I'm a full-time mummy

I came across this article which I must definitely share with you guys as I'm very interested to know your thoughts on this. Do note that sharing this does not mean I agree or disagree with it. For your convenience, I have copied the excerpts from the article here:

If she has to tell them once she has to tell them a thousand times – pick up your toys, stop playing your video games, go brush your teeth, put on your shoes. Cate starts out calm, but by the 3rd time, she yelling. And fed up.

 This is the lament of millions of parents who get frustrated because their kids don’t listen the first time. The problem here is that kids have learned that you don’t need to really take Cate seriously until she reaches that ultra decibel level. This buys them a few more minutes of TV or game time. Essentially the kids and Cate have both trained each other and fallen into a negative pattern. The way out is breaking the pattern.

The key here is training the kids to take you seriously the first time. Here are the steps:

Make your request calmly directly to them. This means not yelling across the house where it’s easy for the kids to tune it out. Walk up to them, look them in the eye, tell them what you want them to do.

If you’re asking the kids to make a transition, set a timer to let them know when they need to act. You wouldn’t like it if your boss suddenly interrupted you when you’re engrossed in something and asked you to immediately do something else. Kids are even more sensitive to that switch. So you go to them, tell them they need to shut off the computer in 5 minutes and go take a bath, and literally set a timer (big kitchen ones are great). When the timer goes off, they need to stop.

If they need to do something right away, stand over / next to them until they do it. If Cate wants her 4 year-old to put on her shoes now, she needs to say it once and stand there until her daughter does it. Don’t repeat the request, just stay there.

Have consequences if they don’t respond. The timer goes off and your kid ignores it. Have consequences: less game time, go to bed a few minutes earlier. Again, key is to state this calmly, one sentence, no ranting, no explaining. Actually the first time or two you implement these changes, expect the kids to test it. So have your consequences worked out ahead of time and at the ready.

Work up routines. Kids love routines and they can save you from turning into what sounds like a nag. For example Cate can establish a bedtime routine with the kids – brush teeth, bath, etc – so she doesn’t have tell them to do teeth, then bath, etc.

Praise good results. The rule of discipline is to be matter-of-fact but clear about negative comments (like consequences) but make a big deal about positive. So when you child does respond first time, jump up and down (no, not really) and praise him.

Map this out with your kids. Before you put this all into effect, have a heart-to-heart conversation about this – your frustration, your realizing that they don’t like you yelling all the time, give them so forced choices about routines (want to brush your teeth before or after a bath). Again, expect a bit of push-back initially, but with your following through with consequences, they’ll get the message.

What do you think?

** Note: I have disabled the commenting feature on my blog engine thanks to all the spammers who happily spam my blog every day. If you wish to ask me any questions, you can find me at my Facebook page (I'm there almost everyday) or just drop me an email if you wish to maintain some anonymity.

I came across this article which I must definitely share with you guys. For your convenience, I have copied the excerpts from the article here:

The personal information of almost 5 million parents and more than 200,000 kids was exposed earlier this month after a hacker broke into the servers of a Chinese company that sells kids toys and gadgets, Motherboard has learned.

The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents who have bought products sold by VTech, which has almost $2 billion in revenue. The dump also includes the first names, genders and birthdays of more than 200,000 kids.

What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard.

This is the fourth largest consumer data breach to date, according to the website Have I Been Pwned, the most well known repository of data breaches online, which allows users to check if their emails and passwords have been compromised in any publicly known hack. The hacker who claimed responsibility for the breach provided files containing the sensitive data to Motherboard last week. VTech then confirmed the breach in an email on Thursday, days after Motherboard reached out to the company for comment. “On November 14 [Hong Kong Time] an unauthorized party accessed VTech customer data on our Learning Lodge app store customer database,” Grace Pang, a VTech spokesperson, told Motherboard in an email.

“We were not aware of this unauthorized access until you alerted us.”

On Friday, I asked the hacker what the plan was for the data, and they simply answered, “nothing.” The hacker claims to have shared the data only with Motherboard, though it could have easily been sold online.

VTech announced the breach publicly on Friday, but failed to disclose its severity. The press release doesn’t mention how many records were lost, nor that the passwords stolen are poorly encrypted, or that the breach exposes the identities of children.

You might not have heard of VTech, but the company sells a plethora of kids’ toys and gadgets, including tablets, phones, and a baby monitor. The company also maintains an online store, called Learning Lodge, where parents can download apps, ebooks, and games for VTech products. When pressed, VTech did not provide any details on the attack. But the hacker, who requested anonymity, told Motherboard that they gained access to the company’s database using a technique known as SQL injection. Also known as SQLi, this is an ancient, yet extremely effective, method of attack where hackers insert malicious commands into a website’s forms, tricking it into returning other data.

The hacker was then able to break into VTech’s web and database servers, where they had “root access”—in other words, access with full authorization or control. The hacker said that while they don’t intend to publish the data publicly, it’s possible others exfiltrated it first.

“It was pretty easy to dump, so someone with darker motives could easily get it,” the hacker said in an encrypted chat.

Motherboard reviewed the data with the help of security expert Troy Hunt, who maintains Have I Been Pwned. Hunt analyzed the data and found 4,833,678 unique email addresses with their corresponding passwords. The passwords were not stored in plaintext, but “hashed” or protected with an algorithm known as MD5, which is considered trivial to break. (If you want to check whether you're among the victims, you can do it on Hunt's website Have I Been Pwned.)

Moreover, secret questions used for password or account recovery were also stored in plaintext, meaning attackers could potentially use this information to try and reset the passwords to other accounts belonging to users in the breach—for example, Gmail or even an online banking account. “That’s very negligent,” Hunt said. “They’ve obviously done a really bad job at storing passwords.”

For Hunt, however, the most worrisome element of the breach is the fact that it contains data about kids, and that it’s possible to link the kids’ database back to the parents, making it possible to figure out a kid’s full name and home address. “When it includes their parents as well—along with their home address—and you can link the two and emphatically say ‘Here is 9 year old Mary, I know where she lives and I have other personally identifiable information about her parents (including their password and security question),’ I start to run out of superlatives to even describe how bad that is,” Hunt wrote in a blog post he published on Friday.

According to Hunt, it appears that parents still can’t trust VTech. Apart from the breach, he also found a number of awful security practices during a “cursory review” of how the company handles data on its sites. Hunt said that VTech doesn’t use SSL web encryption anywhere, and transmits data such as passwords completely unprotected. (SSL is a technology used to protect data sent between a user and a website, and it’s typically visualized with a green lock on the URL bar.) Hunt also found that the company’s websites “leak extensive data” from their databases and APIs—so much that an attacker could get a lot of data about the parents or kids just by taking advantage of these flaws.

 “The bottom line is that you don’t even need a data breach,” Hunt said. Still, he said this should serve as a lesson for VTech. “Taking security seriously is something you need to do before a data breach, not something you say afterwards to placate people,” he wrote in his blog post.

In this case, it appears the hacker decided not to profit by selling the data online. But next time, VTech might not be so lucky.

** Note: I have disabled the commenting feature on my blog engine thanks to all the spammers who happily spam my blog every day. If you wish to ask me any questions, you can find me at my Facebook page (I'm there almost everyday) or just drop me an email if you wish to maintain some anonymity.