“Look, you stay here; I have to go tinkle” – Andy, “Child’s Play,” United Artists, 1988
We can’t say we weren’t warned.
Elon Musk (Tesla), famed astrophysicist Stephen Hawking, Steve Wozniak, co-founder of Apple and thousands of others have warned about the dangers of AI (artificial intelligence) implementation and how it could evolve to a point where humanity couldn’t control its own destiny.
But how do you jump start the movement and get to that point?
You could start by wildly running around telling everyone that it’s going to be the next big benefit to civilization like IoT (Internet of Things), smart cars, smart homes; and leave it to us to fumble with the integration/implementation
Or you do what Apple/Jobs did when you were young to build that love/hate relationship millennials have with the Mac, iPhone and all things Apple.
Grab the kids in their formative years, make ‘em go home and scream/holler/throw fits if they didn’t have a Mac to work on at home.
Your folks bought you one just to shut you up!
Now, you’re the mom and dad…
Congratulations. You (and millions of other parents around the globe) may have helped your kids take the important first step in accepting non-living/breathing devices as the natural order of things.
People haven’t really figured out why we need everything connected to everything else; but it’s cool, we can do it, so why not?
But the kids “needed” those toys.
So Santa, St. Nicholas, Saint Nick, Father Christmas, Kris Kringle and Santy delivered.
Even before the gifts were unwrapped and the range of apps were downloaded, reports emerged that the designers, developers and management didn’t really think through all of the data that they were gathering, what they needed it for and how would they protect it.
But what’s to worry about … they’re just kids and fer gawd sake, they don’t know any State secrets.
The most they can do is give the toys their name, age, where they live, their password, photos of themselves/friends/family, their mom’s and dad’s names, what they do, things like that.
But the new smart toys needed that information to carry on an increasingly meaningful conversation with the kids so they would be a more important part of their lives and an almost real part of the family.
You know, just like Siri, Google Voice and Cortana; with time, the toys/dolls would be their own personal assistant and friend.
Over time the dolls and toys could even suggest other Mattel, Vtech and other toy company products the kids might want/need.
Just think, their very close, very personal “friend” could advise the kid how to think, what to do.
Innocent But – Mattel’s Talking Barbie wasn’t inexpensive at $75 this past Christmas but then she could do more than ever before like talk with your child. And she was smart – could learn to exchange information and ideas with your kid. The only problem was she could also share that information with others who hacked her through the cloud. Bad Barbie, Bad!
And it wouldn’t reprimand them!
Now that’s a good friend!
To protect that information so it can be mined it at a later date, the toy companies used the kind of security they were comfortable with, which it turns out is none too good!
And sure as hell, if there is information out there in the cloud, someone is going to figure out how to get it … and use it.
Just ask Sony Pictures.
So with buggy software and their ill-protected cloud data, toy firms’ security was breached, information was sucked out of the cloud – an estimated 6.4M files from Vtech and who knows what from Mattel’s internet-connected doll.
There’s no limit to the information the doll/toy could gather.
Concerned – Youngsters are innocent, impressionable and trusting. While you like to see those great traits in your children, it also means that online devices and interactive toys/devices are connected to the cloud and susceptible to hacking and personal information theft which worries most parents.
Just imagine what devious, deviant people could do with the information on your household or your kids.
Of course, the companies should have known better because even the best security is always two steps behind the hackers, whackers and thieves. And once that information, those images have been released to the world, it’s out there … forever!
The folks who developed the intelligence-gathering software and cybersecurity incident-response teams said they were busy right through the holidays adding patches and patches on patches.
Sorta’ like Windows 10 updates.
Of course, Oren Jacob, CEO of ToyTalk (folks who handle Hello Barbie’s cloud), was very reassuring to the parents who got their kids the doll, “No user data, no Barbie content, and no major security nor privacy protections has been compromised to our knowledge.” (emphasis “our”)
These aren’t the first hacks and breaches … and they won’t be the last.
Thousands of highly trained, dedicated security folks will tell you it’s a tough, fulltime job that requires thinking around the corner to protect the company and the consumer.
“Taking security seriously is something you need to do before a data breach, not something you say afterwards to placate people,” said Troy Hunt, a Microsoft MVP for developer security.
As TrendMicro noted, it has to be designed in at the beginning, not bolted on as an afterthought.
Smart Toys – Before, toys were dumb. Kids played with them, talked to them; and with some, had cute little recorded comments they would make. Increasingly, manufacturers are designing in more intelligence, more capabilities and the ability to interact with the cloud for “added services, capabilities.” The problem is privacy and security are second thoughts with most firms.
In the US, the Children’s Online Privacy Protection Rule (COPPA) is designed to regulate how much data is collected on children and the EU (European Union) is now aggressively addressing the issue.
Now that more and more youngsters’ data is stored (available) online, it’s adding a new dimension of concern among cybersecurity experts.
Companies – all companies – have to think long and hard about the data they collect/store and weigh the risks of what happens when the data is stolen.
As Amazon, MS, Apple and others that provide end-to-end services like the children’s toys/devices know, it’s a complex business (damn tough).
And it requires a significant investment few firms think about doing at the early stages; which frankly, is why most firms entrust that work to the major cloud service providers who have done the early and ongoing investment.
As more educational toys and tools go online, the hacks and breaches will affect kids in ways we can’t even imagine now.
Today, they are in the formative years and they trust adults – especially parents – almost implicitly. And they probably trust their dolls and toys since they share so much with them!
Super Smart – With the industry’s rush to the smart home and personal robots, it’s only natural that youngsters would want their own private companion. The challenge is the toys learn by interacting with the child and that information is stored in the cloud where people try to protect it.
O.K., so that’s a stupid (but getting smarter) toy; but what about all of the IoT stuff being promoted (that you purchased over the holidays)?
Individually, they may have strong safeguards built in; but what about the master vision where they all talk to all of the other connected devices?
Then, as we speculated at the outset, this young generation will have grown up with increasingly advanced interactive AI-based things.
So they will be the norm rather than the exception.
Andrew Moore, dean of the School of Computer Science at Carnegie Mellon University, noted, “I actually do think this is a valid concern and it’s really an interesting one. Sometime we’re going to have to think about it.”
O.K., not me because I’m going to do some relaxing binge movie viewing – the Terminator and Robocop series, 2001, THX 1138, Ex Machina and maybe a couple of other good Sci-Fi films.
After all, I agree with Chucky, “You got me into this, you get me out!”