Once a week.
Subscribe to our weekly newsletter.
How Barbie Brought Attention to Securing the Internet of Things
Hello Barbie, the new interactive doll from Mattel, has some security flaws. As the Internet of Things becomes a reality, manufacturers must make security a priority.
Every holiday season, Barbie dolls become a fascination for children everywhere. Making its debut in March 1959, Barbie is the single most successful doll ever produced. She’s run for president six times since 1992, traveled to space in 1965, and is sold in 150 countries around the globe. And in 2015, Barbie got connected.
In March, Mattel released the Hello Barbie doll to the delight of children and hackers everywhere. The doll is capable of engaging in two-way conversation over a WiFi network (and companion app), with up to 8,000 lines of dialog to choose from. Children can ask Barbie questions, participate in co-created stories, and engage in conversations on a wide variety of topics. And since it can connect to the Internet, it has become a target for hackers.
As Mattel describes the toy:
“Now, you can chat with Barbie! Using WiFi and speech recognition technology, Hello Barbie doll can interact uniquely with each child by holding conversations, playing games, sharing stories, and even telling jokes! It's a whole new way to interact with Barbie. She's ready to discuss anything in an outfit that blends trendy and techie for a cool look. Use is simple after setup — push the doll's belt buckle to start a conversation, and release to hear her respond. More than 8,000 lines of recorded content means countless hours of fun! Just like a real friend, Hello Barbie doll listens and remembers the user's likes and dislikes, giving everyone their own unique experience.”
Much like Siri, Cortana, or Google Now, the new doll gives children an interactive experience. But, according to privacy advocates, the focus on conversing specifically with children worries many. “This is really about Mattel eavesdropping on a child's heart and soul — and the most intimate things about their lives," Susan Linn, executive director of the Campaign for a Commercial-Free Childhood, told NPR in October.
While I’m not sure the technology is that different from other personal digital assistants, certainly marketing its benefits to children is disconcerting. In a recent online review of the doll, Barbie is seen asking a number of questions of the user, leading them through a series of interactive stories, and imparts general knowledge when you ask her. Interesting, but in each of the interactions, it is readily apparent that large amounts of information are gathered by Barbie as she speaks with the user. For example, Barbie at one point in the video asks, “You know what I want to talk about? Family! Do you have any sisters?”
Not surprisingly, researchers have discovered security weaknesses in the doll that can enable easy access to system information, Barbie’s microphone, and stored audio files. Security researcher Matt Jakubowski told NBC, “You can take that information and find out a person’s house or business. It’s just a matter of time until we are able to replace their servers with ours and have her say anything we want.”
Additionally, in early December, Bluebox Security released a report on the doll and the accompanying mobile application (developed by Mattel and ToyTalk). What they found was disturbing:
“We discovered several issues with the Hello Barbie app including:
On the server side, we also discovered:
Bluebox disclosed the most critical security weaknesses to ToyTalk prior to its public release and ToyTalk promptly resolved a number of them.
Many parents, however, still have decided to buy the doll. “I was so stressed getting this for my little girl BUT she has not put it down! The adventures and general knowledge is incredible. ... I read all the hacking stuff but I'm sorry if big brother was going to spy he's already doing it through your smart phone,” one reviewer on Amazon argues. “This is a great toy that sparks imagination my daughter is jumping around like a frog on a trip with Barbie great toy thanks for making our Christmas magic.”
What the very public release of the security weaknesses of Hello Barbie indicate is as the Internet of Things becomes a reality, manufacturers must make security a priority. We cannot afford not to.
The father of all giant sea bugs was recently discovered off the coast of Java.
- A new species of isopod with a resemblance to a certain Sith lord was just discovered.
- It is the first known giant isopod from the Indian Ocean.
- The finding extends the list of giant isopods even further.
Humanity knows surprisingly little about the ocean depths. An often-repeated bit of evidence for this is the fact that humanity has done a better job mapping the surface of Mars than the bottom of the sea. The creatures we find lurking in the watery abyss often surprise even the most dedicated researchers with their unique features and bizarre behavior.
A recent expedition off the coast of Java discovered a new isopod species remarkable for its size and resemblance to Darth Vader.
The ocean depths are home to many creatures that some consider to be unnatural.
According to LiveScience, the Bathynomus genus is sometimes referred to as "Darth Vader of the Seas" because the crustaceans are shaped like the character's menacing helmet. Deemed Bathynomus raksasa ("raksasa" meaning "giant" in Indonesian), this cockroach-like creature can grow to over 30 cm (12 inches). It is one of several known species of giant ocean-going isopod. Like the other members of its order, it has compound eyes, seven body segments, two pairs of antennae, and four sets of jaws.
The incredible size of this species is likely a result of deep-sea gigantism. This is the tendency for creatures that inhabit deeper parts of the ocean to be much larger than closely related species that live in shallower waters. B. raksasa appears to make its home between 950 and 1,260 meters (3,117 and 4,134 ft) below sea level.
Perhaps fittingly for a creature so creepy looking, that is the lower sections of what is commonly called The Twilight Zone, named for the lack of light available at such depths.
It isn't the only giant isopod, far from it. Other species of ocean-going isopod can get up to 50 cm long (20 inches) and also look like they came out of a nightmare. These are the unusual ones, though. Most of the time, isopods stay at much more reasonable sizes.
View this post on Instagram
During an expedition, there are some animals which you find unexpectedly, while there are others that you hope to find. One of the animal that we hoped to find was a deep sea cockroach affectionately known as Darth Vader Isopod. The staff on our expedition team could not contain their excitement when they finally saw one, holding it triumphantly in the air! #SJADES2018
A post shared by LKCNHM (@lkcnhm) on
What benefit does this find have for science? And is it as evil as it looks?
The discovery of a new species is always a cause for celebration in zoology. That this is the discovery of an animal that inhabits the deeps of the sea, one of the least explored areas humans can get to, is the icing on the cake.
Helen Wong of the National University of Singapore, who co-authored the species' description, explained the importance of the discovery:
"The identification of this new species is an indication of just how little we know about the oceans. There is certainly more for us to explore in terms of biodiversity in the deep sea of our region."
The animal's visual similarity to Darth Vader is a result of its compound eyes and the curious shape of its head. However, given the location of its discovery, the bottom of the remote seas, it may be associated with all manner of horrifically evil Elder Things and Great Old Ones.
The first nation to make bitcoin legal tender will use geothermal energy to mine it.
This article was originally published on our sister site, Freethink.
In June 2021, El Salvador became the first nation in the world to make bitcoin legal tender. Soon after, President Nayib Bukele instructed a state-owned power company to provide bitcoin mining facilities with cheap, clean energy — harnessed from the country's volcanoes.
The challenge: Bitcoin is a cryptocurrency, a digital form of money and a payment system. Crypto has several advantages over physical dollars and cents — it's incredibly difficult to counterfeit, and transactions are more secure — but it also has a major downside.
Crypto transactions are recorded and new coins are added into circulation through a process called mining.
Crypto mining involves computers solving incredibly difficult mathematical puzzles. It is also incredibly energy-intensive — Cambridge University researchers estimate that bitcoin mining alone consumes more electricity every year than Argentina.
Most of that electricity is generated by carbon-emitting fossil fuels. As it stands, bitcoin mining produces an estimated 36.95 megatons of CO2 annually.
A world first: On June 9, El Salvador became the first nation to make bitcoin legal tender, meaning businesses have to accept it as payment and citizens can use it to pay taxes.
Less than a day later, Bukele tweeted that he'd instructed a state-owned geothermal electric company to put together a plan to provide bitcoin mining facilities with "very cheap, 100% clean, 100% renewable, 0 emissions energy."
Geothermal electricity is produced by capturing heat from the Earth itself. In El Salvador, that heat comes from volcanoes, and an estimated two-thirds of their energy potential is currently untapped.
Why it matters: El Salvador's decision to make bitcoin legal tender could be a win for both the crypto and the nation itself.
"(W)hat it does for bitcoin is further legitimizes its status as a potential reserve asset for sovereign and super sovereign entities," Greg King, CEO of crypto asset management firm Osprey Funds, told CBS News of the legislation.
Meanwhile, El Salvador is one of the poorest nations in North America, and bitcoin miners — the people who own and operate the computers doing the mining — receive bitcoins as a reward for their efforts.
"This is going to evolve fast!"
If El Salvador begins operating bitcoin mining facilities powered by clean, cheap geothermal energy, it could become a global hub for mining — and receive a much-needed economic boost in the process.
The next steps: It remains to be seen whether Salvadorans will fully embrace bitcoin — which is notoriously volatile — or continue business-as-usual with the nation's other legal tender, the U.S. dollar.
Only time will tell if Bukele's plan for volcano-powered bitcoin mining facilities comes to fruition, too — but based on the speed of things so far, we won't have to wait long to find out.
Less than three hours after tweeting about the idea, Bukele followed up with another tweet claiming that the nation's geothermal energy company had already dug a new well and was designing a "mining hub" around it.
"This is going to evolve fast!" the president promised.
How were mRNA vaccines developed? Pfizer's Dr Bill Gruber explains the science behind this record-breaking achievement and how it was developed without compromising safety.
- Wondering how Pfizer and partner BioNTech developed a COVID-19 vaccine in record time without compromising safety? Dr Bill Gruber, SVP of Pfizer Vaccine Clinical Research and Development, explains the process from start to finish.
- "I told my team, at first we were inspired by hope and now we're inspired by reality," Dr Gruber said. "If you bring critical science together, talented team members together, government, academia, industry, public health officials—you can achieve what was previously the unachievable."
- The Pfizer-BioNTech COVID-19 Vaccine has not been approved or licensed by the Food and Drug Administration (FDA), but has been authorized for emergency use by FDA under an Emergency Use Authorization (EUA) to prevent COVID-19 for use in individuals 12 years of age and older. The emergency use of this product is only authorized for the duration of the emergency declaration unless ended sooner. See Fact Sheet: cvdvaccine-us.com/recipients.