Security & Privacy

Hello Barbie Hijacked, as Techonomy 2016 Foreshadowed

unspecified

Stephen Balkam displays CogniToys’ “Dino” during the “Hello Barbie” session at Techonomy 2016.

In a ground-breaking session at Techonomy 2016 in early November, panelists revealed shocking security risks associated with embedding the internet in children’s toys and objects that surround them. Many connected toys allow parents to communicate with their children while not in the same location and vice versa, via voice messages. Others store interactions from the children to a cloud service. Unfortunately, now a number of reports are emerging that such devices have in fact been hacked and user data exposed, as this Motherboard article reveals. Several of the toys that were discussed during the session have been hacked over the last year, reports Quartz. In some cases the data was even held ransom.

During the “Hello Barbie” session at Techonomy 2016, the panel agreed that the landscape of connected toys was littered with land mines, and likely to lead to major problems for children and families. But they mostly felt the risk of recordings being stolen was small, because most devices require an activation word to begin recording a user’s voice. Now even this seems untrue. Hello Barbie itself can be turned into a secret listening device when connected to wifi, the Guardian reported in late November..

Germany recently moved to ban a connected doll that left children susceptible to hacks, Britain’s Telegraph reported recently. This all begs the question, do we need to reassess our growing and generally warm relationships with Alexa and Google Home?

Tags: , , , , , , , , ,