from the we-promise-little-to-no-injury-or-your-money-back dept.
Fantastical News Everyone! Remember an earlier SN article about CELLMATE, a male chastity device that got hacked and would not unlock your hardware? Well, now the maker of that IoT device says it's now totally safe to put your equipment into their device once again! They promise! This time for sure! Nothing could go wrong!
Chastity Penis Lock Company That Was Hacked Says It's Now Totally Safe To Put Your Penis Back In That Chastity Lock
While we've covered the Internet of Broken Things for some time, where companies fail to secure the devices they sell which connect to the internet, the entire genre sort of jumped the shark in October of last year. That's when Qiui, a Chinese company, was found to have sold a penis chastity lock that communicates with an API that was wide open and sans any password protection. The end result is that users of a device that locks up their private parts could enjoy those private parts entirely at the pleasure of nefarious third parties. Qiui pushed out a fix to the API... but didn't do so for existing users, only new devices. Why? Well, the company stated that pushing it out to existing devices would again cause them to all lock up, with no override available. Understandably, there wasn't a whole lot of interest in the company's devices at that point.
But fear not, target market for penis chastity locks! Qiui says it's now totally safe to use the product again!
Since this device uses a proprietary API, there is still the issue of Vendor Lock In to be concerned about.
Related Stories
Cellmate: Male chastity gadget hack could lock users in:
A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously.
The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.
The sex toy's app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug.
This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation.
Any other attempt to cut through the device's plastic body poses a risk of harm.
[...] The security researchers said they discovered a way to fool the server into disclosing the registered name of each device owner, among other personal details, as well as the co-ordinates of every location from where the app had been used.
In addition, they said, they could reveal a unique code that had been assigned to each device.
These could be used to make the server ignore app requests to unlock any of the identified chastity toys, they added, leaving wearers locked in.
Also at The Verge and gizmodo.
(Score: 2) by pvanhoof on Thursday February 11, @05:48PM
Wonder what happens when we send some UTF-8 Character Combination to the device ..
(Score: 0) by Anonymous Coward on Thursday February 11, @06:03PM (2 children)
Is the light switch.
(Score: 2) by DannyB on Thursday February 11, @06:07PM (1 child)
I haven't heard of that one. How does it work?
Conspiracy theories make stupid people feel special to have a secret unique nugget of information.
(Score: 0) by Anonymous Coward on Thursday February 11, @06:12PM
You flip the switch on and the female immediately ceases to want to perform procreation-related-actions with you due to your face.