the IT city, the I.T. Baby


My Friend Cayla doll potentially allows anyone within 300 feet to listen/talk to your child

My Friend CaylaWe’ve talked in the past about the importance of understanding how to secure your web cams, but now the case can be made it’s also time to secure your kid’s dolls.

While this isn’t as big of a deal as people are making it out to be, if you live in an apartment complex your neighbors can connect to the dolls and listen or talk via bluetooth.

If you’re over 30 meters from the next house, you’re probably not really going to have to worry about it as there aren’t a lot of internet->bluetooth hacks you’re going to encounter.

The issue with the My Friend Cayla dolls is that anyone can connect to listen or transmit to the bluetooth speaker/mix without a password. This is generally not an issue. In the past it took someone looking, seeing the bluetooth speaker broadcasting, connecting, and hanging out to hear your goings on.

Currently however all it takes is knowing the MAC addresses that listening devices have and doing a sweep with something attached to a car, or any app that reports bluetooths encountered, and you can become a target.

This information is pretty easy to come by – app makers collect and sell any bit of data they can so when you’re playing GameX it might be transmitting all the Bluetooth and WiFi connections it can see as well as any data it has about you to the highest bidder.

Most companies have MAC addresses that are in a range – a MAC address is a unique identifier like a serial number in the format xx:xx:xx:xx:xx:xx that only exists on your one device. So anyone purchasing a list of geolocations that Bluetooths have been seen at in a certain range of addresses might just get your approximate location.

Knowing that you have this device gives the attacker some info on you. You’re probably middle class or above, have a girl or an open minded boy (not judging, I had a few barbies in my collection,) you probably have a decent idea when the kids get home based on when there’s activity so they know your schedule and when you’re home/not home.

All an attacker has to do is take a $25 Raspberry Pi, a $9 Bluetooth adapter, a $7 SD card, and a $20 solar panel and they can set up a recording device that dumps days worth of recordings to your potential attacker as they drive by.

Likely? No. Possible yes.

Should you panic? Just a little. Just that that doll is broadcasting an identifiable MAC address means anyone driving by sniffing probably knows you have a kid. However that information is probably easily available in other ways (Google Maps showing swingset in backyard, birth announcement in paper, hacked chain store databases, etc).

There an easy fix I’m trying to sell you? Nope. Fixes yes, but mostly behavioral.

While this doll is taking most of the focus, remember that anything kid-specific and Bluetooth is potentially subject to tracking. The doll was just available for in-room listening and talking back as well.


Paul King

Paul King lives in Nashville Tennessee with his wife, two daughters and cats. He writes for Pocketables, theITBaby, and is an IT consultant along with doing tech support for a film production company.