Security Flaw Found in New “Must-Have” Star Wars Toy
- By Sydny Shepard
- Jan 12, 2016
A remote control toy featuring a character from the new “Star Wars” movie has been found to have software vulnerabilities that could allow hackers to take control of the device.
The new toy, a duplicate of the rolling droid, BB-8, is used by pairing up with a smartphone though Bluetooth. Once the phone and device are connected, the user can use his or her smartphone to control the device. The toy was a huge hit and has been a “must-have” ever since Christmas.
Security research company, Pen Test Partners, looked into the software that powers the toy and found that updates are sent unencrypted over the internet. That mean that, in theory, a hacker could install their own update on the toy.
There’s little chance of this hack happening, but the flaw is still there. The research company says that there is possibility that a hacker could modify the toy to move around on its own, or play different sounds.
The company that produces the toy, Sphero, is aware of the security flaw and has promised to update the Android software in the future. They hope that the BB-8 devices are kept up to date, meaning they can’t be hacked.
Sydny Shepard is the Executive Editor of Campus Security & Life Safety.