back to article US Senator snaps on glove, probes insecure IoT toymaker CloudPets

Spiral Toys, makers of the insecure Bluetooth-connected stuffed animals dubbed CloudPets, is being grilled for information by a US Senator. On Tuesday, Bill Nelson (D-FL), ranking member of the Senate's Committee on Commerce, Science and Transportation, sent Spiral ten questions demanding answers about the security of its …

  1. Your alien overlord - fear me

    Finally

    Someone is thinking of the children.

    1. Anonymous Coward
      Anonymous Coward

      Re: Finally

      Come on Barbie, let's go Stasi.

  2. Anonymous Coward
    Anonymous Coward

    Reap the Whirlwind...

    IoT peddler fucks!

  3. Anonymous Coward
    Anonymous Coward

    I'm glad I've no money...

    Life has become simpler. Because really, who needs a Smart-TV, Android-Smartphone or Apple-iPad, that Hackers can slurp for ID Theft / extort ransoms to unlock. All compliments of zero-days from the CIA / Wikileaks!

  4. MachDiamond Silver badge

    Risk vs. Reward

    Proper IT security can be expensive and take a considerable amount of time to implement and test. The C-Level parasites are having none of it since it cheaper to get bulk credit monitoring after the class action law suit. Even easier is to form a company that will be dissolved after shipping out a hundred containers worth of the toys. They just take the tech with them and some of the better engineers and start a new company that will make the next thing with poor security for a quick bit of dosch. Lather, Rinse, Repeat.

    1. Voland's right hand Silver badge

      Re: Risk vs. Reward

      make the next thing

      It will not make anything. The whole scam works solely because of contract manufacturing. You do not make anything. If you made something, you would have had tangible assets and it would have taken some time for you to execute a "submerge and re-emerge elsewhere" routine.

      The only way of dealing with these in the age of contract manufacturing is to make resellers liable for the tat so that we do not have the banned German batch of toys banned by the regulator re-appearing in UK Entertainer at a "sales" price with the floor staff setting them up for a pre-setup "Mommy buy me this fluffy one" ambush.

      Presently, while the reseller is liable for traditional law issues such as fire and health and safety they have little or no liability for the digital bits. They can shrug and say - it is not a service offered by us, deal with the company offering it. This should change with the reseller being fully liable for any digital service bundled "at the moment of sale" with the goods they are selling.

      This is not limited to toys by the way. The situation is the same with cameras and other tat. If you successfully slag them off in let's say an Amazon review (which I have), the result is that they put the tat on sale (so more people get it).

      1. Doctor Syntax Silver badge

        Re: Risk vs. Reward

        "they have little or no liability for the digital bits"

        Are there any precedents either way on this?

      2. Anonymous Coward
        Anonymous Coward

        Re: Risk vs. Reward

        You, mean, on PCs and Servers too? The HW manufacturer would be liable for bugs in the bundled OS?

        That would make life interesting.

      3. MachDiamond Silver badge

        Re: Risk vs. Reward

        Retailers, especially small shops, don't have the expertise to safety/security test items. They buy a load of stuff from a wholesaler to put in their shop and that's all they know. The people at the £ shop can barely tie their own shoes.

  5. John Smith 19 Gold badge
    Unhappy

    "whether the Children's Online Privacy Protection Act applies to Spiral Toys"

    You've got to wonder is the Senator being rhetorical or does he genuinely not know?

    Because I'm pretty sure that putting a lot of childrens data online with effectively no access control would breach their "online privacy" quite a lot.

    1. Bandikoto

      Re: "whether the Children's Online Privacy Protection Act applies to Spiral Toys"

      He's indicating that he can be paid either way. "Paid"? I meant "swayed". Stupid autocorrect.

  6. Anonymous Coward
    Anonymous Coward

    D-Day for the GDPR is May 2018.

    Once this takes effect, I think there will be a lot of rubbish like this toy pulled from the market either by choice or because the manufacturer has gone bust after being hit with seriously heavy fines.

    Fines of 10Million Euro or 2% of their annual world-wide turnover should hopefully put a stop to this.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon