Even Barbie Is A Security Risk!

From the “Definitely Worse Than We Thought” department; right next to the “I TOLD you I wasn’t paranoid!!” department…

http://www.techrepublic.com/article/security-expert-raises-big-concerns-about-wi-fi-enabled-hello-barbie/

I’ve bolded some bits:

Security expert raises big concerns about Wi-Fi-enabled Hello Barbie

The new Hello Barbie is able to have a ‘conversation’ with children using speech-recognition software and Wi-Fi. But what’s happening with all the recorded data?

By Hope Reese | November 13, 2015, 6:30 AM PST

This week, Mattel released Hello Barbie, a Wi-Fi-enabled doll that records and saves its conversations with children. The capacity for the doll to collect data begs questions about security, privacy, and potential misuse of information. TechRepublic spoke to Andrew Browne, Director of Lavasoft’s malware lab, about his concerns over Hello Barbie’s privacy settings.

Hello Barbie sends communications between children and Mattel’s control center. What are your thoughts on potential security issues here?
[…]
The privacy policy says it captures voice data that can be used to improve speech recognition or AI algorithms. But it also can be used for other research and development and data purposes. That could be anything. It’s one of these catch-all phrases that pops up in license agreements that absolves people of what they’re really trying to do. It also says the recordings can be shared with third parties, which is worrying. And from the policy, it says the recordings will be sent to Microsoft. Straight away, some other party we may not be aware of has access to the recording. So the first concern is what Mattel will do with the data. Even though Mattel says they won’t try to monetize the data, it’s inevitable that somebody will.

How exactly can the information gathered by Hello Barbie be monetized?

It’s a pretty blunt example, but there’s the scenario where a kid tells the doll their birthday is coming up, and Barbie starts talking about new, cool toys coming out. It’s not a stretch of the imagination that this will happen. The doll itself, and I find this quite creepy, is actually a recording device. It can also capture non child-doll conversations that are happening in the background.
[…]
What steps can adults take to protect privacy collected by Hello Barbie?

Once the information is on the recipient’s server, there’s not a whole lot that can be done. I’m not a psychologist, but I imagine that kids will talk to the toy like a real person, confide in her, and so on. The kid might give up information that is confidential. They say they’ll attempt to monitor for this and wipe from the system, but I don’t know that there’s anything to prevent it other than train the kid not to say anything private. But a five-year-old can’t comprehend that.

There’s a whole lot more in the article. Hit the link and then think about what you read.

Just what we need… a world full of spies disguised as dolls and listening to our children… Just remember that the Internet of Things acronym, IoT is only an id away from idIoT…

Subscribe to feed

About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in Human Interest, Tech Bits and tagged , , . Bookmark the permalink.

One Response to Even Barbie Is A Security Risk!

  1. omanuel says:

    We will all be security risks until we honestly face the consequences of unreported events that changed the course of world history at Konan, Korea in AUG-SEPT 1945, before nations were united in OCT 1945:

    https://dl.dropboxusercontent.com/u/10640850/STALINS_SCIENCE.pdf

Comments are closed.