- Alexis Bledel named most dangerous online celebrity 3 Years Ago
- Kylie Jenner trademarks ‘rise and shine’ after meme success 3 Years Ago
- ‘Watchmen’ website expands what you know about its alt-history 3 Years Ago
- Smoke ’em, pass ’em Week 8: Mark Walton szn 3 Years Ago
- Venmo’s first-ever credit card to launch in 2020 Today 3:46 PM
- Wet Kylo Ren may turn everyone to the dark side Today 3:15 PM
- Man allegedly targeted trans women on dating app, robbed them at knifepoint Today 3:02 PM
- Researchers expose how Amazon Echo and Google Home can steal passwords Today 2:47 PM
- Facebook removing Instagram Story filters that mimic plastic surgery Today 2:16 PM
- Mom solves ‘ghost baby’ image mystery after viral post Today 1:23 PM
- Elon Musk tweeted ‘through space’ Today 1:16 PM
- Don’t want a Fitbit? These step tracker apps got you covered Today 12:51 PM
- Protesters sing ‘Baby Shark’ to soothe frightened toddler Today 12:47 PM
- Who is Babu Frik, the adorable, teeny mechanic from ‘Rise of Skywalker’? Today 12:36 PM
- Senators push for social media data portability Today 12:11 PM
When any device is connected to the internet, two things become true: It’s immediately “smart,” and it’s instantly susceptible to hackers.
The duo attacked the We Vibe 4 Plus, a Bluetooth-enabled couple’s vibrator that comes with a smartphone app and remote control so that you can stimulate your partner “whether they’re in the same room or on a different continent,” the company’s advertising boasts.
The hackers hit the sex toy’s Texas Instruments CC2541 processor with its 2.4ghz Bluetooth chip, exploiting the lack of a certificate to collect information transmitted between the toy and the app. Bluetooth certificate pins establish a secure relationship between devices and users and the lack of one opens devices, including your sex toy, up to hackers.
They also showed just how much information the vibrator’s manufacturers are collecting about your masturbation.
If, for example, you go to high intensity, they’ll know.
They can also track the temperature of the device, information that can tell you a lot about exactly where this thing goes, though the company says it’s not precise enough to know exactly which orifice the toy has entered—or if it’s entered at all. The collected data is then stored and can be used by the company. Frank Ferrari, president of We Vibe maker Standard Innovation Corporation, said in a statement emailed to the Daily Dot that temperature data “is collected purely for hardware diagnostic purposes.”
The hackers assert that this type of intimate data raises privacy and security concerns.
“As teledildonics come into the mainstream, human sexual pleasure has become connected with the concerns of privacy and security already familiar to those who previously only wanted to turn on their lights, rather than their lover,” the hackers explained in the description of their presentation.
“Do you care if someone else knows if you or your lover is wearing a remote control vibrator? Do you care if the manufacturer is tracking your activity, sexual health and to whom you give control? How do you really know who is making you squirm with pleasure? And what happens when your government decides your sex toy is an aid to political dissidents? “
The future is way weirder than anyone predicted.
Clarification: The thermometer in the We Vibe is not precise enough to collect data that can determine whether the device has been inserted in an orifice, according to the company. Further, according to president of the company behind We Vibe, Frank Ferrari, “[t]emperature data is collected purely for hardware diagnostic purposes.”
“The temperature is measured through a thermometer in the Texas Instruments chip itself,” Ferrari said. “Many factors can affect the temperature of the chip. However, any changes in the temperature are not significant or noticeable enough to indicate the location of the product.”
H/T The Register
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.