Blog: Android

Fight! Fight! Hello Barbie vs My Friend Cayla

consultant-placeholder10 Ken Munro 18 Feb 2015


Rather conveniently, a couple of weeks after we broke the swearing My Friend Cayla story, Mattel have announced ‘Hello Barbie’. In an effort to boost flagging sales, internet-enabling her ready for Xmas 2015 seems like a good move.

Mattel are partnering with ToyTalk who appear to be staffed by ex-Disney Pixar people, which bodes well.

Anyway, I don’t care about whether she sells; I care about whether she’s secure enough for our kids to play with, and whether the kid in me can make her swear.


Based on what I’ve discovered so far from t’interwebz, here’s how I think they compare. Some of this is of course pure speculation and can’t be confirmed until we get our hands on her.



No Bluetooth authentication to the smartphone/tablet & app. Makes her completely promiscuous, so anyone that is in Bluetooth range can connect to her. I haven’t spent enough time with Bluetooth de-auth to work out if we can connect to her at our convenience when she is already paired though.

However, that doesn’t matter much, as we can simply offer her a stronger BT signal than the intended phone at power on, using a high gain antenna, or after the child takes their phone out of range of the doll, forgetting to switch her off.

Whether we use the app to talk to the child, or simply use Cayla as a Bluetooth headset (mike and speaker) we still achieve the desired effect – control over what the doll says and hears. Scary…


No idea – it’s likely she will use a similar Bluetooth device concept. I sincerely hope that Mattel have a unique PIN per doll to secure the connection. Putting the doll in pairing mode also needs thought, or the ‘evil brother’ attack still works – they pair their evil device to the doll instead of the child’s device.

Talking to the dolls


Cayla does her audio-to-text processing on the smartphone. Makes sense – it’s usually faster. However, if she hears one of about 3,000 keywords for questions that she has in a local database, she will answer quickly from this.

Here’s the rub – it’s trivially easy to extract and modify the contents of the database.

Q: Hello Cayla
A: I’m good, how are you?

Q: Hello Cayla
A: <expletive>

Of course, you need high privilege on the phone/tablet in order to do this. Probably easier on Android, given how many devices run older ‘droid flavours.

However, how many 4-8 year old kids have strong PINs that only they know?

But even a strong PIN and secure device doesn’t really stop the attack: the app talks over a data connection to retrieve answers to questions she doesn’t know locally. It’s supposed to read the Wikipedia API, but a MITM attack over Wi-Fi is trivial if you’re geographically close to the doll & smartphone. The comms she makes are unencrypted, so proxy/modify it, or simply offer your own API to her.

There is a ‘bad word’ filter in the mobile app, but that only works for audio spoken TO her, or content she pulls from the API. It’s also trivial to remove words from the filter database

So, whichever way you cut it, Cayla will say whatever the attacker wants her to.


Barbie’s text processing is a little harder to figure out

ToyTalk already produce a few iOS apps that use their tech, such as SpeakaZoo.

Based on what I can find out there (which isn’t much), the audio processing seems to happen server side. That’s a good thing, as there is less potential for modifying a local database of responses.

Next, it should be easier to protect all speech data, as unlike Cayla’s local database, the data in transit can be encrypted.

Of course, that doesn’t necessarily stop a local attack with high privilege on the smartphone – it’s down to the app developers to protect their code from modification. Otherwise, you just point the app at different service and sweariness resumes.

BUT, and this is a big but: unlike Cayla, Barbie collates audio in order to drive improved responses. The server side audio processing and response engine looks pretty awesome, some cool AI is claimed. Parents can also create online accounts to interface with the engine in order to customise Barbie’s responses too.

That’s really neat, but opens up a whole new set of attack vectors that simply don’t apply to Cayla. I hope ToyTalk give the security of this web interface some really deep thought.

Parents would never re-use a password for that interface from elsewhere would they…

On top of that, Mattel will have a very interesting database of information. We trust them to keep that really secure and not to use it for marketing direct to our kids through their toys, right?


Fashion conscious Barbie also appears to be security conscious – her belt buckle is a push-to-talk device – she only listens when you want her to. That’s a relief – spangly buttons for the win!

So, next step is to have a look at the existing ToyTalk apps and figure out how they communicate. Watch this space.