Page 40 - Cyber Warnings
P. 40
After that, Barbie mainly communicates with ToyTalk servers, doing all of its storage and data-
processing in the cloud. Staging a man-in-the-middle attack on any of the devices are difficult as
it requires an attacker to have access to a trusted network. Even then, communication between
the devices and the cloud are being encrypted.
Attack Model
The resulting threat model leaves home WiFi credentials and audio recordings as the data that
would be attractive to attackers. However, accessing this information is not easy.
Network SSIDs and passwords are stored on the doll, but the passwords are encrypted in doll’s
memory and are difficult to extract.
Accessing audio recordings could be achieved by eavesdropping on a Barbie’s conversation or
a data breach of the ToyTalk’s website. However, eavesdropping would require an attacker to
generate a valid toytalk.com certificate, which is not easy. ToyTalk’s website is a different story,
and its security rests on community participation in their bug bounty program.
Info for Consumers
What does this mean for consumers interested in this product? It means that ToyTalk requests
basic information about their users, voice recordings are stored in the cloud, and for the most
part this isn’t much different from using other cloud services.
The actual doll and mobile device do not store or share much interesting information. What
consumers need to decide is whether they are willing to trust their children’s content with
ToyTalk.
Info for IoT Companies, Engineers, and Developers
What does this mean for creators and tinkerers of IoT? IoT products are a combination of
multiple, potentially complex, devices that connect and form a network architecture. Designing
all these devices, protocols, and services for a product can be challenging and prone to error.
By leveraging pre-existing IoT hardware modules and services, one can minimize the amount of
custom work that needs to be done to a product, thus minimizing the attack surface.
In Hello Barbie’s overall design, its weakest pieces were ToyTalk’s web services that they
implemented, but the IoT hardware itself presents few opportunities for an attacker.
Conclusion/Takeaways
In the end, we believe that ToyTalk started off well by utilizing pre-designed hardware and
software, but fell short when it came to their web security.
40 Cyber Warnings E-Magazine – February 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
