Final Post on Smart Toy Security and Privacy -16

Throughout the semester I have been researching Smart Toys and the associated security and privacy issues. In order to best understand this topic I started by establishing a working definition for smart toy and built up my understanding from there until I could grasp the intricacies of the security and privacy issues associated with smart toys. My personal favorite definition of a smart toy is was provided by Cyber Security expert Dr. Patrick Hung, he defines smart toys as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. Smart Toys belong to an emerging category of electronic devices known as “IoT” or Internet of Things. Although the term “Internet of Things” first appeared in the literature in 2005, there is still no widely accepted definition. One participant described the IoT as the connection of “physical objects to the Internet and to each other through small, embedded sensors and wired and wireless technologies, creating an ecosystem of ubiquitous computing.” Some examples of IoT devices are clocks, microwaves, radios, and TOYS. These types of electronic devices are becoming increasing sophisticated and are capable of providing technologically advanced solutions for their users with a variety of applications. In addition to internet and networking technologies, smart toys utilize a number of hardware and software assets to perform their operations, several of which have been linked to security vulnerabilities.  Continue reading “Final Post on Smart Toy Security and Privacy -16”

Household Security and Smart Toys -15

Smart toy technologies provide families with many new benefits including convenience, customization, and safety. In addition, more parents today are choosing connected toys for their children, either for play or for learning and development. Smart Toys popular in the current market connect to each other and to online platforms via Wi-Fi, bluetooth, or other methods to provide personalized or interactive experiences for children. While the potential benefits are considerable and include new opportunities for personalized and interactive play and learning concerns are being raised about whether such smart toys are collecting too much personal information may be used or shared, and whether it is secure. As connected toys become more popular and issues of cybersecurity rise in urgency, it is important for key privacy issues to be addressed. For toy manufacturers and industry professionals, these concerns are particularly critical because toys are used inside the most traditionally private location, the home, and may collect data from children. Trust is a crucial precondition for widespread adoption of connected toys. Parents must be satisfied that the digital products they invite into their homes will safeguard children’s privacy and keep information secure. Unfortunately for parents the technologies are becoming increasingly sophisticated making the task of providing sufficient privacy and security more difficult.  Continue reading “Household Security and Smart Toys -15”

Government Protection for Smart Toy Users -14

This semester I have been researching security and privacy associated with smart toys. Security expert and privacy advocate Patrick Hung defines smart toys as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. Smart Toys are capable of performing many exciting and interesting tasks that included video, voice recording, AI, and movement. These features may be capable of providing users with a satisfying experience but they come at cost, many the devices within the smart toys are vulnerable to security threats. Smart Toys are considered part of the “Internet of Things”, as the use of IOT devices has grown in recent years, many security and privacy experts have discovered vulnerabilities in these connected devices and revealed to the public that they are susceptible to hacking.  Continue reading “Government Protection for Smart Toy Users -14”

Smart Toys in the Household -13

Smart toys are a multibillion-dollar industry that is continuing grow rapidly. As More and more kids are interested in high tech toys offered by manufacturers, experts predict that revenue for smart toys will reach 8.8 billion by 2020. With so many smart toys entering households many parents have many questions regarding the safety of smart toys. After many notable smart toy security breaches many parents are concerned about their children’s privacy. Parents faces challenges providing proper security because they may not that the technical ability to secure the devices and they may not be aware of the inherent risks in specific types of technology. Unfortunately many toy manufacturers are making things more difficult on parents because they are collect, storing, and distributing data collected by smart toys often times with no information about how and why the data is being collected and where the manufacturers are distributing data. Continue reading “Smart Toys in the Household -13”

Governments role in securing smart toys -12

Throughout the semester I have been researching smart toys. Security expert and privacy advocate Patrick Hung defines smart toys as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. As the use of smart toys becomes more widespread a number a security vulnerabilities have come to light. In recent years there have been my notable smart toy security breaches with millions of private accounts compromised exposing address photos and voice recordings of children. As part of my research into this topic of have been looking at the different stakeholders involved trying to determine whose responsibility it is to protect the kids using smart toys. This week I have been looking into some the government has been taking to make smart toys safer. 

Continue reading “Governments role in securing smart toys -12”

Protecting Data in Smart Toys -11

This week for CST373 I continued research into the topic of Toys that use AI. In my research paper for the class I will be addressing the question, whose responsibility is to protect children’s data in toys? In previous posts I had wrote about the security and privacy issues related to this topic. For this post I wanted to explore the user’s responsibility. While searching through articles on this topic I came across a paper written by Patrick Hung, for the International Conference on Cloud Computing and Security, titled A Glance of Child’s Play Privacy in Smart Toys. In the paper Hung defines a smart toy as “ a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. A smart toy in this context can be effectively considered an Internet of Things (IoT) with Artificial Intelligence (AI) which can provide Augmented Reality (AR) experiences to users.” This study explores issues related to privacy requirements for smart toys. In the United States smart toys most comply to standards set by the federal trade commission in COPPA the Children’s Online Privacy Protection Act. In this study, the first assumption is that children do not understand the concept of privacy.

Continue reading “Protecting Data in Smart Toys -11”

Who is responsible for the data collected by toys? -10

The topic I have been blogging about is Artificial Intelligence in Toys, while writing the blogs I have been reading a lot of articles and watching a lot videos on this topic. One of the recurring themes in many of the articles and video are privacy and security concerns. There have been many notable security breach in the world of AI Toys, two of the most notable are VTech where 4,854,209 parent accounts and 6,368,509 related kid profiles were hacked, and spiral Toys, which had 2.2 million children’s voice recording and accounts hacked. Troy Hunt, a security expert credited with identifying the VTech security flaws, explains that many toys capable of performing AI functions, lack sufficient security and are vulnerable to hackers. Many of the same vulnerabilities that face the the internet of things face the “Internet of Toys”; microphones, cameras, personal data can be accessed giving hackers ability to match images, names, and the home address of children. Security expert Hunt explains that Hackers are able to gain control of toys through internet and Bluetooth connections giving them the ability to gain access remotely or in close proximity to the device. Continue reading “Who is responsible for the data collected by toys? -10”