Not a month after it's release and researchers have found new problems with the security of the IoT Hello Barbie.
Researchers at BlueBox, a software company, have found new vulnerabilities with the doll and the associated applications and software that the doll uses, making it vulnerable to a good mauling with a POODLE attack.
The Wi-Fi connected toy is meant to be able to have conversations with it's owner. When said owner speaks to the doll, Hello Barbie connects with a server which generates an appropriate response and send it back to the doll.
The doll was quickly called out by privacy experts last week as lacking appropriate security measures to protect the device against remote hijacking.
The apps for both iOS and Android that help control the Hello Barbie, according to Blue Box's research, use authentication credentials “that can be reused by attackers”. The apps automatically connect their host phone to unsecured Wi-Fi networks if it has ‘Barbie' in the name.
The servers were discovered to be vulnerable, too. Not only can the credentials be used outside of the application but the server domain used to receive and send commands from the dolls sits on a cloud infrastructure vulnerable to the POODLE attack.
The POODLE (or the Padding Oracle on Downgraded Legacy Encryption) attack targets browser-based communication that relies on SSL 3.0. While SSL has largely been replaced by TLS, browsers will look for SSL when TSL is unavailable.
In regard to the new and improved Barbie, the POODLE attack, says BlueBox's report, would allow “an attacker to downgrade the security of the connection so that they can intercept and listen to the communications to the server such as the uploaded conversations,” essentially turning the Hello Barbie into a bug.