Connected sex toys recorded intimate sessions without consent
Days ago, a Redditor discovered that their Lovense remote control app was unknowingly recording audio of a six-minute intimate session between the user and their significant other. It happened while they used the app to control the Lovense vibrator it's paired with, and it saved the recording to a local file buried in the phone's media storage. Another commenter, claiming to be a Lovense representative, said these recordings are the result of a "minor software bug."
Lovense: "Use teledildonics to improve your sex life!"
Previously: Vibrator Maker Pays $3.75 Million Settlement Over Data CollectionPornhub's Newest Videos Can Reach Out and Touch YouSex Toys Are Just as Poorly-Secured as the Rest of the Internet of Broken Things
What people want is the ability to control or monitor some device remotely, be it a sex toy, thermostat, or any other IOT device. Smartphones make a convenient remote control or screen to interface with these devices for most people. This is more convenient than having to keep track of multiple dedicated remote controls for every device.
What most people don't (and often won't) understand is that they are broadcasting all of this data to the company (and often the world). People see a remote control, they see their phone and they see the IOT device, they don't think about the information leaving their house and traversing the world on multiple computers owned by other people. If they understood this the convenience of a remote control might not seem like such a great deal. Turn on the sex toy with my phone, well that's convenient, but it records and transmits all this data to a company server which makes copies of everything (oh and probably transmits and stores it all unencrypted), not such a great deal anymore. And you can be sure that any data the company can get, they will get, and it will all be packaged and sold for a profit (not your profit, theirs).
This is inherent in the IOT system, if we wanted to set up the device to simply be remote controlled by a smartphone there are ways it could be done that don't involve using the company servers, but IOT is specifically set up to not do this, because logging the data in the server is what the companies want, it is the entire point of IOT. It is intentionally deceptive to consumers; sold as a convenience, but used as an data asset collection method by the companies.
Fuck IOT! Remember the S in IOT stands for security! Insecure by design!
Fortunately for the Big biz people are naive and stupid.