A security flaw in an Internet-connected male chastity device could allow hackers to remotely lock it — leaving users trapped, researchers have said.
The Cellmate, produced by Chinese firm Qiui, is a cover that clamps on the base of the male genitals with a hardened steel ring, and does not have a physical key or manual override.
The locking mechanism is controlled with a smartphone app via Bluetooth — marketed as both an anti-cheating and a submission sex play device — but security researchers have found multiple flaws that leave it vulnerable to hacking.
“We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock,” British security firm Pen Test Partners (PTP) said on Tuesday. “An angle grinder or other suitable heavy tool would be required to cut the wearer free.”
The firm also found other security flaws in the Cellmate — listed for US$189 on Qiui’s Web site — that could expose sensitive user information such as names, telephone numbers, birthdays and location data.
“It wouldn’t take an attacker more than a couple of days to exfiltrate the entire user database and use it for blackmail or phishing,” PTP’s Alex Lomas wrote in the report on the device.
“A number of countries have oppressive laws that may expose users of these types of devices to unwarranted interest from law enforcement and bigots,” Lomas wrote.
Qiui did not immediately respond to a request for comment.
PTP said it reached out to Qiui in April, identifying the flaws.
Qiui fixed most of the issues by updating the software, but left the older version active and its users still vulnerable, PTP said, adding that other researchers had found similar issues.
Such smart sex toys and devices are among the wave of new “Internet of things” products and appliances introduced in the past few years that are online and capable of being operated remotely.
Their connectivity has also made them vulnerable to security breaches and privacy violations.
The Canadian maker of a smart vibrator agreed to a multimillion-dollar settlement in 2017 after it was sued for collecting sensitive user information, though it did not admit any wrongdoing.
Through the noise of rushing papers and whirring belts at a print factory in Kyoto, two creators watch their photo essay come to life in broadsheet form — part of an effort to win new audiences in the age of artificial intelligence (AI). Despite the decline of the publishing industry, self-publication and handmade “zine” magazines are growing in popularity in Japan, reflecting the nation’s enduring love of paper in the digital era. While speaking to Agence France-Presse at the plant, his hands black with ink, one of the creators, Kazuma Obara, said: “I think [paper] is a medium that engages all five
‘ABSURD MISTAKE’: The election commission said that there had been a failure to anticipate turnout after 14 polling stations ran short of ballot papers South Korean riot police yesterday cleared protesters from a Seoul polling station after a 35-hour blockade sparked by a shortage of ballot papers during local elections earlier this week. Wednesday’s election was the first nationwide vote since South Korean President Lee Jae-myung took office following the ouster of Yoon Suk-yeol over his short-lived martial law declaration. Lee’s ruling Democratic Party swept most races, but failed to flip the crucial Seoul mayoral seat. The South Korean National Election Commission apologized, blaming a failure to anticipate turnout after 14 polling stations in Seoul ran short of ballot papers. Some polling stations stayed open until 10pm to
France experienced its hottest spring on record, the French weather service said on Tuesday, after an exceptional early heat wave that also broke highs for the season in England and Wales. Meteo-France said the average nationwide temperature over March to May was 13.8°C — about 1.7°C above the norm, and surpassing records set in 2011 and 2020. “The warmest spring since records began in 1900,” it said in a bulletin. All three months were warmer than average, but the onset of an “unprecedented heatwave” late last month pushed the mercury to highs typically seen at the height of the summer. “Our country had never
A Sherpa guide was found crawling to base camp on Mount Everest a week after he went missing and was reunited with his family, who had given up hope he would return. Dawa Sherpa was last seen on Friday last week descending the mountain, but he did not reach base camp even though his client did. The pair were among the last climbers on the mountain as the climbing season came to an end and the route was dismantled. Dawa was located by a cleaning crew on Thursday morning as he was crawling down the snowy slopes around the Khumbu Icefall, just above
RSS