Tag: chastity

07
Oct
2020
Posted in gadget

Cellmate: Male chastity gadget hack could lock users in

Image copyright

Pen Test Partners

Image caption

The Cellmate has been sold via several big-name online retailers as well as niche stores

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.

The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.

The sex toy’s app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.

They have also published a workaround.

This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.

Any other attempt to cut through the device’s plastic body poses a risk of harm.

Image copyright

Pen Test Partners

Image caption

The workaround involves prising open the circuit board and pressing batteries against two of the wires to trigger a motor

Pen Test Partners (PTP) – the Buckingham-based cyber-security firm involved – has a reputation for bringing quirky discoveries to light, including problems with other sex toys in the past.

It says the latest discovery indicates that the makers of “smart” adult-themed products still have lessons to learn.

“The problem is that manufacturers of these other toys sometimes rush their products to market,” commented Alex Lomas, a researcher at the firm.

“Most times the problem is a disclosure of sensitive personal data, but in this case, you can get physically locked in.”

Lock and clamp

Qiui’s Cellmate Chastity Cage is sold online for about $190 (£145) and is marketed as a way for owners to give a partner control over access to their body.

07
Oct
2020
Posted in technology

‘Smart’ Male Chastity Device Vulnerable To Locking By Hackers: Researchers

A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it — leaving users trapped, researchers have warned.

The Cellmate, produced by Chinese firm Qiui, is a cover that clamps on the base of the male genitals with a hardened steel ring, and does not have a physical key or manual override.

The locking mechanism is controlled with a smartphone app via Bluetooth — marketed as both an anti-cheating and a submission sex play device — but security researchers have found multiple flaws that leave it vulnerable to hacking.

“We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock,” British security firm Pen Test Partners said Tuesday.

“An angle grinder or other suitable heavy tool would be required to cut the wearer free.”

The firm also found other security flaws in the Cellmate — listed for $189 on Qiui’s website — that could expose sensitive user information such as names, phone numbers, birthdays and location data.

“It wouldn’t take an attacker more than a couple of days to exfiltrate the entire user database and use it for blackmail or phishing,” PTP’s Alex Lomas wrote in their report on the device.

A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it, researchers have warned A security flaw in an internet-connected male chastity device could allow hackers to remotely lock it, researchers have warned Photo: AFP / Fred TANNEAU

“A number of countries have oppressive laws that may expose users of these types of devices to unwarranted interest from law enforcement and bigots.”

Qiui did not immediately respond to AFP’s request for comment.

PTP said it reached out to Qiui in April this year, identifying the flaws.

Qiui fixed most of the issues by updating the software, but left the older version active and its

06
Oct
2020
Posted in technology

Chastity cage security flaw could let hackers lock up your penis

cellmate

Qiui

A flaw in a smart chastity device that puts your penis on lockdown could get your appendage imprisoned longer than you bargained for, security researchers say.   

The device in question, Qiui’s Cellmate Chastity Cage, encases your favorite organ in a Bluetooth-enabled gadget that a trusted partner can lock and unlock remotely using a mobile app.

The problem, according to security researchers from UK-based Pen Test Partners, is that due to API flaws, a nontrusted party acting from anywhere could not only gain access to precise user location data, but could “prevent the Bluetooth lock from being opened, permanently locking the user in.” 

turnedonnewpromo.png

Click for more on the intersection of technology and sex. 

“There is no physical unlock,” Pen Test Partners noted Monday in a blog post that details its months-long investigation into the device. “The tube is locked onto a ring worn around the base of the genitals, making things inaccessible.”

Qiui did not immediately respond to a request for comment. 

The sex toy company calls the Cellmate the “world’s first app-controlled chastity device.” It’s polycarbonate, comes in two lengths and costs $189 (about £146 or AU$265). 

“Qiui believes that a true chastity experience is one that keeps the wearer away from control over their own devices,” Qiui says on its site.

Of course, there’s surrender of control by choice. Then there’s loss of control by security flaw. 

If the Cellmate falls into the hands of the wrong driver, the only way out would be to cut the wearer free using an angle grinder or other heavy tool that most people would probably prefer be kept away from their sensitive areas. 

This isn’t the first time sex toys have raised security concerns. 

A high-profile

06
Oct
2020
Posted in internet

Internet-enabled male chastity cage can be remotely locked by hackers

A security flaw in an internet-enabled male chastity device allows hackers to remotely control the gadget and permanently lock in wearers, researchers disclosed today.

The Cellmate Chastity Cage, built by Chinese firm Qiui, lets users hand over access to their genitals to a partner who can lock and unlock the cage remotely using an app. But multiple flaws in the app’s design mean “anyone could remotely lock all devices and prevent users from releasing themselves,” according to UK security firm Pen Test Partners.

Even worse, as the chastity cage does not come with a manual override or physical key, locked-in users have few options to break out. One is to cut through the cage’s hardened steel shackle, an operation that would require bolt cutters or an angle grinder, and that is made trickier by the fact that the shackle in question is fastened tightly around the wearer’s testicles. The other, discovered by Pen Test Partners, is to overload the circuit board that controls the lock’s motor with three volts of electricity (around two AA batteries’ worth).

News of the security flaw was first reported by TechCrunch, and it suggests it’s worth doing your research before purchasing “smart” gadgets with more intimate use cases.

“It isn’t tremendously unusual to find an issue like this in many IoT fields, and teledildonics is no real exception,” security researcher Alex Lomas of Pen Test Partners told The Verge via direct message. “Both ourselves and other researchers have found similar issues over the years with different sex toy manufacturers. I do personally feel that the most intimate devices should be held to a higher standard however than maybe your lightbulbs.”

Past security flaws discovered in internet-enabled sex toys have

06
Oct
2020
Posted in gadget

Male chastity gadget hack could lock users in

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.

The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.

The sex toy’s app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.

They have also published a workaround.

This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.

Any other attempt to cut through the device’s plastic body poses a risk of harm.

Pen Test Partners (PTP) – the Buckingham-based cyber-security firm involved – has a reputation for bringing quirky discoveries to light, including problems with other sex toys in the past.

It says the latest discovery indicates that the makers of “smart” adult-themed products still have lessons to learn.

“The problem is that manufacturers of these other toys sometimes rush their products to market,” commented Alex Lomas, a researcher at the firm.

“Most times the problem is a disclosure of sensitive personal data, but in this case, you can get physically locked in.”

Lock and clamp

Qiui’s Cellmate Chastity Cage is sold online for about $190 (£145) and is marketed as a way for owners to give a partner control over access to their body.

Pen Test Partners believe about 40,000 devices have been sold based on the number of IDs that have been granted by its Guangdong-based creator.

The cage wirelessly connects to a smartphone via a Bluetooth signal, which is used to trigger the device’s lock-and-clamp mechanism.

But to achieve this, the