A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it — leaving users trapped, researchers have warned.
The Cellmate, produced by Chinese firm Qiui, is a cover that clamps on the base of the male genitals with a hardened steel ring, and does not have a physical key or manual override.
The locking mechanism is controlled with a smartphone app via Bluetooth — marketed as both an anti-cheating and a submission sex play device — but security researchers have found multiple flaws that leave it vulnerable to hacking.
“We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock,” British security firm Pen Test Partners said Tuesday.
“An angle grinder or other suitable heavy tool would be required to cut the wearer free.”
The firm also found other security flaws in the Cellmate — listed for $189 on Qiui’s website — that could expose sensitive user information such as names, phone numbers, birthdays and location data.
“It wouldn’t take an attacker more than a couple of days to exfiltrate the entire user database and use it for blackmail or phishing,” PTP’s Alex Lomas wrote in their report on the device.
“A number of countries have oppressive laws that may expose users of these types of devices to unwarranted interest from law enforcement and bigots.”
Qiui did not immediately respond to AFP’s request for comment.
PTP said it reached out to Qiui in April this year, identifying the flaws.
Qiui fixed most of the issues by updating the software, but left the older version active and its users still vulnerable, PTP added, saying other researchers had found similar issues.
Such smart sex toys and devices are among the wave of new “internet of things” products and appliances introduced in recent years that are online and capable of being operated remotely.
Their connectivity has also made them vulnerable to security breaches and privacy violations.
In 2017, the Canadian maker of a smart vibrator agreed to a multi-million-dollar settlement after it was sued for collecting sensitive user information, though it did not admit any wrongdoing.
Next year, cybersecurity firm SEC Consult reported multiple vulnerabilities that hackers could exploit to hijack and control a smartphone-controlled vibrator called Vibratissimo. Sensitive user data was also left exposed.
© 2020 AFP
REVEALED: Far-right extremists are circulating plans to lock down Arizona streets if Trump is re-elected
On Saturday, The Arizona Republic reported that far-right paramilitary groups are circulating plans to lock down neighborhoods in the Phoenix, Arizona metropolitan area in the event that President Donald Trump is re-elected, supposedly to police left-wing protesters.
"In Arizona, the head of the Prescott-area chapter of the Oath Keepers group, which recruits military and law enforcement officers, has warned residents to be prepared to protect their neighborhoods from feared extreme left-wing protesters who would be upset should President Donald Trump be re-elected," reported Richard Ruelas. "Part of that the pro-Trump group'splan involved closing streets and assigning monitors to control access, according to a planning document shared with The Republic."
America’s crimes against humanity aren’t on the ballot this year — but they should be
The 2020 presidential election is a life-and-death decision for thousands of people vulnerable to COVID-19, for a globe under the assault from the climate crisis, and for the future of American democracy. And yet for all the urgency, the political campaign still suffers under the weight and stench of bullshit.
This article first appeared in Salon.
Philosopher Harry Frankfurt warns in his bestselling pamphlet "On Bullshit" that "bullshit" is more injurious than the blatant lie. One reason among many is that bullshit blurs the line between reality and fiction, offering a manipulative incorporation of truth to strengthen its own capacity to persuade. Absolute falsity, in contrast, is obvious to anyone with minimal awareness of the facts. When the Trump administration recently declared that one of its grand achievements was "ending the pandemic," most people laughed in disbelief. This is a lie fit for consumption only from inhabitants of a collective similar to the Rev. Jim Jones' notorious People's Temple settlement in Guyana.
Conservatives are hopping mad that their clumsy Hunter Biden smear is a flop
Welcome to another edition of What Fresh Hell?, Raw Story’s roundup of news items that might have become controversies under another regime, but got buried – or were at least under-appreciated – due to the daily firehose of political pratfalls, unhinged tweet storms and other sundry embarrassments coming out of the current White House.
In 2016, Steve Bannon did an amazing job rolling out the Clinton Foundation nontroversy. He gave The New York Times and CNN early access to Peter Schweizer's book, Clinton Cash, and the outlets gave it mainstream credibility. Later, when the Uranium One story was thoroughly debunked, it didn't matter. The foundation remained under a pall of fuzzy suspicions.