An anonymous reader shares a report: In May this year, Alexis Hancock’s daughter got a children’s tablet for her birthday. Being a security researcher, Hancock was immediately worried. “I looked at it kind of sideways because I’ve never heard of Dragon Touch,” Hancock told TechCrunch, referring to the tablet’s maker. As it turned out, Hancock, who works at the Electronic Frontier Foundation, had good reasons to be concerned. Hancock said she found that the tablet had a slew of security and privacy issues that could have put her daughter’s and other children’s data at risk.
The Dragon Touch KidzPad Y88X contains traces of a well-known malware, runs a version of Android that was released five years ago, comes pre-loaded with other software that’s considered malware and a “potentially unwanted program” because of “its history and extensive system level permissions to download whatever application it wants,” and includes an outdated version of an app store designed specifically for kids, according to Hancock’s report, which was released on Thursday and seen by TechCrunch ahead of its publication. Hancock said she reached out to Dragon Touch to report these issues, but the company never responded. Dragon Touch did not respond to TechCrunch’s questions either. After TechCrunch reached out to the company, Walmart removed the listing from its website, while Amazon said it’s looking into the matter.