At primary school, I loved my Tamagotchi: it moved, it beeped, it was almost like I could talk to it! Nowadays, kids can actually have conversations with their toys, and some toys are IoT devices, capable of accessing online services or of interacting with people via the Internet. And so to one of this week’s news stories: using a Raspberry Pi, an eleven-year-old has demonstrated how to weaponise a teddy bear. This has garnered lots of attention, because he did it at a cybersecurity conference in The Hague, and he used the Bluetooth devices of the assembled experts to do it.
— AFP News Agency (@AFP) May 16, 2017
Reuben Paul, from Texas, used a Raspberry Pi together with his laptop to download the numbers of audience members’ smartphones. He then proceeded to use a Python program to manipulate his bear, Bob, using one of the numbers he’d accessed, making him blink one of his lights and record an audio message from the audience.
Reuben has quite of bit of digital making experience, and he’s very concerned about the safety risks of IoT devices. “IoT home appliances, things that can be used in our everyday lives, our cars, lights, refrigerators, everything like this that is connected can be used and weaponised to spy on us or harm us,” he told AFP.
Apparently even his father, software security expert Mano Paul, was unaware of just how unsafe IoT toys can be until Reuben “shocked” him by hacking a toy car.
Reuben is using his computer skills for good: he has already founded an organisation to educate children and adults about cybersecurity. Considering that he is also the youngest Shaolin Kung Fu black belt in the US and reportedly has excellent gymnastics skills, I’m getting serious superhero vibes from this kid!
And to think that the toys that were around when I was Reuben’s age could be used for nothing more devious than distracting me from class…