Piles Of Insecure Smart Toys Fill Retailers' Shelves

posted by Fnord666 on Thursday December 12, @03:31PM
from the hello-chucky dept.
Arthur T Knackerbracket has found the following story:

It seems to come around quicker every year – the failure of so-called smart toys to meet the most basic of security requirements. Which? has discovered a bunch of sack fillers that dirtbags can use to chat to your kids this Christmas.

Back in 2017, the consumer group found toys with security problems relating to network connections, apps or other interactive features. The results of its latest round of testing show manufacturers are struggling to improve standards.

Working with security researchers NCC Group, Which? found a karaoke machine that could transmit audio from anyone passing within Bluetooth range because of its unsecured connection. It found walkie-talkies from VTech which anyone with their own set of similar equipment could connect to over a 200-metre range. It also found a Mattel-backed games portal which appeared to be unmoderated, allowing users to upload their own games with content inappropriate for children.

Ken Munro, security researcher with consultancy Pen Test Partners, said that although there was no evidence the vulnerabilities revealed by Which? had not been used by nefarious characters to contact children, parents should still beware of toys that do not meet minimum standards.

"The reason we don't hear of these attacks is they are local: it would be one parent at a time. Is it still worrying? Yes, I don't like the idea of this thing being unsecured," he said.

  • (Score: 3, Insightful) by Anonymous Coward on Thursday December 12, @03:46PM (1 child)

    by Anonymous Coward on Thursday December 12, @03:46PM (#931420)

    Walkie talkies have traditionally not been secure comms.
    That complaint in the summary is not warranted.

    • (Score: 2) by progo on Thursday December 12, @03:57PM

      by progo (6356) on Thursday December 12, @03:57PM (#931430) Homepage

      I found this immediately and determined the source is not credible because of it. Came here to comment, and oh look! This issue is the FIRST comment!

  • (Score: 3, Funny) by takyon on Thursday December 12, @03:56PM (1 child)

    by takyon (881) Subscriber Badge <{takyon} {at} {soylentnews.org}> on Thursday December 12, @03:56PM (#931429) Journal

    Island of MisfIoT toys.

    • (Score: 2) by DannyB on Thursday December 12, @03:58PM

      by DannyB (5839) Subscriber Badge on Thursday December 12, @03:58PM (#931432) Journal

      Next year's smart toys will all hack each other's vulnerabilities and unmoderated web sites.

