Is there someone on your Christmas list that wants a Hello Barbie? This is a consumer alert. The Hello Barbie could be a major technological security risk.
It’s not me saying so. Some of the greatest cyber-security minds in America found major security flaws in the popular Hello Barbie doll. She’s the first Barbie to use the Internet and artificial intelligence to communicate with her consumers. According to Bluebox Security, Hello Barbie’s cloud storage and mobile app are venerable. The deficiencies can allow hackers to listen in during playtime with Barbie. Barbie’s creators at Mattel are already on it. So is Toy Talk. Toy Talk is the toy tech company behind Hello Barbie’s voice. A Mattel spokesperson issued this statement:?”We are aware of the Bluebox Security Report and are working closely with ToyTalk to ensure the safety and security of Hello Barbie.” Toy Talk’s co-founder Martin Reddy released a statement assuring the public that many of these hacking threats were already fixed. But consumer advocates and privacy rights?groups raised concerns even before this disturbing Bluebox Security report. The report just backs up their claims. Here’s how the talking part works: The user presses a button. The user is recorded, then sent to an online audio file where it’s processed. Hello Barbie responds to the child’s comment with one of thousands of Barbie’s pre-recorded messages. Parents must express consent and set it up through a mobile app before the child can use it.
My question is: Why would someone want to hack a child’s conversation with a doll? How lowdown does one have to be? Maybe, at best, parents and guardians can use it to see what their child is really up to or analyse their child. But we didn’t need to go this far when I was growing up. And most of us turned out okay. But something tells me hackers could use these deficiencies for something far, far more sinister. And who says it’s just hackers? Could the NSA and other agencies use Hello Barbie for their own spying and surveillance purposes?