Don't Feed Them After Midnight: Reverse-Engineering the Furby Connect

Site is down for me. archive.org works: <a href="http:&#x2F;&#x2F;web.archive.org&#x2F;web&#x2F;20171124170013&#x2F;https:&#x2F;&#x2F;www.contextis.com&#x2F;blog&#x2F;dont-feed-them-after-midnight-reverse-engineering-the-furby-connect" rel="nofollow">http:&#x2F;&#x2F;web.archive.org&#x2F;web&#x2F;20171124170013&#x2F;https:&#x2F;&#x2F;www.contex...</a>

All it takes is a single goatse to appear on one child&#x27;s furby&#x27;s eyes or on a demo unit in a shop and the brand is ruined. I think they need to reconsider that response.

This could be the perfect thing to announce a failing code build.....begone old traffic light systems, Jenkins + Furby could be a thing of beauty.

Company response is &quot;Yeah, that&#x27;s way too hard, nobody can do that&quot;.

Company response is so typical, it hurts to read.

Why don&#x27;t they just enable basic Bluetooth security features instead of saying that it&#x27;s too hard to exploit and leaving it at that?<p>Excellent write-up though.

The company response stated:<p>&gt; A tremendous amount of engineering would be required to reverse engineer the product as well as to create new firmware.<p>Which implies they failed to understand what they were being told. The engineering required to do this exploit has already been done, so it doesn&#x27;t matter how hard it is. Once it&#x27;s been done, it&#x27;s been done.

I believe they ought to reevaluate that reaction.

But it&#x27;s always after midnight

&quot;while the FURBY CONNECT toy is in a &quot;woke&quot; state&quot; I couldn&#x27;t help but chuckle at this.