Wi-fi-enabled doll labelled a bedroom security risk

zondag, 24 januari 2016 - Categorie: Artikelen

Bron: www.abc.net.au/news/2015-11-27/wi-fi-enabled-hello-barbie-doll-raises-security-concerns/6981528
27 nov. 2015

Hello Barbie: Wi-fi-enabled doll labelled a bedroom security risk

Security experts warn the new Hello Barbie doll is a disaster waiting to happen and will make children vulnerable in their own homes.

The latest Barbie model, which maker Mattel hope to release before Christmas, will be wi-fi-enabled, making it possible for her to have a two-way conversation with her owner.

Those conversations are recorded and stored on the servers of ToyTalk, the company responsible for the technology.

Parents can even choose to upload and share those conversations online.

''You'd have to be mad to actually buy it,'' internet security commentator Stilgherrian said.

''The idea is kind of fun, you give your kids something to play with and it interacts with them.

''The problem is you are putting a device into the hands of children which they will have in their private spaces like their bedroom and you're connecting it to the internet.''

US security researcher Matt Jakubowski has already exposed a weakness in the doll, hacking into its system information and gain access to the stored audio files and microphone.

Mattel insists that the doll's wi-fi feature can be switched on and off, but Stilgherrian said that fact was of little comfort.

He said hackers could intercept the Barbie and make her spurt out questionable phrases.

''That raises almost a tin-foil hat possibility of someone listening to your children to say certain phrases and then you feed back to them the Barbie saying the phrase of your choice,'' he said.

''I mean you could have them, every time they're talking about kittens, saying 'kittens are evil, don't trust kittens' or something even more perverse.

''It sounds like fun to do almost in a way and someone might well do that as a kind of fake or a hoax or something. Now that I even think about that, if you wanted to have some sort of cyber spook spy agency indoctrination of your children happening, you could easily feed in 'capitalism is bad, tell your parents that money is evil'.''

'A spy in your child's bedroom'

Susan Hetherington from Queensland University of Technology said parents may not have considered the doll's capacity to provide them with information they might not normally gain access to.

''We might tell our teddy or our doll really personal stuff about our feelings and life and if somebody is hurting us or doing things that they shouldn't do, that sort of information is also being shared,'' she said.

''So you basically have a spy in your child's bedroom who is listening to the little girl's innermost thoughts. And I'm not sure that all parents are really giving a lot of consideration to that.''

She said more and more products were becoming wi-fi and smart-enabled.

''It is unsurprising that toy manufacturers are trying to muscle in on this space, because what they're really competing with is the fact that the toy of choice for most children this Christmas will be a phone or a tablet,'' she said.

Stilgherrian said despite the warnings, he doubted this would stop the flow of smart toy technology.

''I think we're going to see more and more of this kind of security vulnerability crop up, simply because we're getting companies, in this case it's a toy manufacturer, none of these organisations have a tradition or have the internal company infrastructure to constantly test and retest their devices and issue security updates for it,'' he said.

''If we're having trouble convincing people they need to install the security updates on their phone, it's going to be a lot harder to convince them to update the software on their doll.''

Lees verder in de categorie Artikelen | Terug naar homepage | Lees de introductie