"Hacking" the Cayla doll

I put the hacking in quotations--because the Cayla doll really does not need real "hacking" to make it say naughty things... I am creating this post because the Cayla doll is soooo very non-secure. It can communicate with your child and make basic internet queries--but has NO encryption on data and NO password! Anyone with the App can bluetooth to any Cayla doll.

I discovered this to my astonishment--and dismay--when I purchased one in order to demonstrate how dangerous the Internet of Things can be to children.

The first thing you need--is the doll. They retail around 50 to 60 dollars at Walmart.
The second thing you need--is the Cayla app.

Step 1: Bluetooth with the doll after downloading the Cayla app.

Step 2: Select the 'Settings' icon. Click the icon that looks like a face.

Step 3: Override the default values. As soon as you click 'done', the doll will say whatever you type. It has a crude filter against bad words, but you can override that by simply sounding out the bad words phonetically. For example, biatch sounds EXACTLY like the other b word. (entries below are strictly for example purposes).

And it really is just that simple... kinda scary, when you think about it...

Tune in next time on the Internet of Things, toy edition--when we hack the iBarbie. Lets hope its not as easy as "hacking" the Cayla was...