While you are having fun, maybe your smart sex toys will become your privacy nightmare. Are you sure your toy doesn’t reveal your secrets?
With the isolation and the feeling of loneliness brought about by the COVID-19 crisis, sex toys have had the wind in their sails in 2020 and this continues in 2021. The pandemic has indeed pushed many people to isolate themselves, sometimes far away. of their partner and unable to continue their love life as usual. Even today, some couples living at a distance still face the consequences of travel restrictions and social distancing.
Against this backdrop, many turned to new ways to explore their sexuality or keep the fire going through connected adult toys. After the start of the pandemic, sales of these devices exploded, reflecting the recently skyrocketed popularity of sexting apps and other forms of virtual privacy.
Certainly the myriad of internet-connected sex toys, also known as teledildonics, have grown in popularity as part of the concept of sexnology, a catch-all word for sex and technology. However, like all other gadgets in the Internet of Things, smart adult toys have far-reaching implications for privacy and security. Plus, given the very personal nature of these devices and the type of data they collect, it’s hard to ignore potential threats to your privacy.
Today, these devices incorporate a wide range of features. For starters, they allow you to give remote control of your device to other people through the mobile app, browser, or your laptop. Users can also participate in group chats, send multimedia messages and personalized templates, organize video conferences, sync vibration patterns with a playlist or audiobooks, and connect gadgets with smart assistants such as Alexa. Some models allow users to sync two sex toys to replicate their movements, and others are portable. Then the app connects over Wi-Fi or the mobile operator to a server in the cloud, which stores the person’s account information and media files.
But let’s see the flip side of all of these features. If you were to decide to get one of these smart sex toys what could be going on in terms of security and privacy? First of all, given the wide range of features that these products offer, the attack surface is quite large. There are some design features that attackers can exploit: local connection via Bluetooth which is sometimes unprotected, vulnerabilities in the server or in applications, insecure Wi-Fi connections, and many more.
Discover the three main attack scenarios:
Execution of malicious code on the device: In this case, the attacker could, for example, try to modify the code running inside the gadget – its firmware – to perform malicious actions. In some cases, the cybercriminal could use the compromised device like a zombie, commanding the victim to send more malicious commands to other users of the contact list. The attacker could also intend to cause physical harm to the user, for example, by overheating the device.
Interception of communications and data theft: The information processed by sex toys and applications is extremely sensitive: names and other contact details, sexual partners, intimate photos and videos. Additionally, device usage information, such as preferred usage patterns or hours of use, may reveal a user’s sexual preferences. In the event of theft, this information could be used against the victim, exposing their privacy, or even be used for sextortion campaigns.
The attacker could also exploit vulnerabilities in the protocols used to gather information about the target, or even connect to the device by bypassing poor authentication mechanisms. Imagine a scenario where someone can take control of a sexual device without consent while it is in use, and even send different commands to the device. Would that be considered sexual assault? Does current legislation provide for the possibility of sanctioning such behavior?
Performing a denial of service attack: This would ultimately prevent the user from sending a command to the toy. For example, a popular chastity belt was found to contain vulnerabilities last year that would have allowed an attacker to block the device remotely, preventing the user from unlocking it. This actually led to attacks where the attacker first blocked the devices and then demanded a ransom to unlock them. This too shows how important security and privacy are on sex-related platforms.
So how can you improve your sex life without putting your privacy and security at risk? As with any other sexting practice, avoid sharing photos or videos in which you can be identified.. And, of course, do not post remote control tokens on the internet. Also, avoid signing up for sex apps using your official name or an email address that could identify you. In other words, try to be as anonymous as possible.
Always use connected sex toys in a protected environment and avoid using them in public places or high-traffic areas, such as bars or hotels. Also, when using the toy, keep the app connected to it, as this prevents the device from announcing its presence.
Before purchasing a connected sex toy, be sure to purchase a secure device from a trusted seller. Do some research on the security aspects of the gadget; for example, use search engines to find out if the toy has a history of severe vulnerabilities. If so, determine if patches are available and if frequent updates are being made by the developer. Also, downloading the monitoring applications and testing their functionality before purchasing the device can give you insight into the security of the application.
Finally, when choosing to play with a sex toy, always read the terms and conditions of the apps and websites you sign up for or send information to. Pay particular attention to the sections that describe the data collected by the company as well as the processing of this data. Also, keep your mobile device and apps always up to date, have a security solution installed, and try to use protected Wi-Fi networks while sharing sensitive information.
One more thing to keep in mind: smart sex toys can be fun and a new way to spice up your love life. But if you don’t want to let other people control the device remotely, then don’t get a smart sex toy, and stick with traditional toys instead.