Mar 19, 2025

Dustin Kirkland's daughters, who are 11 and 12, were able to get around parental settings. They each identified a vulnerability in the technology and submitted a report to Google. His younger daughter was awarded $5,000 for her discovery. This as-told-to essay is based on a conversation with Dustin Kirkland , vice president of engineering at Chainguard . It has been edited for length and clarity. I'm the vice president of engineering at a company focused on providing security for the software supply chain. I used to work at Google and have had a long career in tech, so I'm very security-minded. Because of that, I was fairly confident in managing the technology that my daughters, who are 11 and 12, have access to. Our family only uses Android products because I trust Google's security more than I trust most other companies. I set parental controls on apps and use time limits. I'm also a realist. My girls also have iPads through school , and I know they can easily connect to the internet. Still, I didn't expect them to get around my security controls quite as easily as they did. And I definitely didn't expect them to turn their discovery into thousands of dollars. My older daughter was overriding her time limits for months Last year, I noticed that my older daughter, Camille, was spending a lot of time on her tablet. I would adjust the time limits and settings, only to have them default to a more lax setting. I was really frustrated, thinking there was a bug in the system. Yet, her sister's time limits were working just fine. This went on from January until May. When I finally said something, Camille got a sly look on her face. Then, she showed me how she was  overriding the controls , giving herself parental access to her tablet. Once she had parenting settings, she could do whatever she wanted. We had a long talk about responsibility with tech. I even called a friend at Google and had him talk to Camille so she was hearing from someone other than her parents. Then, I made Camille sit down and write a security vulnerability report to submit to Google. My younger daughter wanted to find a vulnerability too Not-so-secretly, I was very proud of Camille. She's always been good at spotting problems and weaknesses. She was the baby who could immediately find an escape from where you put her. Google accepted her report and gave her $500 for the tip. I'll admit, I bragged to friends and family about Camille identifying the security risk . Each time I did that, my younger daughter, Corinne, would seethe. She's very competitive, and she vowed that she would find a vulnerability, too. I would encourage her, but I wasn't holding my breath. She found a TV vulnerability that paid more About two months later, Corinne called me over to one of our televisions. We use Chromecast to stream , and each TV defaults to a children's profile. To access the parent profile, we needed to enter a code. At first, I thought Corinne was going to tell me that she guessed our code. Instead, she showed me that if she clicked the home button rapidly, the TV would override the code input and give her access to the parent profile. Corinne had found the vulnerability she was looking for. Just like her sister, she filed a report with Google. This time, the company awarded her $5,000. She was thrilled. The experience was a good conversation starter Camille wanted to put her money into a brokerage account, and Corinne followed in her footsteps. Maybe they'll use the money for their first cars in a few years. Both girls like wearing hoodies that say "Bug Hunters" that Google provided them. Finding the vulnerabilities also encouraged them to think about the potential dangers of unfettered access to the internet. In her bug report, Camille wrote that other kids could "learn bad words and maybe get nightmares" if they overrode parental controls. Corinne said that kids who stumbled upon TV shows for adults would "maybe get scarred for life." They've internalized that they're not supposed to take advantage of technology's vulnerabilities and learned how to be good digital citizens. That's worth even more than the money. Read the original article on Business Insider