Be careful with your sex toys.
Security research firm Pen Test Partner told TechCrunch that an app interface flaw in Qiui’s ‘Cellmate,’ a smart chastity toy, let attackers remotely lock a user’s penis within the device. If you’re unfortunately stuck in the toy, you’d need either heavy-duty tools or an electrical jolt to open the toy. The Cellmate had no manual override.
Hackers can also collect private messages, plain text passwords and location information without any authentication, according to Qiui.
Qiui initially fixed most of the issues with a new update to the device’s user interface. However, it missed three self-imposed deadlines and then went quiet. Pen Test Partners made the issue public after it was made clear by other security researchers that Qiui is known for poor communication.
A chastity toy suffering from a security flaw is a significant issue because it can not only pull sensitive information from a user’s phone, it can also cause physical harm, especially if you have to use an electrical jolt to remove the contraption from your body.
Source: TechCrunch Via: Engadget