In news of the coming tech utopia, a network enabled sexual aid has been hacked, and even in the unhacked condition, it sends personal data back to the manufacturer.
The Internet of Things That Can Be Hacked grows daily. Lightbulbs, trucks, and fridges all have computers inside them now, and all have been hacked by someone. But at least you don’t put those inside your body.
Two years ago, someone had the good idea to put a bluetooth connection inside a vibrator, and the We-Vibe 4 Plus was born. The vibrator can connect with a smartphone app that its makers say “allows couples to keep their flame ignited – together or apart”: that is, it can be controlled remotely, while, say, making a video call.
The consequences of a wrong number are left to reader’s imagination.
But at the Def Con hacking conference in Las Vegas, two independent hackers from New Zealand, who go by the handles goldfisk and follower, revealed that the way the vibrator speaks with its controlling app isn’t really secure at all – making it possible to remotely seize control of the vibrator and activate it at will.
In their talk, Hacking the Internet of Vibrating Things, Follower argued that despite titters at the back of the room, the security of a sex toy should be taken seriously. “The company that makes this vibrator, Standard Innovation: They have over 2 million people using their devices, so what’s at stake is 2 million people.”
“A lot of people in the past have said it’s not really a serious issue,” he added, “but if you come back to the fact that we’re talking about people, unwanted activation of a vibrator is potentially sexual assault.”
Potentially worse still, the pair discovered that the app itself was phoning home, letting the manufacturer discover some very intimate information about users.
(emphasis mine)
I want no part of this brave new world.