all ran either Android Jelly Bean or KitKat. With two exceptions, they also shipped with parental control tools which enabled an adult to setup a tablet so it can be used by a child.

All of the tablets shared at least 3 know security vulnerabilities (Futex, ObjectInputStream and BroadAnywhere), and several topped that off by shipping with ADB enabled and already rooted. While I would usually regard the last two points as a bonus for any tablet I bought for myself,  that's not something I would want to see in a kids tablet.

On a scale of one to ten, the tablets' security scores ranged from 2.7 to 5.3. The Nabi 2 was the single tablet to break the 5.0 barrier, which would be nice if not for the fact that it was also one of the three tablets which sent user profile photos to cloud servers sans encryption (to the tablet maker's own servers, no less).

The other two tablets were tied into Zoodles, a 3rd-party service which offers parental controls. Bluebox reported that this service was also sending personal account info (name, birthdate, and profile image) in the clear.

While I was inclined to write this report off as simply more proof that cheap tablets aren't very well made, the lack of encryption really bothers me.

That's not a mistake that companies should be making in 2015, but luckily this is a problem which Fuhu (maker of the Nabi 2) is interested in fixing. Bluebox also noted that the Nabi 2 had a much lower security score out of the box, but after a couple updates repaired a couple issues the tablet scored 5.3 out of ten.

I don't know if Zoodles is aware of its security issues, so it would be best to avoid that service for the time being.

Bluebox via Tom's Hardware

Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader: He's here to chew bubble gum and fix broken websites, and he is all out of bubble gum. He has been blogging about indie authors since 2010 while learning new tech skills at the drop of a hat. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.

1 Comment

  1. […] The Security on Cheap Kids’ Tablets Has More Holes Than Swiss Cheese (Ink, Bits & Pixels) […]

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top
%d bloggers like this: