Baby’s Days have fixed the Picture links on the Demo Site!

Hey readers, sorry again about the lack of blog posts this week!  Things are just so insane planning my wedding and working as a childminder; the blog will have to slow right down but there is still plenty of material to cover including a very sensitive issue with the legalities of Childminders using Baby’s Days.  I’m waiting for absolute clarity on this from The Information Commissioners Office before blogging properly but hopefully early next week I will know more.

If you are concerned about this in the interim as many seem to be on Facebook, you should read this and contact the ICO directly; note that you don’t have a contract with Baby’s Days, you accept their T&Cs.  I am more than sure if you approach Baby’s Days you will get their rose tinted view and not the actual facts to say the least, so the impartial link should help with that.

Today’s blog post is a quick one.  A while ago I posted about how individual photos were able to be viewed without any authentication by the person attempting to view them.  Baby’s Days fixed the issue whilst insisting I was a lair, but I proved the loophole was still present in the demo system in a follow up post; which you can read here.

Baby’s Days still insist that I was lying and that all individual photos required validation (which isn’t true as you can read from the comments in the blog, customers reported their photos were not individually password protected), Mark Kahl the director of Baby’s Days insists I am a liar and continues to post comments such as this in the official Baby’s Days Support Group:

Mark-Kahl-calls-me-a-bad childminder againAnyway, the reason for this blog post is because now photos on the demo do require authentication, isn’t that a bit weird.  Why has it suddenly changed?  These are the questions that Baby’s  Days customers should be asking.  Please make sure you  backup your data and don’t record data on any aspect of the system that can not be backed up.

I promise to blog later in the week, I’m going to blog about a company called Orange Moon and also about a childminder who encountered an inspector who was not so keen on Baby’s Days.  I’d also love to hear form anyone that has provided Baby’s Days with any planning records or other intellectual property over the years for another blog post I’m drafting.

Hope you all had a fab easter and that Tuesday doesn’t hurt too much!

Why does my Baby’s Days crash regularly? Is it because it isn’t a website?

As blogged last night a fair few number of people have posted in the Baby’s Days support group or messaged me directly to say they are experiencing technical issues using mainly the Risk Assessment section, The 2 year check and also the SEF section of Baby’s Days.

What seems to be happening is mid way through using these sections the device just freezes so the work is lost or a little grey pop up says, “this web page needed to reload”.  Obviously many people are frustrated that this is happening and they don’t feel they can open a support ticket for fear of being made to feel like an idiot or even worse for fear of losing all their work by “annoying” Baby’s Days.

Mark Kahl director of Baby’s Days has said this issue is because the Baby’s Days system is,

“NOT a website, it is a SaaS application that is very ram and system resource hungry”.

Tonights blog post is going to clarify exactly what Mark Kahl means by this and as with most other things in this blog I’ll hope you’ll see why this statement is very misleading.

Firstly what is a SaaS application?

Mark Kahl is right in that Baby’s Days isn’t a website.  I agree with him there, first time for everything I guess.

SaaS stands for Software as a Service.  Software is usually defined as the programs and other operating information used by a computer.  So on a typical laptop you might find software like Microsoft Word or Norton Anti Virus.  This software is run and stored on your laptop.

SaaS is a different type of software that isn’t actually “run” directly from laptop, it’s usually run through a web browser and stored on a server.  So it’s still software, but it’s not “hard” software in the sense that most people might be more used to; it’s not a disc you can pick up for example it’s virtual software.

A website isn’t a programme at all, it’s just a document if you like stored on the internet.  That’s the easiest way to explain it although if you want to be a purist it’s not 100% accurate, but it’s good enough for the purposes of this blog post.

Does SaaS require a load of RAM?

There is absolutely nothing in the Geek Bible that says a “SaaS” is or should be inherently more resource heavy than any other aspect of web browsing.  My understanding is that the whole point of a SaaS is to remove the resource heavy part of the software off of the persons computer and on a server in the cloud.  So it then seem ludicrous to say the reason the system is crashing is because SaaS applications are more resource heavy!

Does my device have enough RAM to do what most would expect from a typical SaaS application?

If you can watch a video on YouTune then in my opinion your device has plenty of RAM to operate a SaaS application like Baby’s Days.  Closing apps that may be “on” in the background (as frequently advised by support) wont stop Baby’s Days crashing.  If you can load Youtube on your device then chances are that RAM isn’t the issue and if it is the issue you need to question what exactly BDs is loading up that’s bigger than your average Youtube video?

So what’s the conclusion?

As ever I believe Mark Kahl and the support staff are using Geek talk to mystify people rather than dealing with actual issues present in the Baby’s Days software.

If people have facebook open (not a SaaS App but an awesome platform that updates in real time, plays videos automatically, loads constant photos etc) but babysdays crashes then it’s pretty obvious where a big chunk of the issue is.  Do not be fooled by the smoke screen of “awww poor love it’s because it’s SaaS, don’t worry you wont understand it, just believe me”.

It may be that some people have low ram machines, but then you have to ask the question what is Babys Day’s trying to load into memory that is so large that it makes things fall over?

If they’ve potentially coded a site bad enough that it’s crashing people’s browsers or devices, the problem is in their coding, not in the site being “resource hungry”.  SaaS or website, there’s no reason to ever use enough ram or CPU to crash anything; despite what Mark Kahl says Baby’s Days and any system like it uses a fraction of what sites like Youtube or similar high quality media SaaS sites do, and they can manage it without crashing anything.

I hope this post helps those feeling really frustrated with the system at the moment have the courage to open a ticket with support and get the issue sorted. Just becasue you do not have an IT degree it does not mean the issue “must be your end”.  You pay a lot of money for this service, the least it could do is actually work.

Make sure you pop back tomorrow when I’ll be blogging about the changes in Baby’s Days customer service over the years and the recent server downtime that many customers may not be aware of.

Are all Baby’s Days systems “identical”?

Hey readers thanks for all the messages of support over the last week, many of you were worried the blog might not return, but as promised here it is!  I managed to get so much wedding stuff done, the only thing left now is a heavy duty Generator that I need to hire so if you’re in the South West and have one kicking about let me know :)

Anyway, today I wanted to blog about how the director of Baby’s Days, Mark Kahl, repeatedly claims all Baby’s Days systems are “identical”.  This has come up this week on their Facebook support group as many users are experiencing their devices (mainly iphones and ipads) crashing and then losing all their work.

A line that Baby’s Days like to use when dealing with some technical support issues is, ‘all systems are identical, if anyone else was having this issue we would have 1000s of complaints, it must be your end’ or words to that effect.

In my experience this isn’t true, all systems are not identical.  I say this based on my own experience; if you have read this blog from the start you will know it was started because the director at Baby’s Days (Mark Kahl) uses his discretion to decide which systems do and do not get the monthly upgrades, that’s right you aren’t automatically entitled to them as part of your subscription.  My system and at least 2 other systems did not receive the control centre update when it was released, despite the fact that all other customers had been updated. If you don’t believe me here is a link to a post which has further details.

So no in my experience all systems are not identical and Sys IQ Ltd have the ability to make some systems do some things and some systems do other things. So when Mark Kahl says all systems are identical please take this with a pinch of salt.  If you have a technical issue open a ticket with support and get it sorted, don’t be fobbed off with ridiculous excuses.

As lots of users have had problems with Baby’s Days crashing their devices recently and their servers have been down twice in the last few days so I’m going to be blogging about that tomorrow and what exactly a SaaS Application is; so bring your nerd glasses!  Just take heart in the fact that if the system is crashing and you can play videos on youtube it’s probably nothing to do with the RAM on your device (as Bbaby’s Days advise), so don’t drive yourself mad trying to “fix” it like I used to!

Are all systems built equally?

So one thing that keeps coming up is thoughts like, “but if someone wants to find a way in they will”.  This is mainly from customers of Baby’s Days who seem to be saying that the 2 security issues I’ve found on the system, one about photos and the other abut parent comments not being stored securely, have come about because I’m “looking for issues”.

The two flaws I’ve posted about, I was not “looking” for; the first a parent told me about after he found it out by accident trying to download his child’s photos in bulk (as parents can not bulk down their children’s photos from their logins).  The second came up after I was looking at URL strings trying to find out if my own photos were stored somewhere on my own laptop in a temporary folder.  Both issues have cropped up quite by accident, there was no looking or probing involved.

Some other customers have also suggested that the same issue could come up with any of the EYFS online software providers and with this post I’m really hoping to clear up that misconception.

Before I continue it I want to make it clear that the issues I am talking about below aren’t necessarily connected to Baby’s Days uniquely, I am talking about computer programming as a whole.

The first question is, “Is it true that a determined “hacker” could get into any internet system if they tried hard enough?”  I’m not really qualified to answer that question with 100% certainty but from briefly reading around this area, it seems that if someone was dedicated enough they would find a way into almost any system.  As I’ve posted before Baby’s Days claims of being 100% secure are ludicrous but obviously some systems are easier to get into that others and some people are better at getting into them than other people.

So does this mean those that claim, “it’s ok that you found these flaws Hayley, anyone can find flaws in anything if they try hard enough” have a valid point?  It is my opinion that these people are missing the point somewhat; whilst their opinion is true it is rather short sighted.  I will try and explain this with a simple analogy.

All houses are houses and if you try hard enough despite the best security systems there will probably always be one clever burglar that could get in if he or she really wanted. If you had a suitcase of cash which house would you put it in?

House 1: The house with every external security system going, it was designed by an award winning architect and the structure is perfect.

House 2: This house has all the same features as house one in terms of external security.  But it was the first house this builder had ever made, and he didn’t quite get all the bricks lined up properly and there are a couple of little cracks here and there.

They are both houses, but you’re going to put your suitcase into house 1 aren’t you?  This is because although both houses carry the risk of getting broken into by some burglar, house 1 carries less risk than house 2.

So yes, “anyone can find flaws in anything if they try hard enough”, but the point is some systems are considerably harder than others to access.  It is deeply unfair on those systems that take time, money and effort to ensure the programme they create is on par with the award winning architect in House 1, to simply shrug issues like this away.

I understand that people don’t need the added stress and worry in life of thinking too much about these things and it’s far more convenient to just hope for the best.  But as a practitioner that should be working in accordance with the Data Protection Act, “well these days shit just happens doesn’t it?” wont curry any favours with the ICO unfortunately.

Please put that new feature of bulk download to good use and download your system to your home computer daily.  You really don’t want to be in the position I am in right now.



Can Baby’s Days access your system and info?

In their Privacy Policy Baby’s Days/Sys IQ Ltd state,

Our staff do not have access to any user passwords and are, therefore, unable to access the organisation’s account or data without receiving an invitation from the Master Administrator.

I have had a few blog readers and Facebook members tell me that Baby’s Days have accessed their systems without the user providing them with a user name and password.  If this has happened to you please comment below, if you post using the name Anon, Baby’s Days will not know it was you.

I’m hoping that some of the techie blog readers can help with some questions around this issue?

  1. Baby’s Days record users IP addresses.  In theory could they access a users system without a username and password using the IP address?
  2. If you stopped using Baby’s Days and they kept a record of your IP could they in theory still access your computer even if you no longer run the programme?
  3. If someone could access you computer using the IP address alone, can they change data on your laptop or only view it?

Obviously I could never say categorically that Baby’s Days have accessed users systems with IP addresses only.  But it would be interesting to learn if this is possible.

Pop back tomorrow when I will be blogging about a how all systems are not built equally.