Bluetooth Low Energy (BLE) is the go-to protocol for low-powered networking in personal devices, so "smart" sex-toy manufacturers have adopted it -- despite the protocol's many vulnerabilities. That means that hackers can now wander city streets, detecting and compromising sex toys from the sidewalk, in a practice that Pentest Partners' Alex Lomas has dubbed "Screwdriving" (analogous to "Wardriving").
Lomas demonstrated the attack by wandering the streets of Berlin, compromising Lovesense Hush buttplugs. He also demonstrated that he could attack and compromise his father's BLE-enabled hearing aid, controlling what sound was played, allowing him to put voices in his father's head, or selectively alter his hearing.
Paul Di Filippo (previously) points out that he predicted this in his 2007 story Wikiworld, collected in the first Fast Forward anthology.
As it turns out, reverse-engineering the control messages between apps and a number of devices was not terribly difficult—the communications between the apps and the toys were not encrypted and could easily be recorded with a packet capture tool. They could also be replayed by an attacker, since the devices accepted pairing requests without a PIN code—allowing anyone to take over control of them.
The BLE beacons of these devices also make them particularly vulnerable to remote detection. The Hush in particular is vulnerable to tracking, as every Hush has the same Blutooth device name—making it easy to spot one while scanning. Lomas noted that while walking in Berlin recently with a Bluetooth discovery app on his phone, "I was genuinely surprised to see the Hush BLE name, LVS-Z001, pop up."
Screwdriving. Locating and exploiting smart adult toys
[Alex Lomas/Pentest Partners]
“NSFW” doesn’t begin to describe Bluetooth security in sex toys
[Sean Gallagher/Ars Technica]
Ricardo Palacios, a 74-year old rancher, had gotten used to Customs and Border Protection officials tromping across his south Texas ranch lands without permission over the years. But finding a wireless surveillance camera set up in one of his trees? Not OK. Upon discovering the device, Palacios removed it immediately. It wasn’t long after that […]
Connecting voting machines to the internet is a terrible idea: the machines are already notoriously insecure, and once they're online, anyone, anywhere in the world becomes a potential attacker.
The only thing worse than driving a car with defective brakes is unknowingly driving a car with defective brakes -- and learning about them the hard way.
Many of us enjoy the aesthetic of vintage electronics, but trying to use most hardware from the 1950’s isn’t necessarily practical. This is especially true where speakers are concerned. While most of us can appreciate the old-school feel of retro speakers, they have a hard time matching the convenience and power delivered by today’s Bluetooth speakers. […]
Python is one of the most popular and versatile programming languages used by developers today, making it an ideal first choice for those looking to kickstart a career in programming. While you could go back to school or sign up for a pricey coding bootcamp, you can learn the essentials of coding with Python at […]
Going back to school isn’t necessarily an option for everyone. Between the time commitments and steep tuition rates, there are obstacles aplenty as far as furthering education is concerned. However, that’s not to say it’s impossible to learn new skills. Excel with Business lets users access thousands of hours of online learning in Microsoft, business, technology, […]