Intimate of things: smart vibrator gets hacked at Def Con 24

10 Aug 2016

The internet of things offers a universe of things that could potentially be hacked, the latest of which is a smart vibrator

The internet of things offers a universe of security dilemmas around things that could potentially be hacked, the latest of which is the We-Vibe 4 Plus smart vibrator.

The We-Vibe 4 Plus, the world’s first internet of things (IoT) vibrator with a Bluetooth connection that can be controlled remotely, was the latest “thing” to be shown to be capable of being hacked at the Def Con 24 conference in Las Vegas.

Hackers Goldfisk and Follower showed how the sex toy can be remotely activated by anyone who can intercept it with a paired smartphone.

The hackers claimed that the Bluetooth communications between the device and its controlling app aren’t secure, making it possible to remotely seize control of the vibrator and activate it at will.

Share the vibe? Hack raises questions about personal security implications of IoT

We-Vibe

The device, manufactured by Standard Innovations Corporation, is understood to have been bought by some 2m people.

The hackers also revealed that when the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to Standard Innovations, such as each time a user changes intensity levels on the device and the temperature of the device.

In a statement, Standard Innovation said: “At We-Vibe, we strive to create innovative products that have our customer’s preferences in mind.

“We-Vibe collects data on the use of its products in terms of vibration intensity and mode for market research purposes so that we can better understand what settings and levels of intensity are most enjoyed.”

There you have it, market research. But there is still the danger that Goldfisk and Follower highlighted about how the signal of the Bluetooth device can be hacked and paired with other smartphones.

And while Goldfisk and Follower are ethical hackers who put the effort in to show just how private information can be gleaned from personal IoT devices, it is a salutary warning for what the IoT world of smart light bulbs, fridges, cars and more could be revealing about you.

Surprise image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com