Bluetooth Low Energy (BLE) is the go-to protocol for low-powered networking in personal devices, so "smart" sex-toy manufacturers have adopted it -- despite the protocol's many vulnerabilities. That means that hackers can now wander city streets, detecting and compromising sex toys from the sidewalk, in a practice that Pentest Partners' Alex Lomas has dubbed "Screwdriving" (analogous to "Wardriving").
Lomas demonstrated the attack by wandering the streets of Berlin, compromising Lovesense Hush buttplugs. He also demonstrated that he could attack and compromise his father's BLE-enabled hearing aid, controlling what sound was played, allowing him to put voices in his father's head, or selectively alter his hearing.
Paul Di Filippo (previously) points out that he predicted this in his 2007 story Wikiworld, collected in the first Fast Forward anthology.
As it turns out, reverse-engineering the control messages between apps and a number of devices was not terribly difficult—the communications between the apps and the toys were not encrypted and could easily be recorded with a packet capture tool. They could also be replayed by an attacker, since the devices accepted pairing requests without a PIN code—allowing anyone to take over control of them.
The BLE beacons of these devices also make them particularly vulnerable to remote detection. The Hush in particular is vulnerable to tracking, as every Hush has the same Blutooth device name—making it easy to spot one while scanning. Lomas noted that while walking in Berlin recently with a Bluetooth discovery app on his phone, "I was genuinely surprised to see the Hush BLE name, LVS-Z001, pop up."
Screwdriving. Locating and exploiting smart adult toys
[Alex Lomas/Pentest Partners]
“NSFW” doesn’t begin to describe Bluetooth security in sex toys
[Sean Gallagher/Ars Technica]
Nuuo is a leading vendor of "trusted video management" tools used in conjunction with CCTVs deployed in sensitive applications like surveillance of "transport, banking, government, and residential areas."
“Hiding behind fake profiles, a group linked to Pyongyang solicited technology work to send hard currency back home.”
In Deposition of respiratory virus pathogens on frequently touched surfaces at airports, published in BMC Infectious Diseases, a University of Nottingham team reveal that the airport security trays they swabbed in the Helsinki airport contained more infectious agents than the airport's toilets.
Whether you’re heading for a career as a web developer or designer, the road is wide open. Careers in tech won’t be slowing down anytime soon, but it’s important that you keep up. Enter the Complete Learn to Code Masterclass Bundle. An invaluable resource for beginners or budding pros, the bundle teaches must-know development and […]
Sipping on whiskey is already a sophisticated experience, but that doesn’t mean you can’t kick it up a notch. A perfect addition to your desk or home bar, the Eravino Whiskey Globe Decanter features a beautifully etched map on the surface and an eye-catching glass ship inside, bringing an entirely new level of class to […]
Gone are the days when you needed to pore over a 400-page physics textbook to learn about weight ratios, aerodynamics, and all of those other STEM concepts that let us take to the skies. Thanks to Force Flyers’ DIY Building Block Drones, you can foster your STEM knowledge as you build and fly your own functional […]