Hackers can remotely activate your smart vibrator and find out how often you use it
So much has been written about the dangers of the Internet of Things. In just the past couple of weeks, we’ve reported a pet feeder that starved dogs because its servers went offline, a thermostat whose controls could be locked and held for ransom, and how most smart locks on the market today can easily be breached by savvy intruders.
The latest connected device to fall prey is the We-Vibe 4 Plus vibrator. At the recently concluded Def Con conference, hackers goldfisk and follower took to the stage to explain how the Bluetooth-enabled sex toy could be remotely activated by anyone who knows how to intercept its insecure communications with a paired smartphone.
In addition, the duo found that the companion app sends back data to the company’s servers – specifically, the temperature of the device for every minute that it’s in use, and every instance where the intensity of the vibration changes. They noted that those data points would allow someone to figure out how often the vibrator is being used.
While there don’t appear to be any reports of hacked We-Vibe 4s yet, it’s worth noting that the manufacturer has already sold two million devices. That means there are a lot of people who might one day find their vibrators abuzz of their own volition.
What’s at stake here is the loss of control over your most private, intimate moments. That’s worrying in itself, but it also shows that IoT hardware makers don’t seem to realize that their products introduce the risk of more trouble than they’re worth.
All the ‘innovation’ and useful functionality that connected devices promise aren’t worth anything if they turn owners into potential targets for hackers. IoT is a cool concept, but it clearly isn’t yet a reality.
Aucun commentaire