After a hacker was able to infiltrate VTech accounts it seemed as if the worry surrounding child tech toys had come at one of the worst possible times of the year. Now, a researcher has managed to hack into a Hello Barbie doll exposing even more vulnerabilities in some of the toys that are probably on plenty of Christmas lists.
“A researcher revealed to reporters a security hole in Mattel’s talking Hello Barbie, a $75 toy that talks to you like Siri from an iPhone. The flaw could allow hackers to steal personal information and listen in on kids,” according to Laura Hautala of CNET.
“Forget ‘Elf on the Shelf,’ the story about a doll that reports to the North Pole with information on kids’ behavior. With today’s connected toys making their way to potentially millions of children for the holidays, spying on kids is no joking matter.”
The word intrusive has become an understatement in the world of hacks. It raises the question as to whether companies are too quick to create toys with added technology before taking the necessary steps needed in order to protect the consumers. Well, in the case of Mattel, the company that manufactures Hello Barbie, a proactive approach is what they intend on using to remedy the security flaws.
“ToyTalk, which creates the software that powers Hello Barbie, has a ‘bug bounty‘ program that will pay researchers to find flaws,” according to the report.
Mattel also says that there are many built in privacy and security measures, however, it may not be enough according to some security experts.
“Security specialist Ed Skoudis said the issue boils down to the quality of the technology these companies are using,” according to the report.
Skoudis told CNET that much of the technology bing used is primitive. There simply is no room for primitive software, especially when children are involved.
Read the full story.