Matteo Doni, chief tech blogger for TechTravelGeeks.com, warns that sometimes the security for smart toys has never really been vetted, which leaves a lot of these devices open to security issues.
Sputnik: On Tuesday, an investigation by the consumer group Which? found that children are at risk of being contacted by strangers and seeing offensive images through their must-have smart toys. How significant is this story and what does it tell us about many of these toys out on the market right now?
Matteo Doni: This is something that has been ongoing for a few years now. A lot more toys include smart functions, so that they can connect either to the Internet or to other connected devices we have. Sometimes the security for them has never really been vetted - the products have never been developed with security in mind, because the people producing the products haven't foreseen this need and the people ordering and marketing the products are essentially working to get the product on the market as quickly as possible at the lowest price possible. This leaves a lot of these devices open to security issues, which could be as little as someone switching the devices on or off, or it could be as much as initiating contact through voice, images, or video.
Sputnik: This isn’t the first story of its kind that we’ve heard recently… how do the findings of this investigation compare with the hijacking of webcams and other public devices being remotely accessed by users around the world?
Matteo Doni: The Which? report goes through a series of different products, but the theme is pretty consistent, which is that the overall security for the devices, for the smart toys in this case, is very low or potentially very weak, depending on if the user registering for an online service related to the toy uses a strong or weak password. So overall the theme is very similar to things we've been seeing for the last 15 to 20 years. From the days of the very first connected Wi-Fi printers, there was always a security risk, there's always a way for people to log on to your printer remotely and start printing pages of garbage.
Essentially the same thing is happening to this day with newer products that are, at this point, much more accessible, much more affordable and are getting into the hands of potentially children. So this is raising the issue and making people more aware that their children may be affected. This is a problem with the creators of the product, but also the users. It's highlighting the fact that the users, or the people buying them, should probably do their research, learn how the product works, and potentially limit the use of the product if necessary.
Sputnik: What recommendations have we seen from Which? Could we see these products being pulled from shelves?
Matteo Doni: Which? has reached out to both the government, asking for the next government after the UK election on Thursday to regulate this market and have some security standards across the board for products sold - and specifically products sold to children. On the other side, they have reached out to the retailers, asking for some of the products to be taken off the shelves which do not see them to be a fit and proper for the average consumer. Some of the retailers have got back in touch with many of the UK news outlets, such as Sky News and the BBC, to see that all the toys and products are compliant with current legislation and that they take their users security and safety very importantly.
I think the main issue around this is the fact that there is very little overall understanding of what the products are, what they can do and how they can be used. This is something that stems, as I said, at the beginning, from the fact that these products are probably sold by people who know very little about the product themselves and are produced in mass at very quick speeds with very few quality checks along the way. Overall, the products and the space they're sold in are very new - therefore, there is no real legislation around them. So what Which? have done is, I think the right thing, they've reached out to the government or the next government, they've also reached out to the retailers and they've done their best to make consumers aware of these issues.
