1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The revamp of this classic Christmas toy has a serious Bluetooth

    From TechnologyDaily@1337:1/100 to All on Thu Dec 23 15:45:04 2021
    The revamp of this classic Christmas toy has a serious Bluetooth security flaw

    Date:
    Thu, 23 Dec 2021 15:33:00 +0000

    Description:
    Lack of secure pairing process means anyone could connect to the Fisher-Price Chatter phone with ease.

    FULL STORY ======================================================================

    Older readers will probably remember the Fisher-Price Chatter phone, a
    classic toy that almost always sells out during the holiday season. This
    year, however, buyers might get a little more than what they paid for - if
    not too much.

    As reported by TechCrunch , the newly "smart" edition of the Chatter phone came with a modern twist - the device is essentially a Bluetooth speaker , with a built-in microphone (and the essential wobbly eyes).

    That way, parents can hook it up to their mobile phones via Bluetooth, and chat away with their young ones for guaranteed hilarity.

    But the problem is - theres no secure pairing process. According to
    TechCrunch , anyone close enough can quite easily connect to the Chatter phone. As a result, Chatter can end up broadcasting audio from nearby smartphones and pick up on calls pretty much instantly. Investigating the claims

    In a statement, the devices manufacturer Mattel said the phone, will time out if no connection is made or once the pairing occurs it is only discoverable within a narrow window of time and requires physical access to the device.

    However, in TechCrunch s tests, the connection did not time out even after an hour. Mattel also said it was committed to security and that it would be investigating the claims.

    Ken Munro, founder of the cybersecurity company Pen Test Partners, who also tested the device, said the flaw could be leveraged by malicious actors or neighbors.

    It doesnt need kids to interact with it in order for it to become an audio bug. Just leaving the handset off is enough, said Munro.

    The first Chatter phone was released some 60 years ago, and while the old (Bluetooth-less) toys cost around $7, the new one will set you back $60. The device is battery-powered and lasts up to nine hours on a single charge, the company claims.

    You might want to check out our list of the best endpoint protection
    software right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-revamp-of-this-classic-christmas-toy-has-a- serious-bluetooth-security-flaw/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)