Blog / Not just a toy!
Ah, the good old days when you didn’t have to worry about buying toys for your kids!
Well the truth is… that was never true. Toy manufacturers have always been pushing the limits of what was acceptable.
Don’t believe me?
Anybody remember Wood-burning kits? That’s a great idea for a 5-year-old, isn’t it? No… it really isn’t, but it used to be a toy for kids!
Chemistry kits with poisonous chemicals in them? Yup, that was a thing!
How about an atomic energy experiment kit… that includes RADIOACTIVE MATERIAL!
I could go on and on about toys that have been sold as children’s toys which were spectacularly unsafe. But thanks to google I don’t need to. Go ahead and click if you want to see some of history’s most dangerous children’s toys ever sold (some of them a lot more recently than you might dare to believe.)
But these days things have gotten better… right?
No, it really hasn’t.
Back in “The good old days” things were slightly more aboveboard. Generally speaking, you only needed to worry about your child’s physical safety. This is relatively straightforward, as all it requires is a bit of imagination and understanding of your own children.
“Do I really think that little Billy should be allowed to play with radioactive isotopes at Christmas?”
Nowadays you need to worry about their Cyber Safety, as well as your own. These online/connected toys are nifty and cool. However, have they gone through any kind of testing to see if they can be hacked in any way? Will the company care about Security holes, if they are found? In the case of the article above, it took the company over a year to fix one of the issues that was found (they were contacted multiple times.)
You may be thinking the same thing; that this company was probably stating: “We aren’t selling this to adults. We’re aiming this at children and they don’t have the knowledge to perform these exploits, so what’s the big rush to fix it?” It’s not your target audience that you need to worry about anymore; it’s the people who would seek to take advantage of them.
In the case of this toy, it has a built-in speaker and microphone, as well as Internet connection capability. Now, I’m no hacker (ethical or otherwise), but I have enough imagination to see a huge number of ways that someone could potentially attempt to take advantage of that sort of setup.
The company that produces these toys certainly didn’t think any of the issues were important… at least until they started to impact sales by having their products pulled from some very large stores (Amazon, Walmart, Etc.)
That’s the ultimate risk that you take in buying toys like this these days.
If the company finds or is informed of a Security problem, WILL they fix it? Depending on how the toy is setup, CAN they fix it?
A toy like this is something that would be considered an IoT (Internet of Things) device.
The FBI has given some advice when it comes to things of this nature, which I reviewed in a previous Newsletter. Read it by clicking here and see how their advice compares to the actions of the company producing this toy.
If you have any questions about IT Security, you can always reach out to your TRINUS Account Manager for some stress-free IT.
IT Security Supervisor