Hacking a Toniebox
9 months ago
- #hacking
- #toniebox
- #privacy
- The Toniebox is a music box for kids that uses NFC figurines to play audio content.
- Audio files are stored in the cloud, not on the NFC tags, requiring an internet connection.
- Toniebox tracks user interactions, including playback progress, and sends data to two URLs: prod.de.tbs.toys and rtnl.bxcl.de.
- Privacy concerns exist as tracking data is linked to user accounts, but rtnl.bxcl.de can be blocked to limit tracking.
- The reliance on cloud services raises concerns about long-term access to purchased content.
- The Toniebox can be disassembled to access an SD card containing OPUS-encoded audio files, which can be backed up.
- Tools like teddyBench and teddyCloud allow for metadata reading, audio file splitting, and custom content management.
- Advanced hacking includes flashing custom firmware, replacing TLS certificates, and hardware modifications for accessibility.
- The Toniebox community has reverse-engineered the device extensively, enabling various customizations and hacks.
- Despite initial reservations, the author appreciates the Toniebox for its appeal to children and the creative hacks it enables.