Security researcher Sarah Jamie Lewis wanted to demonstrate that the horrific stories of insecure networked sex-toys (and other Internet of Things devices) was the result of manufacturers' negligence, not the intrinsic limitations of information security.
So she bough a We-Vibe Nova sex toy and hacked it so that it could take commands over the cryptographically secured Tor anonymity/privacy network, using the Ricochet chat protocol to create an extra layer of security. The demo shows that the security problems with the IoT have more to do with the manufacturers' desire to spy on their customers than the difficulty of getting security right.
Lewis's approach uses Ricochet, a messaging program which creates a Tor hidden service for each user. Ricochet doesn't just protect the content of users' communications, but also obfuscates their metadata, making it harder for anyone snooping on the connection to see who is talking to whom. Lewis reverse-engineered her dildo, a Nova from Canadian company We-Vibe, so she could communicate with it over bluetooth. When combined, these elements allow anyone who knows the dildo's Ricochet address to send commands, such as "/max," to make the device vibrate. Lewis has uploaded the code to Github so others can try the experiment.
Motherboard started a 'chat' session with Lewis' vibe, and sent a series of simple commands. Lewis then sent a video of the dildo vibrating.
We Anonymously Controlled a Dildo Through the Tor Network [Joseph Cox/Motherboard]
Raspberry Pi is a credit card sized (or smaller) Linux computer that costs about $35 (you also need a monitor, a keyboard, SD card, and power source). The organization that developed it is called the Raspberry Pi foundation and they publish an excellent project magazine called MagPi. The PDF version is free to download. Issue […]
Illinois is one of 18 states where Right to Repair legislation has been introduced -- rules that would force manufacturers to end the practice of undermining the independent repair sector with hidden service documents, unavailable parts, and DRM.
The Arduino Nano is like a miniature Arduino Duemilanove not only is it tiny, but you can stick it into a breadboard. It costs $22, which is a good price for a genuine Arduino product, but since it is open source, there are a lot of low price clones available. Here’s a 3-pack on Amazon […]
Our computers are home to a myriad of files and documents, many of which contain sensitive information. While storing this data on your computer is convenient, it’s not exactly safe, and with news headlines highlighting data leaks and ransomware attacks on what seems like a daily basis, moving them to a safer location is a […]
Total versatility isn’t something you’d typically find in a telescope. While magnification tech has come a long way, most telescopes are designed to either gaze upon the stars or view the landscapes beneath them. The Omegon Maksutov Telescope MightyMak 60 lets you do both, and thanks to its compact design, you can easily incorporate some sightseeing into […]
The web is an invaluable tool for connecting small businesses with their target audiences. However, when it comes to building a website and marketing online, the learning curve can be steep if you’re doing it on your own. The WordPress Essentials Lifetime Bundle can help you out by getting you up to speed with the platform […]