Before buying connected toys and gadgets for the holiday season this year, it could be worth first checking Mozilla's 2018 edition 'Privacy Not Included' buyers' guide.
The guide offers an assessment of the privacy and security qualities of 70 different products, ranging from connected teddy bears, to smart speakers, games consoles, and smart home gadgets.
Mozilla also adds a 'Meets Our Minimum Security Standards' stamp to a page if the product has met its minimum security standards for IoT products. And the listings briefly explain what could happen if something went wrong.
Among the 18 products listed in the Toys & Games page, just five products meet the minimum standards. They are Microsoft's Xbox One, the Nintendo Switch, Sony PS4, the Harry Potter Kano Coding Kit, and the Amazon Fire Kids Edition.
Just six of the 18 wearables in the guide pass Mozilla's minimum standards. Apple AirPods don't get a stamp of approval, but the Apple Watch Series 4 does.
Among smart home products, most smart speakers get a stamp of approval, including the Amazon Echo and Dot, Google Home, Apple HomePod, Sonos One, and the Mycroft Mark 1.
Oddly, not a single Nest product earns a badge of approval from Mozilla, despite being part of Google's bug bounty program, using encryption, offering automatic security updates, and not sharing information with third-parties.
Nest's apparent shortcoming is that its products don't rely on password-based authentication.
Previous and related coverage
The FBI outlines the risks of giving your children a smart toy.
Researchers have discovered that cyber-attackers can remotely gain control of an IoT camera, allowing them to spy on users and more.
EU's new Cybersecurity Act won't mandate certifications for IoT products, and consumer advocates are unhappy.
By giving the Internet of Things a more suitable operating system, Norwegian software outfit IncludeOS aims to secure the billions of IoT devices coming online.
Internet of Things database containing personal information was indexed by Shodan search engine.
Firmware may be the next frontier for IoT hacks. See below how the healthcare industry addresses these threats.
Cybersecurity isn't child's play.