Stop your moaning, says maker of buggy Bluetooth sex toy
Companion app recorded audio you while you - ahem - played, but it never left your phone
Sex-toy maker Lovsense has told its customers to stop moaning about one of its products, which recorded audio of users as they – ahem – played, and stored it on their Android phones.
News of the recording emerged on Reddit where an entity by the name of “tydoctor” wrote “control vibrator app (used to control remote control sex toys made by Lovense, such as this one) seems to be recording while the vibrator is on. I was going through my phone media to prepare it for a factory reset and came across a .3gp file named 'tempSoundPlay.3gp' in the folder for the App.”
“The file was a FULL audio recording six minutes long of the last time I had used the app to control my [significant other's] SO's remote control vibrator (We used it at a bar while playing pool).”
Your correspondent is now done with pool. And bars. Just done.
But we digress.
“The app permissions allow for mic and camera use, but this was supposed to be for use with the in-app chat function to send voice clips on command. At no time had I wanted the app to record entire sessions using the vibrator.”
“tydoctor” says he/she has “deleted the app, and will no longer be using its Bluetooth functions.”
“It's unfortunate, because there's no other way to control the vibrator without the app.”
Lovesense's response says “Regarding the sound file in question, it has already been confirmed that this is a minor bug - a temporary file that is created when someone uses the Sound Control feature. Your concern is completely understandable. But rest assured, no information or data is sent to our servers.”
“This cache file currently remains on you phone instead of deleting itself once your session is finished. Also, when the file is created it overwrites itself (no new files are created).”
The company's promised “an update that will … make this file automatically delete after you stop using the sound function” and says it's implemented in this update to its Android app.
This is the second time Lovsense has been caught with its pants down in recent weeks, after it spanked hackers who accused its devices of being easy to hack and then to activate remotely. That exploit earned itself the classy name “screwdriving”.
The company took its turn by saying Bluetooth is never secure and defending its devices on the grounds that the worst outcome from a hack was their machine being turned up to 11. That outcome, the company argued, was far less unpleasant than having a bank account hacked.
Lovsense isn't the only electrified sex toy maker to hit trouble: We-Vibe recently agreed to pay $3.75m to settle a class action over tracking users of its device. ®
Sponsored: Becoming a Pragmatic Security Leader