Cracking Dildos And Dollies: Hackers Expose Vulnerabilities In Connected Toys
by:KISSTOY
2021-02-26
For whatever reason, some people think it is wise to make sex toys connected to the Internet.
For Ken Munro, who is in charge of the security company\'s Pen testing partner, this provides an opportunity to demonstrate their penetration capabilities.
Digital, not physical.
He has been looking at Lovense\'s Nora and Max toys for women and men (
It seems that different sexual preferences are not considered in the company\'s marketing strategy).
They allow users to try different features through the app.
But for extra fun, they also allow another user to issue commands from a distance to a partner\'s toy.
For example, someone in Berkshire\'s rural area can stimulate Timbuktu\'s lover by clicking on some buttons on their Apple or Android phone, or through their PC.
All of this is done on the so-called \"remote digital software.
The vibrator also uses the \"body chat\" service.
It\'s like Skype, but specifically for virtual sex, sign up on the Lovense website.
Munro told Forbes that the security issue started here.
There is no obvious encryption during the registration process, which means that anyone who snoops online can get the login information.
One password. -protection.
The password function is called hash, but the weak hash: md5.
\"It is obviously trivial to damage the user\'s account and access some very interesting content, especially if the victim is a\" friend \"in a shared home using the same wireless access point,\" Munro said.
There is another potential problem with the video: on the Android app, they are saved in the removable storage of the device.
\"It doesn\'t take much time to realize that if the phone is lost, stolen or sold, it could be a naked masturbation video,\" Munro added . \".
\"Encryption of mobile phones and removable storage will mitigate this, but there are very few Android users doing this before lollipop, which also assumes that there is no other way to root the phone.
Some Android phones also cannot handle encryption of external storage.
LovensetoldForbesit is now planning to enhance the security of its services.
\"About encryption during the log-
In the process, we agree that we can do better.
We plan to use the RSA public/private key and MD5 encryption password in the next update of the application (
It will take about two to three weeks). The log-
The information will also be transmitted over HTTPS.
This should protect the log-
Information during the registration process, \"a spokesman said.
They also noted that the app only records toy motion mode and session audio, not video, although none of them are encrypted.
They said that lovenseid\'t storerecordsonserservers, so that no one who has access to ogin information can access the recorded session over the network;
The hacker will only see a list of contacts for this person.
Protect video sessions with media streaming (audio/video)is AES-
128 encryption, although this is the weakest of the three aes options.
The spokesman acknowledged that an encrypted recording session would consume a lot of smartphone power and therefore not be implemented.
\"We hope that when our users use their responsible use of the\" record \"feature, it\'s like you\'re using nude selfies or videos.
\"Munro will continue to explore the Lovense kit to see what he can do and he is not only fiddling with adult toys.
He also turned a kid\'s car into a potty.
Demon homunculus in the mouth.
My Friend Cayla is a popular model created by Vivid Toy Group that interacts with the smartphone app so the kids can talk to it like a real friend (
Yeah, who needs real friends anyway! ).
Due to the low security of the mobile app, it is easy to change her stock response from the child
\"Friendly old talk is more offensive content,\" Munro pointed out . \".
Attackers need to pair the trolley with their own devices by quickly grabbing toys or finding ways to remotely take advantage of the phone.
\"We don\'t think it takes much to turn her into a device that can monitor and potentially interact with children.
You \'d better make sure she\'s turned off without explicit use and make sure the mobile device is fixed with a strong PIN while keeping and patching up to date.
In the long run, the manufacturer should apply the PIN for the Bluetooth pairing process, but we don\'t think this can be done without a product recall.
Vivid told the BBC that it will put Munro\'s findings on the record and possibly release an update to the app.
Now, Cayla can be reprogrammed to say something terrible, like in this half
The following NSFW video (
Warning: it contains profanity beginning with \"s\"
: In addition to teens enjoying the security of playing with this device, there is a more serious problem: connecting things to the Internet allows hackers to turn them on, especially in cases where they are not protected in the manufacturing process.
When the most intimate part of people\'s lives is opened by digital prying, it may be time to make a change. That\'s why non-
Profit groups like building safety.
Lyhave appeared, forcing manufacturers, large and small, to consider security and privacy from the beginning of the design process.
Updated article on 02/01/2015, including Lovense response.
For Ken Munro, who is in charge of the security company\'s Pen testing partner, this provides an opportunity to demonstrate their penetration capabilities.
Digital, not physical.
He has been looking at Lovense\'s Nora and Max toys for women and men (
It seems that different sexual preferences are not considered in the company\'s marketing strategy).
They allow users to try different features through the app.
But for extra fun, they also allow another user to issue commands from a distance to a partner\'s toy.
For example, someone in Berkshire\'s rural area can stimulate Timbuktu\'s lover by clicking on some buttons on their Apple or Android phone, or through their PC.
All of this is done on the so-called \"remote digital software.
The vibrator also uses the \"body chat\" service.
It\'s like Skype, but specifically for virtual sex, sign up on the Lovense website.
Munro told Forbes that the security issue started here.
There is no obvious encryption during the registration process, which means that anyone who snoops online can get the login information.
One password. -protection.
The password function is called hash, but the weak hash: md5.
\"It is obviously trivial to damage the user\'s account and access some very interesting content, especially if the victim is a\" friend \"in a shared home using the same wireless access point,\" Munro said.
There is another potential problem with the video: on the Android app, they are saved in the removable storage of the device.
\"It doesn\'t take much time to realize that if the phone is lost, stolen or sold, it could be a naked masturbation video,\" Munro added . \".
\"Encryption of mobile phones and removable storage will mitigate this, but there are very few Android users doing this before lollipop, which also assumes that there is no other way to root the phone.
Some Android phones also cannot handle encryption of external storage.
LovensetoldForbesit is now planning to enhance the security of its services.
\"About encryption during the log-
In the process, we agree that we can do better.
We plan to use the RSA public/private key and MD5 encryption password in the next update of the application (
It will take about two to three weeks). The log-
The information will also be transmitted over HTTPS.
This should protect the log-
Information during the registration process, \"a spokesman said.
They also noted that the app only records toy motion mode and session audio, not video, although none of them are encrypted.
They said that lovenseid\'t storerecordsonserservers, so that no one who has access to ogin information can access the recorded session over the network;
The hacker will only see a list of contacts for this person.
Protect video sessions with media streaming (audio/video)is AES-
128 encryption, although this is the weakest of the three aes options.
The spokesman acknowledged that an encrypted recording session would consume a lot of smartphone power and therefore not be implemented.
\"We hope that when our users use their responsible use of the\" record \"feature, it\'s like you\'re using nude selfies or videos.
\"Munro will continue to explore the Lovense kit to see what he can do and he is not only fiddling with adult toys.
He also turned a kid\'s car into a potty.
Demon homunculus in the mouth.
My Friend Cayla is a popular model created by Vivid Toy Group that interacts with the smartphone app so the kids can talk to it like a real friend (
Yeah, who needs real friends anyway! ).
Due to the low security of the mobile app, it is easy to change her stock response from the child
\"Friendly old talk is more offensive content,\" Munro pointed out . \".
Attackers need to pair the trolley with their own devices by quickly grabbing toys or finding ways to remotely take advantage of the phone.
\"We don\'t think it takes much to turn her into a device that can monitor and potentially interact with children.
You \'d better make sure she\'s turned off without explicit use and make sure the mobile device is fixed with a strong PIN while keeping and patching up to date.
In the long run, the manufacturer should apply the PIN for the Bluetooth pairing process, but we don\'t think this can be done without a product recall.
Vivid told the BBC that it will put Munro\'s findings on the record and possibly release an update to the app.
Now, Cayla can be reprogrammed to say something terrible, like in this half
The following NSFW video (
Warning: it contains profanity beginning with \"s\"
: In addition to teens enjoying the security of playing with this device, there is a more serious problem: connecting things to the Internet allows hackers to turn them on, especially in cases where they are not protected in the manufacturing process.
When the most intimate part of people\'s lives is opened by digital prying, it may be time to make a change. That\'s why non-
Profit groups like building safety.
Lyhave appeared, forcing manufacturers, large and small, to consider security and privacy from the beginning of the design process.
Updated article on 02/01/2015, including Lovense response.
