DefCon: 10-year-old girl told about 0-day vulnerabilities in games on iOS and Android platforms

At the last conference DefCon , a 10-year-old girl under the pseudonym CyFi told about the zero-day vulnerability in games on iOS and Android platforms. Independent researchers confirmed that she discovered a new class of vulnerabilities.

A 10-year-old girl from California first discovered this vulnerability in January 2011 because she “began to get bored” playing games like “fun farm”.

It was difficult to progress in the game, it took a very long time to achieve significant results. So CyFi decided: “Why not just change the time?”
')
She found that in most games there are time dependent factors. Manually rearranging the time on the phone or tablet, she made the game "think" that it has advanced much further than it actually is. CyFi found several options for "attack".

She made her report as part of Defcon Kids. AllClearID (involved in personal data protection), sponsored by DefCon Kids, will pay $ 100 for its mother’s found vulnerabilities, as Under American law it is prohibited to disclose personal data of minors.

It is terrible to imagine what will happen when she discovers Artmoney debugger .

via thehackernews.com