« December 5, 2015 | Main | December 7, 2015 »

December 6, 2015

What's Inside a Hello Barbie Surveillance Toy?


From boingboing


Mattel's Hello Barbie has a microphone and a WiFi interface — it transmits the phrases it hears to a central server in order to parse them and formulate a response.

Mattel claims that the data isn't being retained or harvested for marketing purposes and assures parents that they can make Barbie stop eavesdropping on them at will.

But does that work?

Somerset Recon has done a teardown on a Hello Barbie, examining its components and dumping its firmware.

Part One of their report is online now and it's a little dry: Hello Barbie has some standard IoT chips — a sound codec, a WiFi card, etc — but until Somerset posts their analysis of the firmware dump, this is pretty preliminary stuff.


Below, excerpts from a November 26, 2015 Guardian story by Samuel Gibbs.



Hackers can hijack WiFi Hello Barbie to spy on your children

Security researcher warns that hackers could steal personal information and turn the microphone of the doll into a surveillance device

Mattel's latest WiFi-enabled Barbie doll can easily be hacked to turn it into a surveillance device for spying on children and listening into conversations without the owner's knowledge.

The Hello Barbie doll is billed as the world’s first "interactive doll" capable of listening to a child and responding via voice, in a similar way to Apple's Siri, Google's Now, and Microsoft's Cortana.

It connects to the internet via WiFi and has a microphone to record children and send that information off to third-parties for processing before responding with natural language responses.

U.S. security researcher Matt Jakubowski discovered that when connected to WiFi the doll was vulnerable to hacking, allowing him easy access to the doll's system information, account information, stored audio files, and direct access to the microphone.

Jakubowski told NBC: "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want."

Once Jakubowski took control of where the data was sent, the snooping possibilities were apparent.
The doll only listens in on a conversation when a button is pressed and the recorded audio is encrypted before being sent over the internet, but once a hacker has control of the doll the privacy features can be overridden.
It was the ease with which the doll was compromised that was most concerning.
The information stored by the doll could allow hackers to take over a home WiFi network and from there gain access to other internet-connected devices as well as steal personal information.

Mattel, the manufacturers of Hello Barbie, did not respond to requests for comment.


The Washington Post weighed in this past Friday as did The Guardian (again), this time with an extended exploration of the Hello Barbie interactive space.

Before you pull the trigger be sure to have a look at the limited-edition (run of 700) Moschino Barbie.


Wait a sec... what's that music I'm hearing?

No, no, not that one — this one.

December 6, 2015 at 08:01 AM | Permalink | Comments (1)

« December 5, 2015 | Main | December 7, 2015 »