Electronic devices are no new thing. And receiving the latest gadgets for Christmas is a joy since it’s always fun to see what new things they can do to improve your life. However, today there’s a snag. Many connected devices are ‘always on’ and listening for the wake word which lets them know you want them to do something. While what they detect while they await instructions is deleted every few seconds, there is always a chance that your smart devices are vulnerable if you leave the settings as you found them out of the box.
The new electronics you received will likely have cameras as well as mics, and you’ll likely be putting them in every room in the house. Meaning that both your security and privacy can be compromised. While you’re not doing anything wrong in your own home when you think nobody is watching, there’s no reason why you would want any of that data falling into the wrong hands.
Home cameras are indeed marketed to parents with the understanding that, as well as a security device, you can use them to check up on the kids when you’re not home, see what the dog is doing, and maybe maintain surveillance over the babysitter when you go out. Keeping constant tabs on the dog while you’re at work might be considered a bit weird, but it’s your pet, do what you like. But understand that if your devices aren’t all properly secured they could be sharing that footage not only with you, but with anyone else with a yen to know about your daily routine along with a good view of your home and contents.
It’s not just the usual devices which need to be secured against hackers. There are several home hub touch screen and hands free devices which don’t have cameras built in and have security switches which can turn listening off manually so you know that when the switch is in the ‘off’ position it really can’t see or hear anything. Which is fine, but what about the other devices you’ve just bought which have both cameras and mics watching and listening at all times?
Robots! Robots Everywhere!
From robots both real and fictional to stuffed toys, dolls, drones, and watches there are a lot of toys and smart devices aimed at kids which have cameras and microphones fitted. Some of them rely on being able to ‘see’ and ‘hear’ what is going on around them to operate properly. Robot pets and augmented reality toys would be incredibly disappointing if they were to be rendered deaf and blind, but you should be aware that simply using the toys straight out of the box could be crippling your security.
When you plug the toy, gadget or smart enabled doohickey in, give it a name, but one that reveals as little information as possible. Then apply a long, complex password which is impossible to guess. We’ve covered security for new additions to your network in other blogs, covering passwords, permission, access to your contacts et cetera.
Connected toys can allow other devices to communicate with it, and your children. Consequently your children could also use them to communicate with other devices. If you want to stop this kind of data breach and intrusion into your privacy steps must be taken.
One of the advantages, and subsequent disadvantages of Bluetooth is it ubiquity. To operate properly items need to be able to communicate with others. However, if they’re not secured, anybody with a mobile phone can start sending it messages and instructions. If you can send a Bluetooth device instructions you can tell it to listen and send images to you while you’re within range.
We recommend these steps to ensure your child, and your security is not vulnerable to the bad guys.
- Before you give your child the device, read the instructions and description. Search online for new stories and reviews in which other parents have described the problems they may or may not have had with the device.
- Familiarise yourself with the manufacturer’s terms and conditions. They should exist to protect both the consumer and the maker, but often by agreeing to terms you could waive your right to complain if things go wrong. Consumer law is almost always on your side, but it would be a fight I dare say you’d rather avoid.
- Find out if it runs on wifi or Bluetooth technology. They are both easy to secure against other people, but both need to be locked via different methods. You may wonder if it’s any idea to connect the toy to the internet at all. Disconnecting it might remove its raison d’etre, it may make no difference at all.
- Does the device come with an app? They add richness for many games, but they also allow you talk to other players, buy additional skills, skins, dances and other premium services. Again, if they allow access to the internet, take care of security before you hand it over to the kids.
- When you’re setting up, remain circumspect. Only give the barest amount of information required, but treat it like gold! And if you have to hand over data to progress, consider using false information. If it wants birthdays for free rewards, brilliant! But that’s also a key security question answered. Consider using an easy to remember date such as December 25th or January 1st for all your family’s birthdays instead.
- Sign up to email marketing! This might be counter-intuitive as you’re opening yourself up to getting spammed, but the GDPR update should protect you from too much junk email and also means that you will be kept up-to-date regarding security issues, breaches, patches, product recalls and any other relevant news you’ll want to know about.
- Finally, consider keeping connected toys away from your kids so they can’t play with them unsupervised. This sounds draconian, but if your child understands that they can only play with the Smart toys while a parent is in the room they shouldn’t mind too much. It’s a great excuse for you to play with their toys too, and come on, admit it, you really enjoy it too! (And if you do take them away when not in use, make sure they’re properly shut down, and not simply set to stand-by.)