It has been an interesting week.
I’ve been working at PTP for a few months now, and one of my first pieces of research has been on IoT, er, “intimate wearables”. Well, you can read it, including the snappy vulnerability name we came up with (all the best do): https://www.pentestpartners.com/security-blog/screwdriving-locating-and-exploiting-smart-adult-toys/
After that it’s been picked up by a fair few outlets, including:
- El Reg: https://www.theregister.co.uk/2017/09/29/ble_exploits_screwdriving/
- Ars: https://arstechnica.co.uk/information-technology/2017/10/bluetooth-sex-toy-security/
- BoingBoing: https://boingboing.net/2017/10/03/back-orifice.html
- Wired: http://www.wired.co.uk/article/wired-awake-041017
- Silicon Republic (including a little interview with me): https://www.siliconrepublic.com/enterprise/sex-toy-security
- Tech Dirt: https://www.techdirt.com/articles/20171003/13375238336/sex-toys-are-just-as-poorly-secured-as-rest-internet-broken-things.shtml
- The Sun: https://www.thesun.co.uk/tech/phones-gadgets/4593038/lovesense-vibrator-discovery/
There was also a lively twitter discussion from my friend Ben Goldacre which ended up involving an MP:
Thank you for introducing me to the concept. But please, don't tell Amber Rudd…
— Chi Onwurah 💙 (@ChiOnwurah) October 4, 2017
Which resulted in this article in The Guardian: https://www.theguardian.com/commentisfree/2017/oct/06/drive-by-sex-toy-hacking-wake-up-call-britain-internet-security-vibrators
Which I think neatly brings us back round to why I/we did the research in the first place. Yes, the headline is catchy, but it’s to highlight that although BLE has “short” range (anything up to several hundred meters which may not be what you’d think as short) it often has shockingly implemented security that can have real world physical damage.
Many commenters pointed out that unsolicited activation of, er, the “intimate wearables” might be a feature and not a bug. I’d agree, if you knew that’s what you were getting into – consent is sexy!
We’re doing some more work on the range soon, as well as some additional vulnerability disclosures on these products – watch out for those.
Update: do you use the Lovense “Body Chat” app to, er, chat? Your messages and other info are probably not as secure as you think they are.
Update 2: I did an interview with Claire Lampen for Gizmodo, exploring the legal aspects of this too: https://gizmodo.com/if-your-vibrator-is-hacked-is-it-a-sex-crime-1820007951