Shoddy Security On This Wifi Vibrator Could Make Your Privates Very Public

first_img Most cybersecurity research that involves penetration testing doesn’t actually focus on things that are commonly used for actual, ya know… penetration. But this is 2017, and sometimes it totally does.What exactly is the device that’s perched on the model’s hand up there? It’s the Svakom Siime Eye, and the name ought to give you some idea about its advanced functionality. But just in case you’re still in the dark, it’s sort of like a dashcam. Except that it’s meant to look inside vaginas, not out windshields.The Siime Eye is a Wifi-enabled vibrator, purpose-built for giving interested onlookers a truly up-close look at the user’s private parts. It retails for about $249, and despite the fact that it’s small enough to fit inside ladybits it’s got a fairly large attack surface.PenTest Partners decided to check out a Siime Eye in the wake of the dildo data harvesting scandal that made headlines last year. Their researchers found numerous problems with the default setup of this vibrator, too, from a hard-coded IP address and root password to a default Wifi key of 88888888.Anybody within range could easily gain access to the camera’s stream, and if that’s not creepy enough, PenTest also discovered that some of the surveillance cam code that ships with the Siime Eye could allow an attacker to save images to a remote directory. They can even send a text or Skype notification when motion is detected.Just to make things a little creepier still, consider the fact that most users aren’t going to bother changing the AP name. That means it’s trivially easy to use a web-based scanning tool to see where a Siime Eye might be in use. The little red dot on the map is one active vibe that PenTest spotted… along with 101 others.The situation might not be as dire as PenTest made it out to be, however. The Internet of Dongs weighed in with their analysis, and their thoughts may put your mind at ease if you or someone you enjoy watching bought a Siime Eye.The most important thing to consider is likely the range of the Wifi signal. It’s likely not packing a very powerful radio like an actual wireless access point would, so someone wanting to snoop would likely have to be so close that you’d have other more serious concerns. Like how they managed to sneak into your closet/under the bed or how long they’ve been hiding in the bushes waiting for the vibe to get switched on.While the sloppy code is definitely concerning, IoD notes that since the Siime acts as an AP and not a client, it’s not able to send any data directly via the Internet by default. As for the hard-coded encryption key, Siime does alert users to change the defaults when they first launch the companion app.If you’re so eager to take your spycam vibe for a test ride that you can’t be bothered to change the defaults, well… you need to re-examine your own attention to security before you complain about the company that made your uberdildo. Stay on target These Panty Pillowcases from Japan are More Useful Than You’d ThinkNokia Dumb Phone Emerges as Smart Vibrator last_img

Leave a Reply

Your email address will not be published. Required fields are marked *