Sex toys.
-
CHAMUSSY / SIPA
Be careful if you have connected sex toys.
Indeed, ESET researchers have published a report in which they reveal that some models have security vulnerabilities, report our colleagues from
Capital
.
The We-Vibe Jive vibrating egg and the Lovense Max masturbation tube are the two targeted sex toys.
"The Jive uses the less secure Bluetooth Low Energy (BLE) method of pairing, in which the temporary key code used by devices during pairing is simply the number zero," the researchers explained.
This means that anyone can connect to the sex toy using the 0.
At the same time, ESET researchers have raised issues with metadata that “remains included in shared files”.
And for good reason, when sending a photo to a phone via this sextoy, the user potentially sends information about his device and its exact geolocation.
🔎 ESET researchers have discovered vulnerabilities in applications controlling intelligent sex objects.
These vulnerabilities could lead to the installation of malware ▶ ️ https://t.co/3Zfo6VYxmD #Iot #Cybersecurite #video #adult
- ESET France (@ESET_France) March 12, 2021
Security fixes made
The other model questioned by researchers is the Lovense Max.
The latter "can synchronize with a remote counterpart, which means that an attacker could take control of both devices by compromising only one of them."
This device would also allow third parties to broadcast images without the permission of its owner.
Finally, with Lovense Max, "deleted or blocked users continue to have access to chat history and all previously shared media files."
Faced with these security flaws, the researchers recommend avoiding "using the devices in public places, or passageways such as hotels".
The manufacturers of these sex toys have been alerted and have made security corrections.
Did you see ?
A connected chastity belt could be blocked remotely due to a security breach
Lille
Lille: The unsuspected second life of your used sex toys
High-Tech
Cyber attack
Cybersecurity
Sextoy