fbpx
Contact Us

Is Your Baby Monitor, TV or Sex Toy Spying on You?

Go Back

Unfortunately, even your baby monitor can be wide open to being hacked and actually some of the creepiest attacks occur here. Just over a year ago, a couple in New York experienced an awful encounter. For the past few weeks their 3-year-old was telling them he was afraid of the ‘man in his monitor’ but they just brushed it off as bad dreams, that was until, one night they heard for themselves the man’s voice coming from his room. Creepily, they heard it say “wake up little boy, daddy’s looking for you”. Then as they rushed into their child's room, the voice from the monitor said, "Look, someone’s coming…"

Houston resident Marc Gilbert heard a man calling his 2-year-old daughter a "moron" and "little slut" through the baby monitor in her room. Even more worryingly, he heard the voice address her by name “Allyson” as it was written on her bedroom wall. The hacker started hurling abuse and swearing at the parents when they entered Allyson’s room.

Why do people do this sinister past-time?

Beats me but rest assured they do. Hackers use websites like Shodan to find vulnerable IoT devices on the internet to prey on. There are even subscription-based websites now where anyone can sign-up and purchase access to insecure devices, gaining a window into the private lives of completely innocent families anywhere in the world.

Of course, you can always use a non-Internet-connected device for your baby monitor. However, I would argue this is unnecessarily cautious and you miss out on all the awesome functionalities that being internet connected brings! All you need to do is follow a basic checklist when using and purchasing these kinds of devices. This checklist I’ve included at the end of this section so read on!

One baby monitor I recommend is the Levana Video Monitor (£56) – their range of baby monitors are all equipped with ClearVu Digital Signal, which was developed exclusively by Levana for security purposes.

Top Tip: if possible, pick a monitor that uses a technology known as Frequency Hopping Spread Spectrum (FHSS). This technology automatically switches signals in an effort to avoid eavesdropping.

Monitors that have had significant security issues in the past are;

• iBaby M6 and M3S models
• Philips In.Sight B120/37 All Models
• Summer Baby Zoom WiFi Monitor and Internet Viewing System
• Lens Peak-A-View
• Gynoii
• TrendNet WiFi Baby Cam TV-IP743SIC

Voice-Activated-Stuff

Many products nowadays have voice recognition controls – smart TVs and watches, Amazon Alexa, Apple’s Siri, Microsoft’s Cortana, the Honeywell Thermostat, Vocca Lights, Ivee alarm clock, the LG Vacuum cleaner...To enable this functionality, the companies that use this technology need to be listening in on all conversations in real-time, to detect if you’re addressing the product or if you’re just nattering to your Gran about how your new calligraphy hobby is getting on. As such, your conversations are stored and shared with third parties for further analysis, further increasing the risk they’ll lose our data.

A new Barbie came out recently called ‘Hello Barbie’. It uses WiFi to combine normal doll Barbie with the voice activation features of Siri. ToyTalk, the manufacturer, states the voice recognition system has been calibrated to children’s’ speaking voices and is able to respond with tens of thousands of different responses. Children can in effect have a conversation with their new toy. The Campaign for a Commercial-free Childhood however have expressed their concerns stating “I would be very concerned that my child’s intimate conversations with her doll were being recorded and analysed…Barbie asks many questions that would elicit a great deal of information about a child, her interests and her family.”

These products are increasingly popular as they save a lot of time for the user navigating complicated on-screen menus. They also have fantastic applications for the disabled or people with learning difficulties. If you do have a product like this, just ensure you check the privacy settings and via a quick google search, whether that product shares your data with any third parties.

Why is this important? Well, the risk isn’t all hypothetical. Recently published documents by Wikileaks provide details on a program called "Weeping Angel" designed by US and UK Intelligence Agencies (CIA and MI5, respectively). The program designed a cyber-attack that would make Samsung smart TVs look like they're turned off when, in fact, they're not. This would enable them to eavesdrop on conversations without the home owner knowing about it! These two governments claim this kind of attack wouldn’t be used against innocent US and UK citizens, however, who knows for sure? Recent controversies over state-sponsored spying by the NSA, CIA and MI5 intelligence agencies makes you question things a little.

What’s more, companies may be obligated to hand data over to the police and law enforcement if they deem it to be of interest. Full transcripts of conversations you have in the comfort of your own home could end up being used against you! Somewhat unlikely in my opinion, but possible. If in doubt, go into the settings of your Smart TV and disable voice recognition. My thoughts are this…how inconvenient is a TV remote really?!

‘Private’ Devices

Anything we use or have around us during intimate moments are particularly important to lock down. For example, WiFi enabled video cameras used to record us having sex, sex toys that are WiFi enabled (yes, they do exist!), fertility monitors and fitness trackers would all fall into this category. In late 2016, ‘Standard Innovation’ who are makers of We-Vibe smart sex toys found themselves facing litigation over the illegal (un-consented) use of highly intimate customer data. The class action lawsuit resulted in the company settling outside of court for a whopping £3.1million!

The We-Vibe products included Bluetooth-enabled vibrators that linked to their app. This meant that the vibrators could be controlled from a smartphone, allowing the user or a partner to vary rhythms, patterns and settings anywhere in the world! However, some found that the apps were collecting information on the use of a devices’ vibration settings, temperature and duration of use without notifying customers or getting their consent to do so. The usage information collected was directly attributable to user accounts (real names) - a clear breach of privacy. If this became public information, it could be devastating for those involved.

Everyone needs to assess their own risk for these kinds of intimate products on a case-by-case basis. I would argue that some information need never be shared and that often, the information shared is much more for the companies benefit (for product development and marketing purposes) than it is for ours. Hopefully, now armed with the awareness of what is possible, you are now able to make an informed choice.

What can we do about it?

When using any IoT device, sticking to a handful of general principles will help ensure our information remains as private as possible;

  • Change the default password. The instruction manuals of the particular devices should provide details on how to do this – if not, again google it for your product.
  • Turn off remote access. If you actually never use the remote functionalities of a particular device, then turn it off. This means it could never be used against you!
  • Secure your home WiFi. This is how IoT devices connect to the internet – we want to ensure your main ‘gateway’ to the internet is secure (see chapter Home WiFi Security).
  • Use a Passphrase for the Online Account. If the device uses storage in the cloud (which it likely does), ensure you use a strong passphrase to secure that account. Most breaches are from hackers getting into the online account associated with IoT devices, rather than getting access directly to the device itself.
  • Selective Purchasing. When buying new devices, check the technical details and ensure a sufficient level of network encryption should be used. Choose devices that use something called WPA2 and 128-bit encryption as a minimum.
  • Be aware of IoT devices that capture sensitive information. Be especially aware of using in-home CCTV or anything that records you in your own home. In-home CCTV will without a doubt capture things you wouldn’t want prying eyes to see, e.g. you (or your kids) simply getting changed. I suggest steering clear of home interior CCTV altogether unless there is a specific and pressing need. If you need CCTV stick to the traditional offline wired version. If you absolutely must get an online version I would recommend the Netgear Arlo Pro (£300).
  • Avoid any devices that purport to secure our physical security, such as door or window locks – stick to traditional non-internet connected products for now. The increase in convenience for me does not outweigh the risk it poses to our family members.

Which IoT devices do you use and do you secure them? Let me know in the comments below!

1 thought on “Is Your Baby Monitor, TV or Sex Toy Spying on You?

  1. deluxtoys says:

    This is nice post which I was awaiting for such an article and I have gained some useful information from this site. Thanks for sharing this information.

Leave a Reply

Your email address will not be published. Required fields are marked *

Hacked Social Media Recovery Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips. You of course can unsubscribe at any time.

Free Protection Checklist!

Pop your email into the form below and we'll send you the link to your internet safety protection checklists!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Free Cyber Bullying Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips occasionally. You of course can unsubscribe at any time.

Free I've Been Hacked Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Top