Skip to main content

Hello Barbie is hackable, exposes children’s conversations with the doll

hello barbie blabbermouth exposes childrens conversations hackers
A high-tech Barbie is terrible at keeping secrets. Toymaker Mattell is finding this out the hard way after a security firm revealed that Hello Barbie, a version of the beloved doll that comes with Wi-Fi and speech recognition technology, is vulnerable to hacking.

Hello Barbie, which sells for $74.99, uses Wi-Fi connectivity and speech recognition technology to give children an interactive toy that can “discuss anything,” according to Mattel. The problem is that ToyTalk, the company behind the modern technology in the doll, has vulnerable servers, which means children’s recorded conversations with Hello Barbie could potentially be accessed without permission.

Bluebox, the security firm that revealed the doll’s vulnerabilities, shares that the Hello Barbie app for iOS and Android has a number of flaws, including the use of an authentication credential that can be reused by attackers and useless code that “increases the overall attack surface.”

“The ToyTalk server domain was on a cloud infrastructure susceptible to the POODLE attack,” according to Bluebox.

All this means that hackers could potentially access, listen to and reconstruct recordings of children’s conversations with Hello Barbie.

“We have been working with Bluebox and appreciate their Responsible Disclosure of issues with respect to Hello Barbie,” ToyTalk CTO Matt Reddy told Gizmodo. “We are grateful that they informed us of relevant security vulnerabilities, which have been addressed.”

This revelation came on the heels of a warning from another researcher who said he found a flaw that could allow hackers to discover the home addresses of Hello Barbie owners, according to CNET.

The Hello Barbie news has likely gotten the attention of the FTC, according to a former director of the FTC’s Bureau of Consumer Protection.

Vtech, an electronics manufacturer based in Hong Kong, is working through a similar issue of its own as it responds to a security breach of its Learning Lodge app store database. That breach made accessible personal information such as email addresses, passwords, and mailing addresses.

Editors' Recommendations

Jason Hahn
Jason Hahn is a part-time freelance writer based in New Jersey. He earned his master's degree in journalism at Northwestern…
Skype now supports 911 calls in the U.S.
iPhone with the Skype mobile app loading screen.

Skype has updated its mobile and desktop apps to allow emergency calling in the U.S. for the first time in its 18-year history. Calls to 911 are also possible via Skype’s web-based service, notes for the recently released Skype 8.80 showed.

Emergency calling from Skype could come in handy if you find yourself in a tricky situation without a phone but have a computer close by, or if phone lines are down but you can get online.

Read more
The Interplanetary File System: How you’ll store files in the future
Cloud storage for downloading an isometric. A digital service or application with data transmission. Network computing technologies. Futuristic Server. Digital space. Data storage. Vector illustration.

When you upload a file or send a tweet, your information is stashed in some corporation-owned mega data center in the middle of nowhere. The endless racks of computers in these facilities hold millions of ledgers, and with a flick of a switch, companies can censor or misuse the data.

But what if instead of handing it to, say Amazon or Google, your data is broken down into pieces and scattered across the globe so that no one except you and your key -- not even the government -- can access it?

Read more
The best hurricane trackers for Android and iOS in 2022
Truck caught in gale force winds.

Hurricane season strikes fear into the hearts of those who live in its direct path, as well as distanced loved ones who worry for their safety. If you've ever sat up all night in a state of panic for a family member caught home alone in the middle of a destructive storm, dependent only on intermittent live TV reports for updates, a hurricane tracker app is a must-have tool. There are plenty of hurricane trackers that can help you prepare for these perilous events, monitor their progress while underway, and assist in recovery. We've gathered the best apps for following storms, predicting storm paths, and delivering on-the-ground advice for shelter and emergency services. Most are free to download and are ad-supported. Premium versions remove ads and add additional features.

You may lose power during a storm, so consider purchasing a portable power source,  just in case. We have a few handy suggestions for some of the best portable generators and power stations available. 

Read more