An 11-year-old boy from Austin and his teddy bear stunned hundreds of security experts at a cyber-security conference in the Netherlands, by hacking into their Bluetooth devices. Sixth grade's student Reuben Paul hacked the Bluetooth devices of the audience at the conference in order to manipulate his robotic teddy bear Bob to show the experts how interconnected smart toys "can be weaponised", reported The Guardian.
"From airplanes to automobiles, from smartphones to smart homes, anything or any toy can be part of the Internet of Things (IOT)," said the little "cyber ninja" pacing the huge stage at the World Forum in The Hague."From terminators to teddy bears, anything or any toy can be weaponised," said little Reuben.
To demonstrate what he said, the 11-year-old genius deployed his cuddly bear that connects to the cloud via wifi and Bluetooth to receive and transmit signals aka messages.
Plugging into his laptop a device "Raspberry Pi", Reuben scanned the hall for available Bluetooth devices and to everyone's amazement including his own, suddenly downloaded dozens of numbers, including some of the top officials'. Then using Python, a computer language, he hacked into his bear via one of the numbers to turn on one of its lights and record a message from the audience, reported the publication.
"Most internet-connected things have a Bluetooth functionality ... I basically showed how I could connect to it, and send commands to it, by recording audio and playing the light," Reuben told AFP after the conference. "IoT home appliances, things that can be used in our everyday lives, our cars, lights refrigerators, everything like this that is connected can be used and weaponised to spy on us or harm us."
He also said that it can also be used to steal personal information and to remotely spy on kids or to find out where exactly a person is by manipulating GPS. The more scary part is, a toy could say "meet me at this location and I will pick you up", Reuben said.
"He has always surprised us. Every moment when we teach him something he's usually the one who ends up teaching us," said Reuben's father information technology expert Mano Paul to AFP. Despite knowing Reuben's early-age IT skills, he was "shocked" to see the vulnerability that his son had revealed of children's toys. "It means that my kids are playing with time bombs, that over time somebody who is bad or malicious can exploit," said father Paul.
Reuben, who is also the youngest American to become Shaolin Kung Fu black belt, has now set up a CyberShaolin non-profit organization with the help of his family. The aim of it is "to inform kids and adults about the dangers of cyber-insecurity", Reuben said, adding he also wants to press home the message that manufacturers, security researchers, and the government have to work together.
Reuben aims to study cyber-security at either CalTech or MIT universities and then use his skills for good.