Security

Wi-Fi sex toy with built-in camera fails penetration test

Svakom's cyber mock cock can expose your most intimate moments to strangers

By Richard Chirgwin

82 SHARE

Sex toy designer Svakom decided that a vibrator needed a camera on the end, and it also needed a Wi-Fi access point – with the utterly predictable result that the device is hackable.

Pen Test Partners – these jokes just write themselves, really – took a look at the device, and the researchers probably wish they hadn’t, because the Svakom Siime Eye is an early favourite for a hypothetical 2017’s Worst Internet-of-S**t Product award.

Looking at the Android app, Pen Test Partners’ (PTP’s) researchers first turned up “some hard-coded credentials, and a hard-coded IP address and port.”

The hard-coded credentials, admin:blank, make it “trivial” to connect to the dildo’s Web admin interface, PTP writes, and even better – the Web app serves the video from the camera, and because it’s an access point, an attacker within range can identify users.

It gets worse.

Unless it’s bought by someone who pays attention to their home security, the access point name is static “under normal use.” That means “Siime Eye” is already turning up on war-driving sites (the post cites wigle.net as its example) so that pervs can figure out where the device is in use, and tune in to its output.

And there’s a Skype interface – or, at least, there’s a cgi script called skype_pwd, along with other scripts for sending emails and changing DNS settings.

With a little work, PTP was able to siphon the video stream from the dildo, meaning someone’s most intimate activities are badly protected.

With a little more work – we’re actually into hacking here, people, PTP had to look at the UART outputs! – the unremarkable Telnet password reecam4debug, and with that, the dildo is rooted: “We’ve got complete control over every inbuilt function in the Siime Eye, easy access to the video stream, a root shell and persistence on a dildo.”

Responsible disclosure says you only go public (a) after a patch is available, or (b) you get no response from the vendor. Guess which one of these made PTP publish the post? ®

Sign up to our NewsletterGet IT in your inbox daily

82 Comments

More from The Register

UK Supreme Court to probe British spy court's immunity from probing

Privacy International gets another shot at shadowy Investigatory Powers Tribunal

Dell's hokey cokey IPO takes new turn – VMware in, VMware out....

Investor roadshow delayed as Mick D considers alternative plan

Apple hauled into US Supreme Court over, no, not ebooks, patents, staff wages, keyboards... but its App Store

'Monopoly' game continues

Trademark holders must pay for UK web blocking orders – Supreme Court

Top judges say ISPs – but not webhosts or caches – can pass the buck

Supreme Court punts on Microsoft email seizure decision after Cloud Act passes US Congress

Dublin case closed but very big legal question remains

Sun billionaire Khosla discovers life's a beach after US Supreme Court refuses to hear him out

Hi, Vinod, is that permit application in your pocket or are you just unhappy to see us?

Corpse! of! Yahoo! drags! emails! of! the! dead! case! to! US! Supreme! Court!

'Pon their Oath, they're not having this

US Supreme Court blocks internet's escape from state sales taxes

5-4 decision brings ecommerce in line with physical shops

Supreme Court to dig into Google's very cosy $8.5m deal with lawyers over web search leak

Legal eagles funneled class-action windfall to favorites

Supreme Court to rule on whether US has right to data stored overseas

Microsoft's Irish data centre spat asks: How far should an American warrant go?