Hack Turns BB-8 Star Wars Toy to Dark Side

If you've seen Star Wars: The Forcefulness Awakens, then you lot know that the galaxy could accept been in very big trouble had BB-8, the oh-so-marketable astromech droid/rolling plot device, fallen into the wrong easily.

In real life, withal, the chirpy automaton may be easier to dispense than his cinematic counterpart. A lifelike BB-8 toy from Sphero lacks secure firmware update protocols, which could theoretically present a target to hackers (admitting a very, very mild 1).

The information comes courtesy of Pen Test Partners, a security firm based in Buckingham, England (about 40 miles from Pinewood Studios, where near interior scenes for The Forcefulness Awakens were filmed). The company tests all sorts of continued devices, and with a hot new Star Wars movie on the market, testing the tie-in Bluetooth-continued droid toy seemed like a logical motion.

Equally it turns out, it's a good matter that X-Wing pilot Poe Dameron didn't entrust his hole-and-corner star map to a BB-8 toy, because compromising the toy is not that hard.

More: Best Star Wars Gadget Gifts

Ken Munro at Pen Test Partners isolated 2 huge security flaws with the BB-eight toy. First and foremost, the device does not require a Bluetooth PIN to pair with a phone. (Users control the toy through an Android app.) This means that anyone within the immediate area could run the toy's smartphone controller app, hijack your BB-8 and whorl it around, if they and then chose. Non disastrous, perhaps, but annoying, certainly.

The bigger problem is with the device's firmware updates. When the toy updates its firmware, it does so via HTTP connection rather than a secured HTTPS one. Since there is no SSL authentication, a skilled hacker could easily hijack the connection and install his or her ain firmware. This software could then report back data from BB-8 dorsum to the attacker, or alter BB-8's controls so that "terminate" ways "become," and vice versa.

Here'southward the rub, though: the Sphero BB-viii doesn't broadcast any useful information. In order to hijack a BB-8 to get together information from a user'due south phone, an attacker would have to be in the vicinity of a user updating a BB-viii'south firmware and take reward of a Bluetooth pairing vulnerability, all at the aforementioned time. (In that location are no known Bluetooth vulnerabilities for Android at the moment, although it'due south possible that some exist.)

For the time being, you can curl BB-8 around to your middle'southward content without worrying too much nearly an attack. Merely be aware that unless the device implements some better security protocols (which Sphero is currently working on), an errant Sith Lord could take it away with just an Android phone; no listen tricks required.

All-time Star Wars Games of All Fourth dimension
Virtually Disappointing Games of the Yr
Peak Picks for Drones

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing groundwork, having studied paleomammalogy, biological anthropology, and the history of scientific discipline and engineering. Subsequently hours, you can detect him practicing taekwondo or doing deep dives on archetype sci-fi.