Slashdot Mirror
Pwned Barbies Spying On Children? Toytalk CEO Downplays Hacking Reports (bt.com)
McGruber writes: Earlier this year Mattel unveiled "Hello Barbie," a $74.99 wi-fi equipped interactive doll. Users press a button on Barbie's belt to start a conversation and the recorded audio is processed over the internet so that the doll can respond appropriately. The doll also remembers the user's likes and dislikes.
Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone's home. "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want," Jakubowski warned. Mattel partnered with ToyTalk to develop "Hello Barbie." ToyTalk CEO Oren Jacob said: "An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge." A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.
NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast.
Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone's home. "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want," Jakubowski warned. Mattel partnered with ToyTalk to develop "Hello Barbie." ToyTalk CEO Oren Jacob said: "An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge." A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.
NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast.
Just don't IoT. The anti-Nike slogan seems more appropriate in this case.
If you are not allowed to question your government then the government has answered your question.
All they need to do is to claim that since it uses encryption, the NSA can't eavesdrop on terrorists using it to communicate with each other.
Well... the CEO is either right, or he's baited every hacker this side of Timbuktu into hacking those Barbie servers.
Good thing my daughter has outgrown Barbie!!!
"I don't know, therefore Aliens" Wafflebox1
I can hardly wait for WIFI Chucky!
“He’s not deformed, he’s just drunk!”
But your boyfriend hasn't.
is going to be pissed off.
Guessing these will be banned from government facilities too...
Chas - The one, the only.
THANK GOD!!!
Something tells me it's not just going to be little girls that will get spied upon:
https://i.ytimg.com/vi/ijiNDZy...
You are welcome on my lawn.
What happens if kids start saying things like "my parents beat me" to these dolls?
Do child protection services come knocking, or does the company turn a blind eye?
Both options have important implications.
Thank god, mine's more into MLP.
That's not a line you can use often, so I could not resist.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
For a change, soccer moms with too much spare time and nothing to do but protecting their precious little snowflakes could become useful.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The feminists complain that it tells girls that some body shapes and sizes are more beautiful than others, and that the girls were unfairly harmed because all girls deserve a perfect husband like Ken, one who has his looks, style, successful job, and is completely under her control.
I couldn't care less about a fucking Barbie doll getting owned. These things scream of bad parenting - people who buy those spend 75 dollars to avoid talking to their children. If you find yourself buying one of these things, you have much bigger problems to worry about than someone getting your SSID.
Looks like it's time to short Mattel stock.
"Daddy, what's a 'boner pill discount'?"
Table-ized A.I.
Yeah, watch out for those angry atheist papists!
Kind of like the Catholic church turned the Nazis into atheists after 1945, after voting them into power in 1933.
Another one to add to the list of great euphemisms.
It would be hilarious if this Barbie started spewing "Let's make America great again" or "We should build a wall around those other toys"
Parents would flip and it would be Tiny Tina all over again.
In Soviet Russia, doll owns you!
My first program:
Hell Segmentation fault
Are you sure it's so much better to be pwnied?
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Did they go door knocking? Have they not heard of the internet? Or do people really really not care?
The summary writes it as if I'm supposed to be impressed by that number but I can't figure out why.
doll can respond appropriately. The doll also remembers the user's likes and dislikes.
Siri, Cortana and Barbie ended up in the same room. They became jealous of the user and destroyed the kitchen blender. The retaliation of the other smart appliances were swift and brutal.
The feminists complain that the IoT is keeping girls out of STEM.
For a change, soccer moms with too much spare time and nothing to do but protecting their precious little snowflakes could become useful.
Swearing? Nobody cares. That shit is on the radio now, at least some of it. Interfering with religious indoctrination? THAT will get the religious wingnuts up in arms with their burning crosses.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I don't judge people, what they do in the privacy of their bedroom is their own thing.
Just PLEASE keep it out of my view. The mental images alone are enough to keep me awake at night.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I don't think so:
...Mr. Dear [shooter] was raised as a Baptist, Ms. Ross [ex-wife] said in an interview in Goose Creek, S.C., where she now lives. He was religious but not a regular churchgoer, a believer but not one to harp on religion. “He believed wholeheartedly in the Bible,” she said. “That’s what he always said; he read it cover to cover to cover.”
Il n'y a pas de Planet B.
We just need a story about how pedophiles can hack the network and use it to abuse little girls and soon enough people will be up in arms.
It doesn't even have to be true.
Hack the dolls to say, "Why are you playing with a doll instead of learning calculus?" Then have the dolls teach little girls calculus. Instantly the STEM fields will be bristling with billions of eager girls who love to dress calculus in pretty pink clothes, and take it to the mall.
Calculus will become a bigger hit than Miley Cyrus having a wardrobe malfunction.
"No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge."
And we're going to do our damnedest to make sure we never find out, either.
This is why I'm glad I've been taking my 7 yr old daughter to defcon's kids track since she was 4. She's been taught the importance of online privacy by the type of folks who could perform this hack. She'd yell at me for buying her this type of gift.
Seriously, EFF co-sponsors the track each year and it's a good annual inoculation against the dumb messages society tries to pump into her head. She's way more sensible about such things then most adults, nevermind 7 yr olds, and we have a shared vocabulary for having discussions around privacy and maintaining control of her own personal information.
Min
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
30% of the victims of paedophiles are boys.
The claim that the servers are invulnerable is ridiculous, and it also ignores some more obvious weaknesses in the system that are easily exploited.
Would all returned dolls go back to the factory or be destroyed? I doubt it very much, they will go straight back on the shelf if they, and their packaging, is in perfect condition.
There is so much about the IoT doll idea that is creepy or unhealthy. Why would anyone think that having WiFi energy in a bedroom, so near the brain of a sleeping child, was a good idea in the first place?
Shit. I'd better not get a Barbie doll for my son then!
Well, didn't their team meet in whitehouse ?
To take counsel on how to make feminist supported barbies?
Here is there result guys...
When the first predator manages to groom a little girl via a hacked barbie, this kind of toys will be history.
"Command received and understood! Will commence programmed task!. Rosebud! redruM!" My Barbie told me to do it!
Self-importance and self-indulgence is the root of ALL evil.