Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Scammers Target Neopets Users

Soulskill posted more than 5 years ago | from the guess-wow-finally-dried-up dept.

Security 122

An anonymous reader writes "If you have children that play on the popular virtual world game Neopets, you might want to warn them of a social engineering scam gleefully targeting 12-year-old kids. Neopets users looking for rare items are sent private messages from the scammers, who direct them to sites hosting keyloggers & trojans. They then use the infected PC as a means to get to data the parents might have stored there, be it credit card details, Paypal accounts or online banking. Seeing the screenshots of some of these people talking about putting these children into botnets is just unbelievable — if ever you wanted proof that people up to no good online will go to any lengths to get their hands on some money (or even just feel good about outsmarting a 12-year-old), here it is."

cancel ×

122 comments

Sorry! There are no comments related to the filter you selected.

First Post (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28543685)

Scammers target Goatse [goatse.fr] users.

Scumbags (5, Insightful)

Bigbutt (65939) | more than 5 years ago | (#28543719)

Jeeze, all scammers are scum of the earth. Why would you expect them to be any different with 12 yo kids?

[John]

And the parents? (4, Insightful)

Toe, The (545098) | more than 5 years ago | (#28543893)

Whatever you do, don't blame the parents for:
1. Putting sensitive info on their computer, then
2. Letting their kid use that computer unsupervised, while
3. Leaving that computer relatively unguarded against intrusion.

Sure, not every parent can be expected to be a genius, but if you're going to let children use a computer on the internet, you have responsibilities to act as a sysadmin.

Not to mention responsibilities to act as a guardian. Just as with TV, the computer is not a babysitter. Worse, a net-connected computer is a social interaction tool where every pervert and scammer in the world has direct access to your child. And you're really going to just let them hang out alone with those people?

Re:And the parents? (3, Insightful)

snl2587 (1177409) | more than 5 years ago | (#28544489)

Sure, not every parent can be expected to be a genius, but if you're going to let children use a computer on the internet, you have responsibilities to act as a sysadmin.

I'm sorry: are you joking? So many people can't even act as their own sysadmin to the point that there's little difference between a child inadvertantly downloading tons of malware and the parents' own activities. No, no: the ordinary person's computer will only be safe when the next "version" of the internet is only accessable through cryptic terminal commands and the only people online are the ones who know what they're doing.

/semiTongueInCheekStatement

Re:And the parents? (3, Insightful)

Anonymous Coward | more than 5 years ago | (#28544587)

I'm more than happy to let the laptop my wife's daughter uses get rooted. We don't keep anything important on there and frequently monitor her activities. We've explained the dangers of the internet as best as we can, and if anything losing the laptop to a several day rebuild because of things we warned her against will help her remember far better than if I lock it down so tight that it never gets infected/attacked/etc.

Re:And the parents? (1)

Corporate Troll (537873) | more than 5 years ago | (#28544763)

Ooooh.... Boy, where do I begin? So this laptop presumably runs on your network. The same network that has your computers on it? So her computer gets rooted and that way the attacker has access to one host on your network. How hard do you think it is to probe where the other computer are and use vulnerabilities to attack your trusted computers.

A compromised computer on your network means that your network is compromised. End of story.

Re:And the parents? (1)

PitaBred (632671) | more than 5 years ago | (#28545889)

Speak for yourself... I only let people with untrusted computers connect to an untrusted subnet on a rate-limited WAP (no encryption). They can get to the Intarweb, but not any of my machines.

Re:And the parents? (0)

Anonymous Coward | more than 5 years ago | (#28546179)

Then one of the untrusted users, either gets infected with malware that stores and uploads child porn, or the user is a pervert themselves. Of course this is coming from your IP address, and thus makes you civilly and criminally responsible (as per US court precedence.) Thus a nice sex crime charge.

Re:And the parents? (3, Insightful)

PitaBred (632671) | more than 5 years ago | (#28546451)

They are more than welcome to search any of my devices for child porn and malware, with a proper warrant. I will show them that I have an open AP, with no logging, so it's entirely possible and likely that I did not do the crime. The burden of proof is still on the accuser here in the US, even if they invoke "child porn" [wired.com] .

Re:And the parents? (4, Interesting)

YrWrstNtmr (564987) | more than 5 years ago | (#28546939)

They are more than welcome to search any of my devices for child porn and malware, with a proper warrant.

And they will do so at their facility downtown, and take 18 months to do it.
Yes, you are innocent until proven guilty. But the initial investigation would start with you and your home network.

And, after the case is dropped, the local newspaper might print a retraction, saying that Mr. PitaBred is not guilty of distributing child porn. Of course, after the initial flurry of press coverage, you've lost your job, your kid is taken away for a time by DSS, and your front window has been broken 3 times by angry vigilantes.

Re:And the parents? (1)

sopssa (1498795) | more than 5 years ago | (#28546221)

Even tho your nickname is Corporate Troll, do you think home networks are run like corporate networks? :)

Theres really really small change that any hacker will 'root' her laptop. If by rooting you mean it will get infected with some worm, well, just keep your stuff and updates up to date.

You can secure and limit activies on corporate networks better, but theres no way any normal parent will keep her kids off the internet and computer just because it might get infected.

Re:And the parents? (0)

Anonymous Coward | more than 5 years ago | (#28546763)

You forget where you are good sir!

That laptop is isolated from the rest of the network by a pile of duct taped geek kludge. It's also the only Windows PC, but that's neither here nor there. Just because I don't give a shit about that laptop doesn't mean that everything else isn't well protected (although as a rule I don't keep _anything_ I can't bear to lose on any PC).

Re:And the parents? (1)

amicusNYCL (1538833) | more than 5 years ago | (#28544797)

3. Leaving that computer relatively unguarded against intrusion.

How exactly do you protect against your child clicking on a link, downloading a program, and executing it? Security goes out the door as soon as you choose to execute arbitrary code. A young child can't be expected to understand all of the security implications of using a computer online. I don't see a lot of blame for parents in this situation, nor for the kids (simply because they're too young to have been exposed to this before - this is where they learn not to trust people online). Ideally, you would have one computer for the child's online use, and another one for everything else, but not many families can afford to or want to do that. Other than that one precaution, the parents don't exactly share a lot of blame if their child gets targeted and exploited. I see more blame on the neopets site for allowing users to send arbitrary messages to each other, considering that this site is targeted at young kids. If you're running a site for young kids that is open to the general public, users simply shouldn't be able to send private arbitrary messages to each other. Everything should be public, and the messages may even need to be canned content. If the kid is looking for an item, they choose the "looking for an item" message to post and choose which item they're looking for, and it posts a canned message. They're trying to build an entire social networking site for kids and it looks like they're essentially running the thing unregulated.

Obviously the scammers hold the majority of the blame, but the operators of the site need to realize who their audience is and take precautions to protect them instead of expecting that they already know all about online security.

Re:And the parents? (2, Interesting)

Toe, The (545098) | more than 5 years ago | (#28545771)

How exactly do you protect against your child clicking on a link, downloading a program, and executing it?

I can think of several ways, all of which should be practiced.

1. Don't let your kids log in with an admin account. Heck, don't let ANYONE log in with an admin account, including yourself.

2. Only let your kids run certain apps (at least on a Mac, this is as easy as clicking the Parental Controls option and choosing which apps to allow; dunno on Windows, but if nothing else there are 3rd party utilities for this).

3. Tell your kids not to open e-mail from strangers.

4. Tell your kids not to give out their e-mail address to anyone without asking you first (or have them use your account and only let them see it when you log in).

5. Tell your kids never to open an application they are unfamiliar with. Sheeze, you would think a 12 year old could understand the value of this.

Re:And the parents? (2, Insightful)

amicusNYCL (1538833) | more than 5 years ago | (#28545919)

I don't think you understand the mentality of a young kid. It's easy to say "don't open things you don't know about". But then they're playing their game, and they're looking for that one item that no one else has, and someone says "I used this program to just give myself the item, it works, here's the link", the kid is not going to flash back to you telling them not to open untrusted things, they're going to be so caught up in the fact that they think they're so close to getting this item that the program gets executed before they even think about it.

Expecting kids to understand the intricacies of internet security is about as realistic as expecting an average parent to understand the intricacies of being a sys admin. Keep in mind that most adults don't even understand internet security, let alone their children.

Re:And the parents? (2, Informative)

Toe, The (545098) | more than 5 years ago | (#28546015)

Which is why my first two suggestions make so much sense (and are pretty much sysadmin 101). Don't let kids be admins and don't let kids execute anything but allowed apps.

As for whether or not people could actually be expected to follow these simple rules... well, you got me there. Plenty of sysadmins aren't even clever enough to deny admin privileges to their users.

Re:And the parents? (1)

amicusNYCL (1538833) | more than 5 years ago | (#28546787)

It seems like the consumer computing model just needs to be changed. As a software developer I realize that things that are obvious to me are not at all obvious to the people using my stuff (over 90 days, 30% of about 3,000 support calls for one application were essentially "how do I login"). I haven't used a Mac in a while, but it sounds like it would be a good policy to ship the OS with the default of the parental controls being enabled and only allowing the currently-installed applications. That way, anyone wanting to install anything else will need to at a bare minimum familiarize themself with the controls to either disable them or add the new application, and in doing so will probably gain some understanding about how the system works. I don't know if Windows has something like that either, but it wouldn't be a bad default policy. Windows has always (at least up until XP) had a default policy of allowing everything, it would be nice to see that changed to only allowing what's already there, and if you want to add anything to your computer then you need to learn how the security system works.

Re:Scumbags (0)

Anonymous Coward | more than 5 years ago | (#28543905)

Its not even just 12 year old kids. My nephew started playing neopets at like 6 or 7. I hope my sister has taught him to practice safe internets, but I doubt it.

Re:Scumbags (2, Funny)

CorporateSuit (1319461) | more than 5 years ago | (#28544785)

Jeeze, all scammers are scum of the earth. Why would you expect them to be any different with 12 yo kids?

hmmm... good question, so good, I think people should mod you up. Where will they get the mod points? Well, the secret Slashdot mod-point-getter! Just log into your slashdot account using their secret admin backend [string-emil.de] and you'll have all the mod points you want!

Re:Scumbags (2, Insightful)

AvitarX (172628) | more than 5 years ago | (#28547005)

Offtopic?

This is funny.

How to fix this problem (1, Interesting)

Anonymous Coward | more than 5 years ago | (#28543727)

Is extreme, but assuming they can be found, I think a revival of "indentured servitude" might be useful. At least until they can pay back all the money that they stole. And not to the government, either, to the victims.

BTW - feel free to disagree with this. I don't mind. Do __try__ to be polite. Name calling is not usually very helpful and generally only reflects poorly on the poster. Not that such care.

Amputation. (3, Informative)

El Jynx (548908) | more than 5 years ago | (#28543913)

Amputation. At the hip. Preferably sterilization. And THEN let them do public service for the rest of their lives.

Ok, ok, a wee bit drastic. Or is it? It's the only way I can think of (the sterilization thing, anyway) which gives humanity a chance somewhere in the future, if not now.

Re:Amputation. (3, Interesting)

megamerican (1073936) | more than 5 years ago | (#28544641)

You may get your wish. In the 1920's and 30's when Eugenics was popular the Supreme Court ruled it was perfectly legal for states to sterilize people, take their kids and sterilize them.

This will probably be proposed as a way to cut costs for the penal and health care system.

Re:Amputation. (1)

orzetto (545509) | more than 5 years ago | (#28549843)

That gives "penal system" a whole new meaning.

Re:Amputation. (1)

Dirtside (91468) | more than 5 years ago | (#28547001)

You're totally right, mutilating criminals is the way to go. That's not remotely cruel or unusual.

Webkinz (4, Insightful)

eln (21727) | more than 5 years ago | (#28543743)

My kids never got into Neopets, but they have been really into Webkinz for the past year or so. I like the way Webkinz handles things a lot better...there are no open areas where people can chat about just anything. They can chat in common rooms, but only by picking things to say out of a list. There is no possibility of sending links or other such nastiness.

Even sites that do have forums like Nick.com have moderators approve every post. I'm sure it's more expensive to run it that way, but I would think if your site is built to cater to young children, it's incumbent on you to either moderator-approve every posting like Nick does or limit postings to pre-approved phrases like Webkinz does. Anything else is just asking for trouble.

Re:Webkinz (1)

jandrese (485) | more than 5 years ago | (#28544731)

Do people actually use such constricted environments for actual chatting? I would think such an environment would become a ghost town populated only with macro spammers in a hurry.

Re:Webkinz (1)

porcupine8 (816071) | more than 5 years ago | (#28544999)

Eight-year-olds are apparently less picky about their online freedoms than you are. Which is unsurprising, given that if their parents are smart they have pretty limited "freedom" to begin with.

Re:Webkinz (3, Interesting)

hmar (1203398) | more than 5 years ago | (#28545271)

The webkinz world is one in which children can have a limited interaction with other children (and not a few adults) while playing games and taking care of a cute virtual pet. My kids love it, they all have quite a few "friends" on Webkinz. They don't know the name, address or even gender of these friends, as the software doesn't even offer a way to ask. It is not designed for social networking or communication, it is simply a way for kids to go online and play, in a safe manner. Very little chatting goes on, the kids can play games against each other, and the chat options tend to be things like "nice move" and such. They can also send eachother virtual gifts, and include a greeting of sorts (here is a gift for your special day) but it is not a chat room.

Re:Webkinz (1)

Culture20 (968837) | more than 5 years ago | (#28545289)

Do people actually use such constricted environments for actual chatting?

NAME
JOB
BYE

Re:Webkinz (0)

Anonymous Coward | more than 5 years ago | (#28546837)

Neopets' target audience is 13+, not "young children," despite what you may think about the site.

Re:Webkinz (1)

Ironica (124657) | more than 5 years ago | (#28547053)

The site actually requires you to certify that you're 13 or older, or else you're not allowed to get access to certain parts of the site (like private messages from other members) unless your parent faxes in a consent form.

There's games that appeal to the younger generation, but there's a TON of monitors watching out for scammers, too. I wouldn't let my 5-year-old run around unsupervised (thankfully he's not quite literate enough yet to really go it alone anyway), but it's not some wretched hive of scum and villainy.

Re:Webkinz (1)

Haoie (1277294) | more than 5 years ago | (#28549147)

I believe this also happens on any number of virtual sites [kids, or otherwise], such as Gaia Online.

All I have to say is.. (0, Troll)

slummy (887268) | more than 5 years ago | (#28543801)

LOL

Re:All I have to say is.. (0)

Anonymous Coward | more than 5 years ago | (#28545277)

Thanks for sharing.

Re:All I have to say is.. (1)

SilverHatHacker (1381259) | more than 5 years ago | (#28545641)

Only on /. would 'LOL' get modded +3, Interesting.

Solution: (2, Interesting)

Anonymous Coward | more than 5 years ago | (#28543839)

Setup whitelist of sites your children can go to.

One way of doing this is via your router (Newer D-Links have this feature).

You can also use opendns.com, set it to filter everything desired, then make exceptions if needed.

This prevents them from going to domains without you first checking them out. I suggest you ask them to write a sites they frequent or check their browser history to get a base whitelist.

and a separate user account (4, Insightful)

SuperBanana (662181) | more than 5 years ago | (#28544283)

Don't forget a separate "kid only" login. That way, they can't accidentally delete mommy & daddy's Quicken info, and their unprivledged account will be less likely to be able to jump into other accounts and/or the system. Maybe.

Re:and a separate user account (3, Interesting)

ion++ (134665) | more than 5 years ago | (#28545029)

hell no, use an entirely different computer for important (financial) stuff. This other computer is then hands off.

Time for a kid firefox plugin (3, Interesting)

Twillerror (536681) | more than 5 years ago | (#28543847)

Probably already is one of these, but can we get a plugin for Firefox that dumbs down the browser for them.

I think one of the toy company's had a toy/software setup where kids could visit a limited amount of sites using a special controller. Something to keep them out of trouble.

I want to give my kid a login with just a link to firefox and this plugin on the desktop. They click it an are presented with a list of safe sites. Any attempt to go outside of the domain is blocked and the sound card goes crazy with ("hey mom and dad get your ass in here and watch your kid")....hell have it text me. If the domain is safe I simply type a password and it gets added.

Sure just surfing in Firefox will prevent some of this, but I don't want any chance of any sort of firefox bug getting exposed. Remember that even firefox can fall victim to some sort of buffer overflow.

A little offtopic, but I think a Live CD of Ubuntu that accomplishes this would be great. Just give my kid an older computer with no harddrive and the CD and let them go...

Re:Time for a kid firefox plugin (1)

dna_(c)(tm)(r) (618003) | more than 5 years ago | (#28544037)

or a throwaway install on a USB stick...

Re:Time for a kid firefox plugin (1)

hedwards (940851) | more than 5 years ago | (#28544209)

It's easier than that, just set up the firewall to block traffic to and from any IPs other than 127.0.0.1, believe you me, that would get it to stop right there.

Re:Time for a kid firefox plugin (1)

fermion (181285) | more than 5 years ago | (#28544847)

For the under 14 year old set, a white list is the only way to go. A firefox extension is one way to do it, until they start figuring out how to use IE. One might think that a filter might work, but kids know how to use proxies, even HTTPS, and will spend all day trying to get to that one site they want. Whitelists are about the only way to go.

Separate user accounts might work, as long as the kid cannot possibly install any software. Mac OS allows this, as well as whitelists and execution restrictions. Of course this can be set up in any *nix using the host file and file permissions, so the Ubuntu set up properly on CD would be the most secure solution.

I am not really for overly restricting children movements, but this falls under the general idea of not letting a child go home in another person car, not letting children talk to strangers, generally making sure kids are supervised at least through high school, when, as we all know, all hell breaks loose and there is little anyone can do.

Re:Time for a kid firefox plugin (1)

hmar (1203398) | more than 5 years ago | (#28545401)

Another option, my children aren't allowed to use the computer unless I (or my wife) am in the room. They are aware of this, and also aware that I will take all the cables or the router, or if they get around that the whole damned computer, to work with me if they break that rule. The computer is absolutely not a "necessity" for a child, and I see no reason that they should have complete and unfettered access to it.

Re:Time for a kid firefox plugin (1, Interesting)

xaxa (988988) | more than 5 years ago | (#28546581)

My parents restricted my freedoms in all the ways they could think of in the late 1990s. For instance, I was 15 before I was allowed to take the bus home from school alone, and I had to come straight home from school too (no wandering round the shops, or going to the park).

As a result, I put myself in more danger (albeit minor, but not from their PoV), since I'd lie to them. I'd say "Can I go to X's house after school, pick me up at 9pm?" and they'd agree. Then I could do what I wanted for a few hours, get the bus to X's house by 8.45pm (with money I'd stolen from round the house, since they never gave me any), and wait outside.
Alternatively, I'd just inconvenience them. "Sorry I'm half an hour late, the bus didn't come" meant "I went shopping with some friends after school, but you won't let me go shopping, so I did it quickly".

And the result of that is that I really don't much care for my parents. I don't bother to call them; if they call I don't bother to tell them much. I don't feel I owe them anything.

There are some kids playing outside (it's 19:20). They're doing normal things, like playing football, riding bikes, chasing each other. I wish I'd had the chance to do those things. All my friends did.

My point is, you should restrict some of your children's freedoms. But if they think you're too restrictive (and they'll compare you to other parents) they'll grow up hating you.

Re:Time for a kid firefox plugin (1)

geekgirlandrea (1148779) | more than 5 years ago | (#28547993)

This.

I had unrestricted internet access from about age 11 (which would have been around 1994), with my own computer in my bedroom, and I even (*shock* *horror*) saw porn now and then. It somehow failed to turn me into a serial killer, neo-nazi, sex addict, communist, pedophile or whatever other boogeyman we're all supposed to fear. Mostly, it led to me discovering an early version of Slackware and turning into a huge nerd. I can barely even imagine growing up with the kind of control-freak lockdown people have been advocating here, and I'm sure the kids who do grow up like that are going to hate their parents and drop Mom and Dad from their lives as soon as they stop needing their money.

Re:Time for a kid firefox plugin (0)

Anonymous Coward | more than 5 years ago | (#28549725)

the kids who do grow up like that are going to hate their parents and drop Mom and Dad from their lives as soon as they stop needing their money.

Damn right.

September, 2004. First day of university, last day living with my parents (it took 3 hours to drive to the university from their house). At the time, the best day of my life.

December 2004. Phone call from my grandmother. She let slip that my parents had thought I'd "come running back to them" within a week, unable to cope without my parents, who had made plans for me to stay in my aunt's spare bedroom (near my university).

Summer 2005: Parents wanted me to spend summer with them. I got a job in a different city (I had motivation). Stayed in their house for a week at the end of summer.
Summer 2006: Had now forgotten just how bad they were. Stayed with them for a month, and hated it.
Summer 2007: Got a job for the whole summer. Visited for one weekend.

June 2008. Last day of university. Accepted the offer to live with my parents until I sorted a job out. Awful. They still didn't trust me to walk to the shops alone, and said they weren't comfortable with me going out -- especially as I should be concentrating on getting a job. However, it wasn't costing me anything.

11pm, Nth August 2008. Thought "fuck this, it's ruining my life". Packed some bags, fully intending never to return. I had enough savings for about three months if I found a cheap room, and knew if I didn't have a job by then I'd have more money on social security than I'd had going through university.
4:45am, N+1th August 2008. Phoned for a taxi to take me to the nearest train station. Swapped my phone SIM for a £5 pay-as-you-go one I had lying around.
5:15am. On the train to London. Fuck, that felt good. Annoying Beatles song in my head.
7am. At the station in London. Considered taking the train to Paris... or further. Decided against it, on cost, language, unfamiliarity and tiredness grounds (but mostly because I wouldn't be able to take social security except in the UK, as I've never paid tax elsewhere, and I didn't want to risk that).

~2pm. Email from my dad.
~3pm. Email from my dad, noticing missing toothbrush etc.
~4pm. Email from a very worried sister. My dad seemed to think I'd killed myself. He should have been pleased that I was prepared for good dental hygene in the afterlife. I replied to the email.

After about a month my sister told me my dad's doctor had said my "running away" had really harmed his health, and that she wanted me to meet them. I said my doctor said living with them for 18 years had damaged mine (he offered me antidepressants, but I said simply moving out would solve the problem, which it did).
I did agree to see them in November, as by that point they'd phoned the university asking if they knew my address, and several of my friends. And I like my sister, and she wanted me to see them.

The whole control-freak lockdown is pointless anyway. I saw porn, age 10, in a magazine at school, and later on friends' computers (or school computers). I drank alcohol, age 14, at first in a park (and under a motorway viaduct, classy!) but soon afterwards in a friend's house (his parents bought the drinks, on condition that we didn't leave the house or buy more). I walked round some dodgy bits of town, I just lied about where I'd been ("school"). I went to nightclubs underage, and again just lied ("sleepover").
And it's hardly a proper survey, but out of all my friends from school, during my time at university I was the one most often completely drunk wandering round an unfamiliar city at 3am after being kicked out of a bar. And it still didn't harm me.

Re:Time for a kid firefox plugin (0)

Anonymous Coward | more than 5 years ago | (#28549941)

Replying to myself, but never mind.

The Beatles song (She's Leaving Home) has some wise words:

Wednesday morning at five o'clock
as the day begins
Silently closing her bedroom door
Leaving the note that she hoped would say more
She goes downstairs to the kitchen
clutching her handkerchief
Quietly turning the back door key
Stepping outside she is free

She (we gave her most of our lives)
is leaving (sacrificed most of our lives)
home (we gave her everything money could buy)
She's leaving home after living alone for
so many years (bye bye)

Father snores as his wife gets into her dressing gown
Picks up the letter that's lying there
Standing alone at the top of the stairs
She breaks down and cries to her husband
Daddy our baby's gone
Why would she treat us so thoughtlessly
How could she do this to me

She (We never thought of ourselves)
is leaving (never a thought for ourselves)
home (we struggled hard all our lives to get by)
She's leaving home after living alone for
so many years (bye bye)

Friday morning at nine o'clock she is far away
Waiting to keep the appointment she made
Meeting a man from the motor trade

She (what did we do that was wrong)
is having (we didn't know it was wrong)
fun (fun is the one thing that money can't buy)
Something inside that was always denied for
so many years
(bye bye)
She's leaving home (bye bye)

The song makes me a little sad, but it's not sympathy for my parents. It's the last verse :-(. Makes me wish I'd moved out when I was 16.

Firefox? (1)

Toe, The (545098) | more than 5 years ago | (#28546713)

...except that people who run Firefox are probably (just guessing here) more likely to perform better computing habits anyway.

Making Firefox safer for surfers is like trying to make people who live in the country safer from street crime.

Thank heavens ... (4, Funny)

eck011219 (851729) | more than 5 years ago | (#28543865)

My daughter spent an entire road trip (two days in the car each way) unlocking her NeoPet. The beeping was enough to make you drive with your elbows so you had both hands free to pull your ears off. Now I can simply say, "honey, if you play with your NeoPet character online, bad people will take all Daddy's money away and we'll have to live under a bridge." Aaaahhh, another aggravation averted. Thanks, scammers!

Re:Thank heavens ... (4, Funny)

FluffyWithTeeth (890188) | more than 5 years ago | (#28543963)

You let your children play games other than nethack?

And you call yourself a slahdotter!

Re:Thank heavens ... (3, Funny)

Hogwash McFly (678207) | more than 5 years ago | (#28544565)

I think the basis for questioning his Slashdotter credentials lies not with the games his kids play but in the fact that he managed to reproduce in the first place.

Re:Thank heavens ... (4, Funny)

Culture20 (968837) | more than 5 years ago | (#28545421)

You let your children play games other than nethack?

I can't imagine the paranoia of a child raised on nethack, but I'll try:
"Don't go down the stairs carrying too much, Daddy, you'll DIE!"
"Don't pet the kitten, Daddy, it's not named. You'll DIE!"
"Don't drink anything until you've dipped an amethyst or unicorn horn in it or you'll DIE!"

not that bad... (0)

Anonymous Coward | more than 5 years ago | (#28543967)

as long as its not links to porn

The real solution (4, Insightful)

Informative (1347701) | more than 5 years ago | (#28543999)

The real solution is for the kids to have their own computer. And the adults do not use it for online banking, or anything else.

It's hard to believe the cost would be a problem, but if a netbook is too dear, old PCs are being given away. Put Linux on it, and it's their online playpen.

No need to argue about porn and whatnot. All of those concerns can be addressed depending as the age of the computer's owner varies.

Re:The real solution (1)

Em Emalb (452530) | more than 5 years ago | (#28544215)

The real solution is for the kids to have their own computer.

Right, cause when I own that kids computer (YAY ME, I'm the man, I can pwn a child's computer) it'll be so frigging hard to hack the parent's computer...on the same network.

Re:The real solution (1)

mlts (1038732) | more than 5 years ago | (#28546349)

There are ways to separate the kid machines from the sensitive boxes. However, unless one gets a BSD (or other OS of choice) box which can be configured have multiple segments that don't communicate with each other, but yet route out to the Internet, one's best bet is to have two firewalling routers. You have your edge router that connects the unwashed Internet to your subnet with the kiddie machines. On that subnet, you have another firewalling router, then the adult machines. Now, if one of the kid machines gets rooted, it can't get to your box with all your GNUCash data.

Bad thing, this type of setup makes a serious impact on gaming ping times (the more routers, the worse they get), but this is better than nothing.

Perhaps on the kid machines, consider a utility like DeepFreeze or Window SteadyState which will protect against not just system infections, but malware that installs at the user level.

Re:The real solution (1)

LichtVonWahrheit (1542169) | more than 5 years ago | (#28544255)

That is assuming the network and computer are setup properly.

If the computer the child uses becomes infected, the malware may try to infect other computers on the network.

By using network sharing features, UPnP, or even a dictionary attack on other networked computers user passwords, the malware could compromise other computers on the network.

I also believe maturity and knowledge of threats on the internet are more important than age, but we don't want any laws broken.

Re:The real solution (2, Interesting)

Remus Shepherd (32833) | more than 5 years ago | (#28544727)

Giving kids their own computer is not a solution. You have to instruct them what is, and what it not, acceptable online.

I'll give you an example. I visited my nephew was he around ten, and he showed me some of the online games he liked to play. A window popped up advertising some kind of contest, and asking for information. I warned him to avoid it, but he said, "Oh, I enter these things all the time. It's okay, I use my dad's email address and social security number."

I had a talk with his father, and from then on I believe his internet use was heavily monitored. As it should be.

Re:The real solution (1)

gnick (1211984) | more than 5 years ago | (#28545517)

"Oh, I enter these things all the time. It's okay, I use my dad's email address and social security number."

Umm.. Why in the hell would a parent give his SSN to a 10 year old? My kids don't even have their own SSNs at this point, much less mine.

How do you file taxes? (1)

georgeha (43752) | more than 5 years ago | (#28548731)

My girls had SSN's within months of being born, it's used for our tax returns, their college savings plans.

Re:The real solution (1)

Informative (1347701) | more than 5 years ago | (#28545355)

The replies are all legitimate concerns, but they are still only details that you have to work out, until the time that your child knows more about computers than you do. It is still the real solution.

windows only... (1)

dna_(c)(tm)(r) (618003) | more than 5 years ago | (#28544003)

Seriously: " who direct them to sites hosting keyloggers & trojans.", not much of social engineering - if your basic setup is secure, it wouldn't work

Re:windows only... (1)

Corporate Troll (537873) | more than 5 years ago | (#28544661)

True.... but how many people do you know run Windows in Limited User?

I know many, but only because I set up their computer.... I also Administer them: you want to install a program. You have to ask me first. Yes, I know it's Administrator-Nazi, but it's the only way to protect them from themselves. Running Limited User isn't hard, but you have to know a few things and these few things are beyond the knowledge of the average user. UAC (and thus Vista) will not prevent these things. Not unless your kids are Limited User in Vista and as such it will not ask "Cancel/Allow" but ask for a password.

So even if your kids have a separate account, this kind of social engineering will work. In XP they most likely will be Administrator, in Vista, they will most likely be in the passwordless Administrator group. (Which is the Administrators group, so no different from XP) The only thing guarding there is UAC, and it isn't a big obstacle to a twelve year old who simply wants his Neopets paintbrushes.

There really is no way out of this....

Gee, really? (3, Insightful)

muridae (966931) | more than 5 years ago | (#28544027)

Targeting the weakest link in the security chain? Who would have thought the spammers would do that? Alright, it's scummy to target this towards kids, but it has happened since the start of the internet. Think back to the bad old days of AOL and Compuserve chats, or telling scriptkidz that your ip address was 127.0.0.1 and to 'hack me if you dare'.

What does surprise me, is that people are letting their kids play on websites while logged in as administrator. How computer savvy do you have to be to realize this is a bad idea. Admin on their own computer, maybe. If you make them clean up their own mess and just smile when they lose their Neopet.

Re:Gee, really? (1)

SSgt. Lagface (1588425) | more than 5 years ago | (#28545281)

What does surprise me, is that people are letting their kids play on websites while logged in as administrator. How computer savvy do you have to be to realize this is a bad idea. Admin on their own computer, maybe. If you make them clean up their own mess and just smile when they lose their Neopet.

Speaking from personal experience, it takes quite a bit of savvy in order to figure it out. A lot of times, it takes an incident for them to figure out. A long while ago, my girlfriend 's little brother accidentally downloaded a ton of viruses and such (I never asked specifics, she was on a raging rant when she told me and didn't want to interrupt) and her parents removed admin status from both her and her brother's account (she needed admin access so she could get the programming software installed). That was after a long while of banning them until they could figure out how to make sure he didn't screw up again, of course.

Re:Gee, really? (1)

muridae (966931) | more than 5 years ago | (#28545997)

My cousin's son did the same thing about 10 years back. No one used the computer for banking at the time, but the sudden 20 thousand dollar phone bill had them confused. They weren't even home when the computer made these phone calls to 1-900 numbers.

It's just not new. The direct risks are, since people do store credit card and bank information now, but the scammers have always targeted whoever is using the computer, whether it is boys looking for desktop pics of hot women, men looking for midget videos, or girls playing with neopets.

I know it's silly, but... (3, Interesting)

CannonballHead (842625) | more than 5 years ago | (#28544031)

We could just get our kids real pets...

Re:I know it's silly, but... (0, Flamebait)

RobotRunAmok (595286) | more than 5 years ago | (#28544157)

My kids have real pets, for which they very responsibly care.

They also play Webkinz.

What's your point? Or was that just a condescending breeder-hating snark?

Re:I know it's silly, but... (0, Flamebait)

CannonballHead (842625) | more than 5 years ago | (#28544399)

Well, I don't have kids. Nor do my non-existent kids have neopets. ;)

I'm not really all that against neopet-esque things. But there does seem to be a trend of having rather ignorant children. As in the old jokes, where it used to be funny, of kids thinking milk came from the milk man and wouldn't believe it could come out of a cow. I realize some of that is simply age, but it sure seems like a lot of kids are getting more and more used to using "technology" with no clue how it works or where it came from, etc. And falling prey to a lot of rhetoric that is easily seen through if you actually know something about, hmmm, nature and How Things Work. Life doesn't have an Autosave feature... and if I tell a kid that and he says "Oh, so it's like a peramdeath world?" I think his level of thinking is not quite the same as mine...

I'm glad your kids have real pets and are responsible. I'm young and don't quite have kids yet, but when I do, I plan on having them be responsible and, shall we say, educated from some place other than wikipedia and World of Warcraft :)

[/rambling]

Re:I know it's silly, but... (4, Interesting)

Remus Shepherd (32833) | more than 5 years ago | (#28544601)

This brings up an interesting side issue...

At some point, we (the human race in general, although Slashdotters more specifically) will be giving our kids robotic pets. What happens when they get hacked?

Re:I know it's silly, but... (3, Funny)

porcupine8 (816071) | more than 5 years ago | (#28545247)

I dunno, I've downloaded a couple of those myself and they're even more trouble.

First there's the TCO. Keeping them virus-free is a couple hundred a year, plus if you let your subscription to the Kibble service lapse your Pet will stop functioning completely.

They all come preloaded with Poop.app, which can't be removed but needs constant maintenance. And in my models, at least, this sometimes will randomly upgrade itself to Poop 2.0 (code named Diarrhea) - that's a mess to clean up from your desktop, believe me.

And mine always seem to be blocking my access to the Furniture suite of utilities - there are workarounds, sure, but it's just one more thing to keep in mind.

Don't get me wrong, they have a lot of features that make them very worthwhile, but they're not for everyone!

OT: Go Play Outside (1, Insightful)

rodrigoandrade (713371) | more than 5 years ago | (#28544093)

Having no idea what Neopets was, I decided to Google it. A quick glance at the front page www.neopets.com tells me it's sort of an MMO for young kids.

I'm no parent, but hell, the intended audience of this game should be PLAYING OUTSIDE and PRACTICING SPORTS, not learning to get hooked on MMOs. I know I was, even though my parents got me an Atari, I still had to go to swimming lessons at 6 a.m. before school (oh yeah, no heated swimming pool).

And they wonder why obesity rates are at an all-time high, geez!!

Re:OT: Go Play Outside (1)

Em Emalb (452530) | more than 5 years ago | (#28544263)

Love the fact that you put OT in the TITLE of your post and some kind moderator decided to moderate your post as off-topic.

LOL, you think?

back on ...er...off topic: It's okay, comrade. The government will take care of the fat kids just like they do crack babies now.

SLOWDOWN COWBOY IT HAS BEEN ONE MINUTE SINCE YOU LAST POSTED AND YOU MUST WAIT. WAIT WAIT WAIT WAIT.

Re:OT: Go Play Outside (5, Insightful)

RobotRunAmok (595286) | more than 5 years ago | (#28544373)

I'm no parent

What you do, then, is you print out your post, and save it in a safe place. Then, read it again, on your first child's 9th birthday, and realize what an ass you sounded like in your callow youth. It's very humbling, and good for the soul. When I first started posting on Usenet in 1991, before I had children, I wrote some incredibly stupid and glib things about parents and parenting. I ran across a box filled with print-outs from that era about six months ago (yes, I did print out my Usenet posts... I was in love with the sound of my own voice way back then too) and was startled by my trite ignorance. I am trying to learn from that experience in lots of ways, but it's a wisdom only painfully won.

"I'm not parent" (2, Funny)

davidwr (791652) | more than 5 years ago | (#28544773)

Neither is any other Slashdot poster. Think about it.

Re:OT: Go Play Outside (2, Interesting)

Anonymous Coward | more than 5 years ago | (#28546119)

You're 'startled' mostly because parents spend a great deal of time compromising their [parenting] ethics away. It's hard to raise kids the way you think you will when you don't have - and 99% of all parents give up trying, while convincing themselves they aren't. (And loudly bleat "you don't have kids, you can't possibly know" to drown out their conscience.)
 
And then the rest of us pay for your self delusions as yet another generation of Dr. Spock derived badly raised children reach adulthood.

Re:OT: Go Play Outside (3, Insightful)

Ironica (124657) | more than 5 years ago | (#28549373)

You're 'startled' mostly because parents spend a great deal of time compromising their [parenting] ethics away. It's hard to raise kids the way you think you will when you don't have - and 99% of all parents give up trying, while convincing themselves they aren't.

There is definitely an element of that (google project yes badmommymoments for a really awesome essay about getting back on track).

But I also see a metric ton of people who say they'll do this or that differently from people they know, and what they don't realize is, it WON'T WORK. Or, might not work with their kids. It turns out that children, far from being the blank slate at birth hypothesized by Piaget, have inborn personalities and temperaments that require individualized responses.

My oldest is "low persistence," which was highly convenient in the toddler years, because I could just hold a cabinet closed for a couple minutes and then he'd forget he ever wanted to open it... but it'll be a really difficult thing for him to cope with as he gets older, and has to work at things that don't come naturally. My younger son is VERY persistent, and if I just hold the cabinet closed, he will keep trying for a good minute, then will scream and rant (at 14 months, he may not be much for talking, but yes, he can RANT), then will, I kid you not, try to FAKE ME OUT so I will let go and he can go back and open that cabinet. We never needed to install child locks and such for kid #1, but definitely need them for kid #2.

A friend of mine followed the Continuum Concept parenting approach with her oldest, teaching him how to use the tools in his environment properly, rather than simply restricting access. At just over a year, he could put a DVD in the player right-side up, and they never had to worry about him sticking a cracker in there instead. So I asked her for advice when my oldest turned out to be the Implacable Destructo-Baby, who would systematically toss everything left on the coffee table over his shoulder, for example. She smiled, and nodded, and sort of implied I wasn't trying hard enough. Then her second hit that age, and she emailed me an apology... she now had her own Implacable Destructo-Baby, and wanted MY advice!

So people who have never raised a kid talk about how *their* kids will do this or won't do that, but the truth is, they have NO IDEA what the implementation is going to look like until they get there.

So while I agree that there's the issue of getting lazy and compromising one's parental ethics, I think a large part of the difference between what people say they will do and what they actually do has to do with having no idea how to actually implement their grand designs with the children they get.

Re:OT: Go Play Outside (1)

CannonballHead (842625) | more than 5 years ago | (#28544427)

Silly. Obesity comes from not taking a diet pill. Exercise and diet has nothing to do with it!

Wait. You mean I can't believe all the ads?

Re:OT: Go Play Outside (1, Funny)

Anonymous Coward | more than 5 years ago | (#28545465)

"Daddy, can I come inside? It's 40 degrees out, raining, and dark."

"No, it's not your bedtime yet."

Yeah, you're right: you're no parent.

Re:OT: Go Play Outside (3, Insightful)

nedlohs (1335013) | more than 5 years ago | (#28545479)

Because it is impossible for a kid to play baseball in the park all day and then play a video game for half an hour after dinner.

And there's never weather conditions that make playing outside not such a great option.

Oh wait you could have your atari and still do sports, but no one else can take part in more than one activity? You are special!

Re:OT: Go Play Outside (2, Insightful)

HiThere (15173) | more than 5 years ago | (#28546143)

You clearly don't live in a city. It would be nice if nobody needed to, but most people do. Playing outside is ... risky. Traffic is only one of the reasons.

I'll agree that staying inside at that age isn't healthy, but neither is being outside and unsupervised. (And, yes, when I was growing up I did that, and it was essentially safe. That doesn't make it safe now.)

Re:OT: Go Play Outside (1)

eln (21727) | more than 5 years ago | (#28546263)

And really, why won't those damn kids stay off your lawn?

Re:OT: Go Play Outside (1)

YrWrstNtmr (564987) | more than 5 years ago | (#28547239)

I'm no parent,...

That is blindingly obvious.

operating system affected? (0)

Anonymous Coward | more than 5 years ago | (#28544135)

Is this just an XP thing. How about Vista? I'm assuming Mac and Linux are safe?

Re:operating system affected? (1)

matt_king (19018) | more than 5 years ago | (#28544309)

no reason they couldn't send you links to keyloggers that would work on other OS's

Not just kids! (3, Interesting)

uncle-gendo (1247352) | more than 5 years ago | (#28544187)

My 28-yo girlfriend plays it, and so do many of her 20-30-something friends... there are plenty of adults on Neopets...

Re:Not just kids! (1)

tomhudson (43916) | more than 5 years ago | (#28545567)

My 28-yo girlfriend plays it, and so do many of her 20-30-something friends... there are plenty of adults on Neopets...

Which is worse - that adults play with them, or that they admit it? In a poll, either one would be the CowboyNeal option ...

Parents (2, Insightful)

frozentier (1542099) | more than 5 years ago | (#28544231)

12 year olds have no business being unsupervised on a computer with internet access.

Re:Parents (1)

Lemmy Caution (8378) | more than 5 years ago | (#28544389)

That's an easy thing to say. But to do that, you have to limit the child to being on the computer only to that length of time you are willing to do nothing else but supervise them. Half-an-hour a day? 15 minutes? Assuming that you're also using your free time with your child to read with them, help them with homework, and otherwise hang out.

12 years old, IMO, is borderline. I would start to allow some unsupervised online time at that point. My primary concerns, in any case, wouldn't be about identity theft and network compromise: it would be the physical and emotional safety of my child.

Re:Parents (1)

hmar (1203398) | more than 5 years ago | (#28545573)

And why does a 12 year old need more time online than that? My wife stays home, but my kids are still only rarely allowed online more than 20 minutes at a time (unless they are doing a school project, but even that rarely needs a computer) It also does not require your complete attention to watch a kid on the computer. If you are reading a book, doing paper work, or helping the other child with homework, you can do that in the same room as the computer. My kids are taught to ask me before they click on anything that they haven't done before, and if I am too busy to answer, they aren't using the computer anyway.

How about exploration? (2, Insightful)

NiteShaed (315799) | more than 5 years ago | (#28547889)

20 minutes? really? Way back in the stone-age, when I was a kid we'd spend hours exploring what our amazing Commodore 64s and Apple IIs could do. We'd dial into BBSs, and run our own. We'd write our own software, and tinker with other peoples' code. Sometimes we'd end up in places we weren't welcome (Hello Joshua, shall we play a game?). Our parents hadn't the vaguest understanding of what we were up to (boys? Why is the phone making a funny whistling sound? Did you hook up that video game thing to it?). We're the application developers and software engineers, the IT architects, and the hardware engineers now. Our understanding of how these machines work come from all the hours we spent exploring them as children.
It's fun to demonize children "wasting their time" on the internet, but it's part of our world, and worthy of exploration. I hear all the time about how "this latest generation" is made up of computer geniuses since they grew up with them, but honestly, most of the ones I talk to know virtually nothing about these machines other than day-to-day use. They can't fix'em, they can't upgrade'em, and they still make horrible messes of them that leave an actual power-user scratching their heads. Maybe, just maybe, the whole idea of heavily supervised "play-dates" with their computers plays into this. At their most curious ages they're told not to touch, not to explore, and in the end they turn out not really learning any of the really cool things that they could do.....

Scammers should pick in their intellectual equals (2, Funny)

davidwr (791652) | more than 5 years ago | (#28544405)

If they picked on kindergartners that would be a fair fight.

Some thoughts (0)

Anonymous Coward | more than 5 years ago | (#28544605)

I was on Neopets as a twelve year old (nay, 10 year old). More or less unsupervised. People have been trying to scam neopets users for literally FOREVER. This is nothing new. The original scams were fake login pages, and were pretty tame (ie, evil.com/login.php that actually harvests your info and then drops you back into neopets). I actually hacked into one that had a web-based control panel (hacked is a strong word, it was totally unprotected. Just guessed the URL).

Moreover: Knee-jerk "Don't let your kids online unsupervised, duh." comments are useless. How did I get into messing about on the internet? Messing about in Neopets. A bit of HTML knowledge, at least when I was on, was absolutely necessary in order to make a cool looking shop/user page/guild page. After HTML, CSS, Then why not Flash? That used to be allowed, so I made cool flash based applet that let you stream in outside info to a Neopets page. I created a guild (a group of people with a page, messageboard etc) and put together a crappy website and put it on my ISP's webspace. And so on and so forth, and now I'm half decent at programming.

This is all in like 5th grade, all on my very own. I never did any serious damage to our computer. I admittedly may be a special case though...

Hey (0)

Anonymous Coward | more than 5 years ago | (#28545477)

I'm twelve years old and what is this?

Haha (1)

scubamage (727538) | more than 5 years ago | (#28545901)

Honestly, I think that's pretty funny. I had no idea neopets still existed.

Our older son is about to turn 5... (1)

Dirtside (91468) | more than 5 years ago | (#28546953)

...and we're planning to build him an Ubuntu box for his birthday. He doesn't really read yet, he just likes playing Flash games. But you can be damn sure we're going to strongly supervise web browsing early on, not to prevent him from seeing bad things (oh noes, boobies will turn your kids into murderers!!), but to prevent him from making naive mistakes about trust and security.

COPPA (0)

Anonymous Coward | more than 5 years ago | (#28547263)

Technically, under 13 year old kids are not allowed to interact with other users on Neopets. Not that they couldn't have lied about their age, but at least there is protection intended. The boards are pretty well monitored as well.

Credit cards? (0)

Anonymous Coward | more than 5 years ago | (#28547735)

Wait.. Neopets requires credit cards now? back in the day i never needed to have a card registered so i could fail at getting stuff from the donation tree..

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>