Interactive dolls aren’t that hard to hack

“You may think I’m just a sweet toy but now that I’ve been hacked, I can say all sorts of scary things,” My Friend Cayla warned a BBC reporter. The interactive doll was released last November but was breached by January—and also been made to recite lines from Fifty Shades of Grey. Users don’t need a PIN to connect their iPhone or Android to Cayla, security researcher Ken Munro explained to the Beeb, so anyone with Bluetooth can talk to your kids.

Mattel and ToyTalk’s Hello Barbie, to be released this Christmas season, also chats with kids through Wifi. Each child’s responses, however, are recorded, encrypted and sent back to the companies “to operate and improve our products [and] to develop better speech recognition for children,” a ToyTalk spokesperson told The Guardian. But parents can listen to and delete recordings at any time. Still, the Campaign for a Commercial-Free Childhood wants to stop Hello Barbie’s production, citing privacy concerns.

Google hasn’t brought out its doll, but not because of any protest—it just doesn’t want to yet. In 2012, the tech giant filed a patent for an “anthropomorphic device, perhaps in the form factor of a doll or toy, [that] may be configured to control one or more media device.” So when’s it coming out? Well, Google says just because it makes an application doesn’t mean it has to follow through.

To express curiosity at this statement, an anthropomorphic device would “tilt its head, furrow its brow, and/or scratch its head with an arm.”
__________________________________________________________________________
Copyright 2015 Rogers Publishing Ltd. This article first appeared in the June / July 2015 edition of Canadian Insurance Top Broker magazine

This story was originally published by Canadian Insurance Top Broker.