Example #69 of why the Internet of Shit is a bad idea: Penetration testers found that the Cellmate brand chastity cage can be remotely hacked and permanently locked onto the wearer, requiring a potentially embarrassing trip to the ER, since there's no manual override.
In their brilliantly-titled report "Smart male chastity lock cock-up," they describe how hackers can take over the leaky device:
We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock. The tube is locked onto a ring worn around the base of the genitals, making things inaccessible. An angle grinder or other suitable heavy tool would be required to cut the wearer free.
Location, plaintext password and other personal data was also leaked, without need for authentication, by the API.
Penetration testing, indeed! I'll spare you all the easy jokes that hacks on Twitter are feverishly pecking out right now.
Image: YouTube / Pen Test Partners LLP
