An 11-year-old boy talks about "the toy to be a weapon" by hacking the teddy bear


ByBjörn LáczayT

11-year-old boys Ruben Paul, who attends Austin Texas School, participated in a cybersecurity-related conference in the Netherlands and surprised hundreds of audiences. Paul went by is hacking of a teddy bear connected to the Internet, through thisInternet of things(IoT) appeal to the dangers of terminals.

Boy, 11, hacks cyber-security audience to give lesson on 'weaponisation' of toys | World news | The Guardian
https://www.theguardian.com/world/2017/may/17/boy-11-hacks-cyber-security-audience-to-give-lesson-on-weaponisation-of-toys


In an Cyber ​​Security Conference held at the World Forum Convention Center in Den Haag, the Netherlands, an 11-year-old boy, Ruben Paul, said, "From an airplane to a car, a smartphone, a smart home appliance or even a toy It can be IoT until then, and these can be weapons. " In addition, Paul connects to the cloud via Wi-Fi and Bluetooth and demonstrates his idea using a teddy bear that sends and receives messages.

"Raspberry Pi" is connected to the notebook PC brought in by Paul, and I used this to scan the Bluetooth terminals present in the venue and download the data to those terminals. And it seems that we demonstrated demonstration of using "Python" which is one of the programming languages ​​to hack the teddy bear and light up the light and record the voice.


Ruben said, "Most of the terminals connected to the Internet have Bluetooth capabilities, but I can connect to these terminals and send commands to record and play back sounds like cars, light bulbs, Anything that you use in your daily life, such as a refrigerator, can be anything IoT, and these can be easily transformed into "weapons" for peeking and harming people's lives. " It is.

It is possible to steal personal information such as passwords from a remote place via IoT, to monitor who is where you are by using GPS, to hack teddy bear and to talk to a child saying "Let's meet at ○ ○" Paul is insisting.

In February 2017 it was discovered that there were millions of recorded data leaked from a stuffed bear actually connected to the Internet.

Bear stuffed animals playing voice messages through the cloud leak millions of recorded data - GIGAZINE


Also, the incident that IoT terminals were hacked by attackers and misused was also a big topic in 2016.

The DDoS attack of unprecedented history of 1 terabit per second occurred, the attacker hacked 145 thousand webcams hacked - GIGAZINE


Paul's father is an expert on information technology, Paul started to teach him about IT-related skills since he was 6 years old. Paul, who heard a brief explanation of how his smartphone game is moving from his own father, sometimes figured out an algorithm similar to the popular game Angry Birds. When such Paul hacked a toy car for the first time, his father, Mano Paul talked in AFP's interview that he was "shocked" by too poor weakness that exists in children's toy program I will.

Paul is aiming "to appeal to the dangers of cyber security towards children and adults" and says that manufacturers, security researchers, and governments want to disclose messages that would force them to cooperate.

Paul is 11 years old and a non-profit organization for disseminating knowledge and skills on cyber securityCyberShaolinI am serving as the representative of.

in Security, Posted by logu_ii