vendredi 27 novembre 2015

Wi-Fi Barbie could be putting your kids at risk

Hello Barbie

The latest Wi-Fi enabled Hello Barbie dolls could be putting your children at risk according to security researchers.

Using a combination of speech recognition technology and wireless connection Hello Barbie provides, "...an engaging and unique Barbie experience," according to manufacturer Mattel.

That experience may be rather more engaging than you bargained for according to security researcher Matt Jakubowski, who has managed to hack the Hello Barbie operating system. He says he's been able to extract information including Wi-Fi network names, account IDs and MP3 files.

Talking to NBC he warns that the information he was able to access could be used to find someone's house or business, to access their home network and everything that the doll had recorded. He says, "It’s just a matter of time until we are able to replace their servers with ours and have her say anything we want".

However, Martin Reddy, Co-founder and CTO of ToyTalk which designed the Hello Barbie operating system says, "...we are not aware of anyone who has been able to access your WiFi passwords or your kid's audio data".

Writing on the company's blog Reddy says, "Mattel and ToyTalk have invested a lot of effort to build the safest experience possible for parents and their children. As part of that commitment, we are actively engaging the security community to address any concerns. We have initiated a security bug bounty program where security researchers are rewarded for responsibly disclosing potential vulnerabilities to us. This lets us fix any issues as they are discovered and keep the doll as safe as possible for you".

This seems to cut no ice with the Campaign for a Commercial-Free Childhood which has launched a #HellNoBarbie campaign urging parents to boycott the toy.



Aucun commentaire:

Enregistrer un commentaire