Bluetooth Low Energy (BLE) is the go-to protocol for low-powered networking in personal devices, so "smart" sex-toy manufacturers have adopted it -- despite the protocol's many vulnerabilities. That means that hackers can now wander city streets, detecting and compromising sex toys from the sidewalk, in a practice that Pentest Partners' Alex Lomas has dubbed "Screwdriving" (analogous to "Wardriving").
Lomas demonstrated the attack by wandering the streets of Berlin, compromising Lovesense Hush buttplugs. He also demonstrated that he could attack and compromise his father's BLE-enabled hearing aid, controlling what sound was played, allowing him to put voices in his father's head, or selectively alter his hearing.
Paul Di Filippo (previously) points out that he predicted this in his 2007 story Wikiworld, collected in the first Fast Forward anthology.
As it turns out, reverse-engineering the control messages between apps and a number of devices was not terribly difficult—the communications between the apps and the toys were not encrypted and could easily be recorded with a packet capture tool. They could also be replayed by an attacker, since the devices accepted pairing requests without a PIN code—allowing anyone to take over control of them.
The BLE beacons of these devices also make them particularly vulnerable to remote detection. The Hush in particular is vulnerable to tracking, as every Hush has the same Blutooth device name—making it easy to spot one while scanning. Lomas noted that while walking in Berlin recently with a Bluetooth discovery app on his phone, "I was genuinely surprised to see the Hush BLE name, LVS-Z001, pop up."
Screwdriving. Locating and exploiting smart adult toys
[Alex Lomas/Pentest Partners]
“NSFW” doesn’t begin to describe Bluetooth security in sex toys
[Sean Gallagher/Ars Technica]
Researchers at NYU and U Michigan have published a paper explaining how they used a pair of machine-learning systems to develop a "universal fingerprint" that can fool the lowest-security fingerprint sensors 76% of the time (it is less effective against higher-security sensors).
A year ago, the Norwegian Consumer Council commissioned a study into kids' smart watches, finding that they were incredibly negligent when it came to security and incredible greedy when it came to surveillance: a deadly combination that meant that these devices were sucking up tons of sensitive data on kids' lives and then leaving it […]
Data breaches keep happening, they keep getting worse, and yet companies keep collecting our data in ever-more-invasive ways, subjecting it to ever-longer retention, and systematically underinvesting in security.
In photography as in film, all the real artistry is in post-production – increasingly so, with the new possibilities cropping up in digital imaging. If you’re ready to get serious about your photography, may we suggest HDR Projects 2018 Pro. As working photographers can tell you, this imaging software can help you re-imagine even the […]
A picture can be worth a heck of a lot more than just a thousand words. If you’ve squinted for ages trying to get just the right photo, you might have the right passion for a career behind the camera. You might even have the right equipment, but do you have the know-how? The Beginner-To-Expert […]
In case you hadn’t noticed from the sleigh bell-heavy music and the hues on your Starbucks cup, the holiday season hasn’t shown any more patience this year. But that doesn’t need to be a bad thing, especially if you’re hoping to get a jump on your shopping. Retailers aren’t waiting til Black Friday to dish […]