Samedi, 16 Février 2019
Dernières nouvelles
Principale » Which? Has Warned Retailers About Connected Toys Because of 'Worrying' Security

Which? Has Warned Retailers About Connected Toys Because of 'Worrying' Security

14 Novembre 2017

Wowee Chip, a robot dog, also sported the same Bluetooth vulnerability, but the researchers were not able to use it to speak to a child, though they were able to remotely control it.

Furby Connect, the i-Que robot, Cloudpets and Toy-fi Teddy.

The I-Que Intelligent Robot, has previously featured on Hamleys top toys Christmas list and is available from Argos and Hamleys.

Tests carried out by Which? with the German consumer group Stiftung Warentest, and other security research experts, found flaws in Bluetooth and Wi-fi-enabled toys that could enable a stranger to talk to a child. The toy is made by Genesis, which also manufactures the My Friend Cayla doll, recently banned in Germany owing to security and hacking concerns.

Which? found there was no authentication required between the toys and the devices they could link with via Bluetooth and Wi-Fi. Which? found the Bluetooth connection lacked any authentication protections, meaning hackers could send voice messages to a child and receive answers.

Alex Neill, managing director of home products at Which?, said: "You wouldn't let a young child play with a smartphone unsupervised and our investigation shows parents need to apply the same level of caution if considering giving a child a connect toy".

'Safety and security should be the absolute priority with any toy.

Which? has called for all connected toys with known privacy or security issues to be taken off sale before parents begin their Christmas shopping.

Spider-Man : Morbius le Vampire bientôt à l'écran
Burk Sharpless et Matt Sazama , scénariste de Power Rangers le film, devront trouver des réponses à ses questions. Pour l'heure, rien d'officiel du côté de Sony , le projet serait toujours en cours de négociation.

I-Que maker Vivid Imagination said there had been "no reports of these products being used in a malicious way" but added that it would review Which?'s recommendations.

Furby manufacturer Hasbro told Which? that it takes the report "very seriously", although it claimed that the discovered exploits would require someone to re-configure the device's firmware, something that would take expert knowledge.

It said: 'While the researchers at Which? identified ways to manipulate the Furby Connect toy, we believe that doing so would require close proximity to the toy.

"A tremendous amount of engineering would be required to reverse-engineer the product as well as to create new firmware", it said.

Hasbro said: "We feel confident in the way we have designed both the toy and the app to deliver a secure play experience". "While it may be technically possible for a third party (someone other than the intended user) to connect to the toys, it requires certain sequence of events to happen in order to pair a Bluetooth device to the toy, all of which make it hard for the third party to remotely connect to the toy".

Cloud Pets & Toy Fi - Spiral Toys declined to comment.

It said: 'The circumstances in which these investigations have taken place rely on a ideal set of circumstances and manipulation of the toys and the software, that make the outcome highly unlikely in reality'.