When we speak about the Internet-of-Things, it is usually in terms of common appliances or maybe a smartwatch. This story, coming from WIRED and written by Lily Hay Newman, communicates a particularly scary case of abusing a devices internet functionality. Snoo, an electronic baby rocker for the mega-wealthy, rings in at around $1,300. The device is said to safely lull and rock babies to sleep, but researches have found that due to hardware vulnerabilities, the device is susceptible to hacks which could disrupt the devices normal intended behavior. While not overtly dangerous, the findings of the research firm show that in many cases, some devices just don’t nee to to be connected to the internet.
The article details the Snoo as a “smart bassinet” which was “designed specifically to combat sudden infant death syndrome”. To achieve this, the bassinet has limiters to both its rockers and speakers. The limiters however, can be bypassed, and the device can be forced to move and act in ways the developers had not intended. This is of course a serious issue seeing the user of the Snoo is an infant, who are fragile to being with. While the findings are not particularly dangerous, as I mentioned at the top, they are still quite shocking. The math works out that the when rocking, the attacks “measured peak g-forces exceeding 0.7 g at the neck, and 1.8 g at the forehead” on a dummy doll. This is more than double the g-force in both counts from normal operating standards. While the parent company describes this to something “experienced by a baby riding in a car on a bumpy road”, and the researches themselves admit there is not acute danger in the increased force, the question still remains as to why something this fragile is even capable of being hacked. On top of the rockers being hack able, so are the speakers. The hacked speakers are similarly limited to within “safe” ranges of sound. Happiest Baby Company, which is owned by a company who actually manufactures a far cheaper Snoo competitor, addressed the vulnerabilities, and quickly patched them out.
The deeper story is in the idea that a baby bassinet needed to be connected to the internet in the first place. While the company touts nearly full functionality when a switch is flipped by the user to cease all WiFi connections, the question still remains. The mass desire to have every aspect of our lives connected, leads to more potential for disruption from malicious hackers. Whether its a baby cradle, or an electric car, the threat will exist for not only obstruction but leaking of data when everyday devices are connected. Present in this story is luckily a company that wanted to act swiftly when a security error occurred, but many times this is not the case. I firmly believe, after writing more than one article review about this type of issue, that a complete overhaul of internet connectivity would need to occur to properly handle devices like this from being misused. This is very unlikely to happen, as the internet was never intended to be used the way we do, so I default to the boring but sane ideology that not everything needs to be connected online. It seems that in many cases developers are instructed to inset WiFi capabilities in the most asinine ways, if only to tout it as a “connected device” in a marketing campaign. Ultimately, the risk will begin to outweigh the benefit, and one day maybe sanity will prevail. Until then, we all just have to get used to the idea of Samsung knowing what’s in your “smart” fridge, or your baby getting shaken a little too much because you wanted to be able to use Spotify in your child’s crib. On paper the benefits of the connectivity may seem admirable, but we wouldn’t be talking about them if they were any less than far from it.
Source Article: https://www.wired.com/story/snoo-smart-bassinet-vulnerabilities-shaking-loud-noise/
Social Structures & Algorithms 