Skip to content

Fisher Price’s Chatter toy has a privacy issue

  • by
  • 3 min read

If you’re shopping around for Christmas gifts for a kid and have come across the Fisher-Price Chatter Special Edition, you might want to give it another thought before you set out to find a vendor to get this in time for Christmas. The device’s latest “special edition” adds Bluetooth connectivity and a speaker to the brightly colour dialer phone, which uses Bluetooth classic without secure pairing, meaning it can agree to just about any pairing request.

Security firm Pen Test Partners have released a report highlighting some pretty gaping security flaws within the device. Since anyone within range can pair with the device, it can rather easily be used as an audio bug instead of a toy that brings back childhood memories.

The flaws here are similar to the ones previously found in “My Friend Cayla”, another Bluetooth enabled toy that could be made to swear easily. Mattel has said that their toy is meant for adults and not kids; however, the kindergarten grade security implemented here doesn’t sit well with that excuse.

In the News: OnePlus 10 Pro is expected to launch in January 2022


Good toy, bad toy?

According to Pen Test Partners’ report, if the phone handset is left off, it’ll auto-answer phone calls coming in on the connected device, turning the toy into a bug with ease. Additionally, the Chatter phone can also be made to ring, meaning an unsupervised child might as well be able to answer the phone and talk to a stranger. 

Pen Test Partners ran the test in collaboration with TechCrunch’s Zack Whittaker, who ordered one on their behalf. Currently, the best mitigation is to turn the toy off when not in active use. The toy doesn’t enable audio unless the receiver is picked up or the speakerphone button is pressed; however, that isn’t sufficient mitigation for two reasons.

Fisher-Price’s new toy can cause a lot of havoc.
  • If the Chatter phone is turned on but the reciever is knocked off (a likely scenario if a child is playing with it), it’ll automatically answer any incoming calls, becoming an audio bug in a second.
  • Additionally, the phone rings when a paired smartphone gets a call. An attacker could pair a phone with the Chatter to ring it, and use a second phone to call the paired device, establishing two way audio.

Despite the audio flaws, the device has already been sold out in the US, the only market it went on sale (thankfully). Pen Test Partners have called out Mattel and Fisher-Price, openly asking them how did they not choose to implement a more secure pairing process. 

In the News: DuckDuckGo’s Desktop app is coming later this year

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>