Posted on

Cayla, A Living Doll from the Twilight Zone

Cayla, a computer driven talking doll, uses technology similar to that behind Amazon’s Alexa, Microsoft’s Cortana, Apple’s Siri, and Google Home to construct a toy that simulates a living friend for a child. Unfortunately, some believe that Cayla may be the embodiment of the murderous Talky Tina of the fifty-year-old episode of The Twilight Zone, The Living Doll.

In Germany, Cayla has been declared a banned surveillance device. Selling and even possessing a Cayla in Germany is illegal. The doll’s communication capability must be permanently disabled to make it legal in Germany. Also, several groups in the US have launched an action to have Cayla sanctioned under the Children’s Online Privacy Protection Act (COPPA).

I’m not here to advocate that these government and legal actions are justified or not justified, that’s for individuals to decide for themselves, but I think anyone who is concerned about cybersecurity should understand some of the issues involved. We are likely to see many more products like Cayla appearing on the market. Some will be for children, others for teens, and many aimed at adults. Some will be great, some exploitative, and some will, no doubt, be just plain shoddy.

So let’s take an engineer’s look at Cayla. The complaint document sent to the Federal Trade Commission is against Genesis Toys and Nuance Communications and was lodged by the Electronic Privacy Information Center and Consumers Union, among others. Genesis Toys is a Hong Kong corporation that developed the doll. Nuance Communications is a US corporation that retains and processes data collected by the Cayla doll. The exact relationship between Genesis and Nuance is not clear to me, but they are two separate corporations.

Cayla’s architecture is fairly simple. The doll itself is the equivalent of a Bluetooth headset that acts as a microphone and speaker for an app that runs on a smartphone, like an iPhone or an Android. The app communicates with a cloud service that supplies computing and storage resources that power Cayla.

This architecture has issues. Bluetooth headsets are insecure. I mentioned in a blog a few months ago that the NSA has banned commercial Bluetooth headsets for classified or confidential information. Here. A criminal hacker would not have much trouble listening in on a child’s conversations with Cayla and interjecting their own questions and suggestions. Imagine a pedophile speaking through Cayla suggesting to a three-year-old that they meet out in the street. The Bluetooth standard says the protocol is good to ten meters (30 feet) but special equipment can extend the range substantially. Also, Bluetooth signals, essentially the same as Wi-Fi, penetrate walls.

Even in isolated spots where Bluetooth intrusion may not be a consideration, Cayla has vulnerabilities. The FTC complaint points out that Cayla is programmed to promote certain commercial products, such as movies. In addition, the information that Cayla collects, like names, locations, favorite foods and toys, etc., is stored in the cloud. The Genesis Toys privacy policy states that this information is kept and analyzed by Nuance Communications and may be shared. I should note that while I was writing this blog, the posted Genesis privacy statement was changed. You may want to check it for yourself.

Cayla simulates conversation, answers and asks questions, and can, or potentially can, do all of the things Alexa, Cortana, Siri, and Google Home can do: order pizza, open the front door, adjust the thermostat, call for an Uber. The list gets longer every day. Cayla can’t do all these things now, but the technology she is built upon can. Cayla’s limits are set by the discretion of Genesis Toys and Nuance Communications. Parents may want to be certain that controls are in place that will prevent their three-year-old from ordering a dozen pizzas or their ten-year-old embarking on a trip to Aruba. I don’t suggest that Cayla is likely today to cause these things to happen. Rather, parents should be aware that these new products make such mishaps possible.

Like the living doll on Twilight Zone, Cayla is a new technology with unexpected powers and these powers can harm us if they are not used properly.

In another blog, I plan to discuss the steps I would take when deciding whether I want a product like Cayla in my home. These products have amazing potential for improving our lives and could be more fun than a barrel of monkeys for our children. But they can also be dangerous. You should choose with knowledge and good judgement.

Posted on

3 Rules for Smartphones

Your Smartphone is vulnerable to crime like all other computers, but the danger points are a little different.

Basic rules for Smartphone safety

These are the basics. Following these rules will drastically reduce your vulnerability.

  1. Don’t lose it. Losing your phone is the most likely way to compromise your phone security. Using PIN, password, or fingerprint authentication for entry provides some protection. Combining authentication with encryption is stronger yet. But not losing you phone is the strongest of all.
  2. Add new apps with caution. A new app is the most likely source of malware on your phone. Malware does occasionally make it through the app store testing processes. Check out your sources and the app’s reputation before you download. Don’t rely exclusively on the app store reviews. If you must side load, be ultra-cautious.
  3. Scrape off the cruft. Remove any apps that you have never used or no longer use. New vulnerabilities appear all the time, so minimize your exposure. Bonus: a lean machine usually performs better. You can always reinstall if you find you need an app.

If you have the basics, there are further steps you can take.

Supplementary rules

These apply to situations that don’t happen as often, but you want to avoid.

  1. If your phone is set up to automatically use Wi-Fi instead of cellular connections when Wi-Fi is available, be aware that it may automatically connect to an insecure public Wi-Fi site.
  2. There are more ways to hack a cellular wireless connection than a wired connection. If you must exchange ultra-private information that you suspect a skilled intruder may be after, use a temporary phone or a land line that is not associated with you.
  3. The contents of your cell conversations may be secure, but who you called, when you called, the length of the connection, and sometimes phone GPS coordinates are routinely recorded both on your phone’s SIMM Card and on your cellular carrier’s equipment. This “metadata” does not have special legal protection and may be obtainable without a search warrant or even sold by your carrier. Check your carrier’s Terms of Service and Privacy Policy.
Posted on

Tax Refund Cyber Fraud

I’ve been thinking about tax refund fraud a lot this month. I was resolved that we would get our tax return in early this year so it would be harder for a scammer to rip off our refund, but not all the required documents have wandered in yet and so I sit and fret.

The FBI and the IRS are expecting more fraud than last year, and last year set records. I thought maybe folks would be interested in how the tax refund fraud business works. It is simple: a scammer sends in a fraudulent tax return in your name that nets a big tax refund. The scammer arranges to have the refund wired to his account instead of yours. Then the money vanishes and so does the scammer. When you file your genuine return, the IRS shows its unpleasant side until you can prove that you are the real Clem Kaddidlehopper.

How can the hackers do this? Tax refund fraud is big business. Like all big business, the work is divided up among specialists. Before the tax fraud can occur, the criminals have to steal your identity and steal or manufacture the documents to substantiate a refund that is worth the scammer’s effort and risk. Gathering the documents is the most difficult because it requires the most special knowledge and skill. If scammers have a genuine W-2 form for a victim, they are set. Those W-2s have everything they need.

But how do they get a person’s W-2? The old-school method was to steal them from mail boxes. Modern crooks reject stealing paper mail as risky and inefficient. Stealing W-2s electronically requires more skills, but risk is lower and the take is higher. This year, there have been a number of exploits recorded in which an employee in the financial or human resources department gets an emergency email request from what appears to be the CEO or other higher up in the organization. The request is for the electronic copy of all the W-2s for a department or the entire company. The employee complies and sends the files. Then they discover that the CEO’s email account has been hacked, or on close examination, the email was actually sent by an outside impostor who now has hundreds of juicy W-2s. This outside impostor could be operating from anywhere— onshore, offshore, makes no difference.

What happens then? The impostor might be a tax fraudster, although chances are good that the impostor is an accomplished social engineer who does not dirty his hands with tax fraud. Instead, the impostor goes to a dark net criminal sales site and sells the W-2s for prices that vary based on the amount earned. More money can be extracted from high-earning W-2s, so they sell for more.

The tax fraudster purchases W-2s that suit his fancy on the dark net, then fabricates deductions to extract a large refund from the IRS and files the return electronically. The fraudster’s job is to put together a return that is plausible enough to trick the IRS into believing it is genuine. Although there is word that the IRS has taken steps to clamp down on refund fraud this year, the service is also under pressure to get refunds out speedily, which limits the intensity of the vetting before a check is cut. The growing fraud numbers suggest it is not too hard for a fraudster to fool the IRS.

Good luck! And get those returns in early.

Posted on

Personal Cybersecurity Published

Last week, Apress released my latest book, Personal Cybersecurity.

Personal Cybersecurity is available directly from Apress and on Amazon.

A lot of people helped me with this book, many of whom I mentioned in the Acknowledgements, but there is a large group whom I did not mention. These are the people who attended the talks I gave at the Ferndale Public Library last winter. They have helped get me a real sense of what non-IT professionals need to know and how computing must be explained in order for someone without a professional background to understand the issues. They all get a big thanks from me.

With the help of my audiences, I hope I succeeded in writing a book that has enough technical depth that folks can understand the issues and make intelligent decisions rather than follow a set of rules by rote.

For those who are interested, I am giving the same series of talks at the Lynden Public Library. The remaining two talks are at 1:00p on Saturday January 28, 2017, and Saturday February 4.