Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Privacy Security

Popular Sex Toy Caught Sending Intimate Data To Manufacturer (fusion.net) 195

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should sex toys remain unaffected. Fusion is reporting that the We-Vibe 4 Plus, a popular vibrator sends a range of intimate data to its manufacturer. The sex toy uses a smartphone app, which lets a use control the vibration among other things. From the report: When the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to its manufacturer, Standard Innovations Corporation. It sends the device's temperature every minute, and lets the manufacturer know each time a user changes the device's vibration level. The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes. This was revealed on Friday at hacker conference Defcon in Las Vegas by two security researchers, who wish to be called only by their handles @gOldfisk and @rancidbacon. The two examined the app's code and the information being sent by the device over Bluetooth. In a statement sent by email, Standard Innovation Corporation's president Frank Ferrari confirmed that the company collects this information. [...]
This discussion has been archived. No new comments can be posted.

Popular Sex Toy Caught Sending Intimate Data To Manufacturer

Comments Filter:
  • by Major Blud ( 789630 ) on Wednesday August 10, 2016 @11:33AM (#52677823) Homepage

    " seriously intimate personal information like when you get off, how long it take"

    Most Slashdotters already have information like this collected by their ISP ;-)

    • Re: (Score:2, Informative)

      by Jawnn ( 445279 )

      " seriously intimate personal information like when you get off, how long it take"

      Most Slashdotters already have information like this collected by their ISP ;-)

      No mod points today, but +1 Funny, everybody.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      information like this

      Having a list of the pr0n sites you dorks browse is nothing like a time graph of a woman's intimate alone time.

      Data is not just data. There is a difference between storing someones email address and storing their private sex tapes. At some point you have to stop putting easy blame on the users and start seriously asking the companies storing this: what the fuck made you think it was OK to store that.

      If you were a company selling sex toys to women (inb4 SJW/MRA bullshit), what the fuck

      • by Anonymous Coward on Wednesday August 10, 2016 @12:07PM (#52678063)

        Or, maybe if they saw a common enough trend in the speed/intensity vibrations, they could make some automatic programs that could be run so that women could go through the cycle without having to make manual adjustments, just sit back and enjoy it?

      • You're funny, of course the amount of data collection and correlation and selling of that data, is growing. You are in the minority, most people don't care.

        • by Aighearach ( 97333 ) on Wednesday August 10, 2016 @03:51PM (#52679585) Homepage

          The vast majority of people are going to be creeped out because "somebody is watching them" but have basically no emotional response at all to "data is being recorded." If you phrase it as, "personal information being recorded for later playback" then you'll get a rise out of a lot more of them. But you're not going to get comprehension if you say "data connection." Data, that means it is just impersonal numbers, right?

      • what the fuck made you think it was OK to store that.

        When you clicked through the EULA, you said they could.

        What. can't you read?

        • what the fuck made you think it was OK to store that.

          When you clicked through the EULA, you said they could.

          What. can't you read?

          Sorry... I didn't stop when I was young and went blind.

    • I've always wondered what the point was of 15+ minute porntube videos.

  • by Scutter ( 18425 ) on Wednesday August 10, 2016 @11:35AM (#52677835) Journal

    Is nothing sacred anymore? Are we really nothing more than market research tools and products to be sold to the highest bidder anymore? Look, if you give me something for free, I don't think it's necessarily unreasonable to ask for something in return (provided you disclose that you're collecting that data). But if I'm paying for it, then please just stop. I'm the customer, not the product.

    • The question that I'd raise is whether it is illegal to use the manufacturer's product on him.

      Sans lube, of course.

    • by JustAnotherOldGuy ( 4145623 ) on Wednesday August 10, 2016 @11:49AM (#52677927)

      Is nothing sacred anymore?

      In a word, "no".

      I'm the customer, not the product.

      In this case, you're both.

      • Is nothing sacred anymore?

        In a word, "no".

        It's funny -- when I read about this, my first thought was "This is appalling." But my second thought was, "Gee, is this really that bad compared to the amount of privacy invasion we're faced with almost continuously these days?"

        Unless you run a half-dozen browser plug-ins (and few people do), your every move online is likely being tracked by dozens of companies. Unless you're careful to turn off various features on your phone, tablet, etc. your location is likely being tracked by dozens of apps.

        In th

        • In the grand scheme of things, this may be one of the most "private" acts, but it's also potentially one of the least worrying in terms of what companies could do with the data.

          Agreed. There might (potentially) be some embarrassment involved but beyond that I don't see any genuinely serious consequences.

          -

          Perhaps when some hacker manages to get into the data from these devices and publishes some Congresswoman's vibrator use data, there might finally be a public outcry to have a serious public discussion on privacy issues and tracking without a clear "opt-in".

          Even that won't do it. The thing is that by and large, no one seems to care much anymore. A lot of people have gradually become accustomed to the idea that everyone's privacy has been eroded, and almost no one appears to give a damn (with the exception of a few privacy-watchdog groups).

          People have become accustomed to sharing every bloody thing on Facebook and Pinterest and Linked

        • by Aighearach ( 97333 ) on Wednesday August 10, 2016 @03:58PM (#52679635) Homepage

          My first thought was, for a lot of people this is a feature because future models will be better at getting them off.

          But if you read Dan Savage, you might be skeptical that it will help their sex lives.

          If they disclose it, I don't see why it is a problem. I wouldn't want to use it, but a lot of people would. Especially if they offer free software upgrades for people who share their data.

          The general case is scarier to me. My banking data or my political activities seem more in need of protection than masturbation details. The only people in the world who care about this data are people who sell devices to aid the activity. Whereas with my banking data, it is not only people who sell banking services that might want to steal it!

          • The only people in the world who care about this data are people who sell devices to aid the activity. Whereas with my banking data, it is not only people who sell banking services that might want to steal it!

            Try running for office and your "masturbation" details will be released. Oops.

            For myself, I would not care if you used a vibrator or not but there are hundreds of thousands of mouth-breathers out there who do care.

      • "Is nothing sacred anymore?"

        When werethe metrics around the use of a vibrator ever sacred?

    • Look, if you give me something for free, I don't think it's necessarily unreasonable to ask for something in return (provided you disclose that you're collecting that data). But if I'm paying for it, then please just stop. I'm the customer, not the product.

      If the product can be connected to a toy-controlling smart-phone app, which should be owned from the company, then there might be some sort ToS that requires you to click "I Agree" before you can use the app. Most people don't read that kind of thing anyway, so they may agree to let the company collect data. This is typical way of getting consent from consumers without them really know what they are doing.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Are we really nothing more than market research tools and products to be sold to the highest bidder anymore?

      No, we're not, and it's our own damn fault. People are flocking to anything that promises them anything in return for their data. Privacy is a non-issue. Even close friends to whom I explained the technology and how it's used against them don't take the slightest precautions. People who should know better practice full on data exhibitionism. This war is lost. Too many old geeks have defected, and the new generation grew up with this stuff, so it's normal to them. Welcome to the Panopticon. Used to be a pris

      • Welcome to the Panopticon. Used to be a prison, now it's your home.

        And now I have a new signature. Thanks.

    • by funwithBSD ( 245349 ) on Wednesday August 10, 2016 @11:59AM (#52678001)

      Sing with me!

      The internet is for porn! The internet is for porn!

      Porn porn porn... and Marketing!

    • by eyenot ( 102141 )

      Personally, I feel that if your genitals are this enormous gateway straight into to your soul and that you're always, always and forever vulnerable about your own sexuality to such as extent that it needs to be hidden by default, then the problem's not with society the problem's with you.

      • So you wouldn't mind getting randomly anal probed at any point during your day, right?

    • by Shadow IT Ninja ( 3891909 ) on Wednesday August 10, 2016 @12:11PM (#52678089)
      Right, this is an item which you pay for. People defending all this invasion of privacy often say that the point is to get things for free. In practice, however, I have found that free things are more likely to respect your privacy. This is especially true of software. Take, for example, Android apps for GPS navigation. Garmin Navigon costs $49 (last I looked) which is expensive for an Android app. It wants access to all kinds of things which don't seem necessary for it's function. They have an excuse for access to the camera. It's to tell you if you are driving in the correct lane. I don't know what their excuse is for needing access to your contacts list. In contrast, the free app, Mapfactor Navigator, only asks for access to the things you would expect and it has a much better privacy policy.
      • Yes typical "it has access to information so it must be bad" mindset. Man how did we ever survive when we used computers with software that didn't run in a sandbox and had permissions for everything ... but I digress.

        I find the paid apps have far more features, as such those features request more information. Sensor data? For more accurate dead reckoning when you lose GPS. Contact list? So it can pull up your stored addresses in your phone, ... you know something that would be pretty damn useful in a GPS ap

      • by _merlin ( 160982 )

        Camera access isn't for driving, it's for the walking "reality scanner" feature. It shows labels for places of interest, street names, etc.

    • wrong, even for Slashdot you are the product for its advertisers. You are product. You are chattel. Moooo! Moooo! said the consumer product cow.

      • People without ad blockers are product. People with ad blockers are content providers. It isn't just one basket of people. Millions of normals come here to find out what the nerds have to say.

    • Is nothing sacred anymore? ...

      Of course not. If sex is not sacred anymore, then why would the data concerning it be? Sex itself is sold as a commodity. The sex toy reduces a sacred act to a mere technological-biological process of particular temperatures and intensity settings. There is nothing meaningful in it. So it makes sense that this essentially meaningless but useful data would be collected for further marketing purposes. The essential value of that data, just like human bodies in general today, will be determined by its marketab

    • Are we really nothing more than market research tools and products to be sold to the highest bidder anymore?

      Who said anything about data being sold? If this data creates a better vibrator with a more explosive orgasm then sign me up, happy to share all the details.

  • Intimate stuff - be it data or other things that the customer had in mind when buying it. So that they can de-automate this and replace toys w/ people in the long run
  • by swb ( 14022 ) on Wednesday August 10, 2016 @11:36AM (#52677847)

    Do they have the smartphone-enabled model that lets you control the vibration functionality from a *remote* smartphone, so you can further bridge the phone sex gap?

    I'm asking for a friend.

  • Pentesting (Score:3, Funny)

    by Anonymous Coward on Wednesday August 10, 2016 @11:39AM (#52677861)

    Brings a whole new meaning to pentesting [wikipedia.org] doesn't it?

  • by sehlat ( 180760 ) on Wednesday August 10, 2016 @11:43AM (#52677879)

    Which way is the transparency?

    To the customer, by making it plain Big Brother is watching their orgasms?

    To the company, as in "OK. Delilah in Kansas City likes Echo Mode at 5.7Hz. Why don't we start offering pre-customized models which have all the user's preferences pre-programmed? For a fee, of course."

  • by Anonymous Coward on Wednesday August 10, 2016 @11:45AM (#52677893)

    "The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes."

    sure, then they sell your data to your health insurance company, employers, the goverment so they all know about your sexual activities and perceived health. takes longer than a few minutes for you to get off? that will earn you an interesting chat with your manager the next moring.

    "Steve, we've noticed you recently have been sexually quite active. We are pleased it works out for you. However we're really concerned about the decline in your performance, sexually. I look at my statistics sheet here, and it says you usually took just 1.5 minutes, which is very good. It releases stress but it doesn't impact your productivity that much. So that's a good thing. However, for almost 2 weeks now, we see that it takes you 5, sometimes 10 minutes to get off. I have to tell you, we don't like this development. You have to look into this. If you can't improve it, we will ban you from any sexual activities in the future and treat you with a stress relexant. Am I clear?"

    brave new world

    • "The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes."

      sure, then they sell your data to your health insurance company, employers, the goverment so they all know about your sexual activities and perceived health. takes longer than a few minutes for you to get off? that will earn you an interesting chat with your manager the next moring.

      "Steve, we've noticed you recently have been sexually quite active. We are pleased it works out for you. However we're really concerned about the decline in your performance, sexually. I look at my statistics sheet here, and it says you usually took just 1.5 minutes, which is very good. It releases stress but it doesn't impact your productivity that much. So that's a good thing. However, for almost 2 weeks now, we see that it takes you 5, sometimes 10 minutes to get off. I have to tell you, we don't like this development. You have to look into this. If you can't improve it, we will ban you from any sexual activities in the future and treat you with a stress relexant. Am I clear?"

      brave new world

      Oh, my, the data selling opportunities. Here, DrugCo, is data on 530 users worldwide that aren't doin' it as long as they used to. And Pr0nico Industries, here's data on 530 users worldwide who like to switch modes while using a dildo.

      Okay, I'm gonna stop here.

  • You joke but.. (Score:5, Insightful)

    by Anonymous Coward on Wednesday August 10, 2016 @11:46AM (#52677909)

    If you can get over the fact it's about sex, it's actually a pretty good collection of metrics to collect when you're looking to get the best performance out of your product.

    They'll take that data and use it to improve future products to better get you off /with science/

    Also could provide pretty good data for legit scientific study - It can be hard to get funding to study taboo subjects.

    Of course, this all needs to be clearly stated in a privacy policy and data should be anonymized.. That's the real fuck-up here.

    • by rsborg ( 111459 )

      They'll take that data and use it to improve^Wmake more profit oriented future products to better get you off /with science/

      FTFY

      When they know what gets you off, you will be paying them more for it.

  • by Opportunist ( 166417 ) on Wednesday August 10, 2016 @11:46AM (#52677911)

    Sex toy makers are dicks.

  • EDITORS (Score:4, Interesting)

    by JustAnotherOldGuy ( 4145623 ) on Wednesday August 10, 2016 @11:47AM (#52677915)

    Hire some.

    That summary is so poorly written that it borders on editorial malpractice.

    • Re:EDITORS (Score:5, Funny)

      by TheGratefulNet ( 143330 ) on Wednesday August 10, 2016 @01:48PM (#52678683)

      give the editors a break. they had to type this summary with only 1 hand!

      • A corrected summary, free of charge. Hire me, slashdot, for the love of language!

        "In a world where thermostats and smart locks can be hacked and where companies covertly record information, why should we expect sex toys be any different? Fusion is reporting that a popular vibrator, the We-Vibe 4 Plus, sends a variety of intimate data back to its manufacturer. The sex toy uses a smartphone app which lets users control the vibration as well as other functions."

        • In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should you want to be hired. Slashdot is reporting that being an editor, a popular job, sends a range of intimate data to its manufacturer. The web site, which lets a use comment among other things.

      • by Xyrus ( 755017 )

        give the editors a break. they had to type this summary with only 1 hand!

        They could do better. Why? Because I know something you don't know.

        They are not left handed.

  • by StandardCell ( 589682 ) on Wednesday August 10, 2016 @11:51AM (#52677949)
    ...this security issue will affect very few /.ers...
  • by Morgon ( 27979 ) <jmy&morgontech,com> on Wednesday August 10, 2016 @11:52AM (#52677957) Homepage

    Okay, so they capture completely non-personally-identifiable information... so?

    They log how often the user changes vibration settings. This seems like clear product improvement data. Remove lesser-used settings and utilize the information on how frequently the settings are changed to create an auto-program that mimics that alternation.
    They capture the temperature. This seems like possible safety data, if nothing else.

    If it activated the microphone to record the ambient "noise", you'd have a clear case of 'catching' someone sending data. Does it send the phone's device ID? I didn't see it in the summary. So I'm genuinely not seeing what's inherently wrong with wanting to understand how products are used and could improve, especially in the burgeoning sexual-health industry.

    • by gurps_npc ( 621217 ) on Wednesday August 10, 2016 @12:14PM (#52678113) Homepage

      The real problem with your philosophy is that so much of that information is secretly personably identifiable.

      It is like the extra data a browser gives - things like versions, addons, etc. There is enough variability that you can determine the exact person.

      It may not be good enough in a court of law, but it is good enough for a private investigator.

      • The real problem with your philosophy is that so much of that information is secretly personably identifiable.

        Conjecture. There's no supporting evidence that enough unique information is recorded to identify individuals. Quite the opposite of a browser which leaks about as much info about you as it can.

    • by jenningsthecat ( 1525947 ) on Wednesday August 10, 2016 @12:28PM (#52678191)

      Does it send the phone's device ID? I didn't see it in the summary.

      The article also doesn't even mention the topic of personally identifiable information. That fact alone speaks volumes about the question, given that TFA quotes a rather lengthy statement from the company president, who didn't once take the opportunity to say that the device doesn't collect personally identifiable data.

      So I'm genuinely not seeing what's inherently wrong with wanting to understand how products are used and could improve, especially in the burgeoning sexual-health industry.

      Please note that "wanting to understand how products are used and could improve" is neither the ethical nor the logical equivalent of collecting private, intimate, real-time data without anywhere informing the purchaser that this is happening. Also, even if the data collected isn't personally identifiable now, it could become so later, and there are plenty of precedents for this.

      Another note: when the president of the company says "our policy does disclose that we may collect data", that refers to their website policy; it IS NOT disclosed when the app is downloaded, according to TFA.

      Do you see now "what's inherently wrong" with this picture?

      • it IS NOT disclosed when the app is downloaded, according to TFA.

        By that point, you've already bought the item. It's a little late to change your purchase decision.

      • by Morgon ( 27979 )

        You raise a fair point - it would have definitely behooved them to explicitly say that no PII is being transmitted. However, the researchers apparently cracked this communication, so I would expect them to have found and loudly reported such.

        I don't necessarily agree with the rest of your comment, at least at this time. Tinfoil hats are just too uncomfortable for me to wear continuously. If such time it does happen, I'll proactively retract my opposition.

        To be clear:
        Collecting personally identifiable is ce

      • Please note that "wanting to understand how products are used and could improve" is neither the ethical

        Errr yeah it is and products have been doing this since the dawn of time. The best companies are those who pay attention to their customers in this way and always have been.

    • by AmiMoJo ( 196126 ) <mojoNO@SPAMworld3.net> on Wednesday August 10, 2016 @12:51PM (#52678307) Homepage Journal

      Non-personally identifying data rarely is non-personally identifying. Also, they failed to mention it in their privacy policy, which means they probably broke the law in many EU countries where it is mandatory when data is collected this way.

      It's okay if they ask and have an opt-in button, but just doing it on the sly is underhanded and wrong.

    • by Anonymous Coward

      >Okay, so they capture completely non-personally-identifiable information... so?

      Is nothing sacred to you? So non-personal info gets sent but it relates to personal (very personal) moments. Moments where users would prefer to be 'left alone'. Will the desire of companies to 'customize everything' in order to 'take care of us better than we can ourselves' really get some play in the world of personal moments? Next in: toilets note our wiping techniques in order to better offer us robotic wipers in the

      • by Morgon ( 27979 )

        Right now, somewhere in this world, someone is masturbating. As you read this, someone else just increasedtheir device to vibrate a little faster.
        I don't think anyone can argue that I've violated anyone's privacy by stating that. That's the equivalent of what this discovery, as written, entails.

        Maybe I'm not as overly-conservative (bordering on prudish, if I may say so) as you. If I bought a toilet or seat that monitored how often [the user] took a dump, really I don't care. Frankly, in that particular inst

      • Are you going to be concerned when I tell you that Wal-Mart et al. are collection points of toilet paper purchases matched to your payment card? That Walgreens knows you just bought an anti-diarrhea medication and your prescription for Viagra has two more refills left after your July purchase?
    • Nevermind, I take back what I said - the article itself didn't specifically address the PII aspect, according to this Tweet/Image [twitter.com], you can infer the REST endpoint does include the username.

      While I again don't personally care too much if it were me, and also while I think usernames are a weak form of PII, I do understand how storing it per account can be disconcerting and definitely hope this discovery will help change the company's policies.

    • There are often ways to de-anonymize information. Does it send device serial numbers? Are those recorded from online purchases? Does it send any location data (cell etc). Unless great care was taken to ensure that the data doesn't contain anything identifiable, it safer to assume that it does.

      Once you have the personal data, the risks from knowing what the person was watching when using the toy are significant. It is not by itself damning, but it can be one of a set of data that can paint a picture of some

      • by Morgon ( 27979 )

        I rescinded above - apparently from a screenshot of the REST endpoint, it does incorporate the username of the person, which makes this a lot worse than if it were truly anonymous datapoints.

  • by Dutchmaan ( 442553 ) on Wednesday August 10, 2016 @11:58AM (#52677997) Homepage
    On the upside, it could be used to create a custom profile on what REALLY gets the person off. I imagine a vibrator that "learns" would be a welcome asset to a lot of women out there.
  • Wait for it... (Score:4, Interesting)

    by CaptainOfSpray ( 1229754 ) on Wednesday August 10, 2016 @12:11PM (#52678087)
    Newsreader: in the latest IT scandal, Standard Initrode Corp has admitted that its Autobanger sex toys have been remotely hijacked by a variant of the Stuxnet virus. The effect of the hijacking is to cause the device to repeatedly apply the user's favorite settings, until the user becomes unresponsive. Last week's revelations by Federal investigators that a number of unexplained deaths among Congressmen and -women were caused by unexpected heart attacks may be related.
  • Standard Innovation Corporation's or SIC will become Data Innovation Corporation or DIC.
  • by paiute ( 550198 ) on Wednesday August 10, 2016 @01:08PM (#52678401)
    Great - now I have to worry about man-in-the-middle attacks in the bedroom too?
  • Okay ... (Score:4, Funny)

    by fahrbot-bot ( 874524 ) on Wednesday August 10, 2016 @01:12PM (#52678427)

    (a) This is the creepiest thing I've read all week.
    (b) When can I control the smartphone from the vibrator?

  • As the ravenous Internet of All things pounded her joyfully, the unspeakable happens.. the tip flips open to reveal an undisclosed hidden cam! Somewhere Kim Jong is chortling!
  • Hmmm, now I know the true reason for Google wanting to do this:

    Chrome Is Nearly Ready To Talk To Your Bluetooth Devices [slashdot.org] [Aug. 9, 2016]
  • Technology to help reduce medical costs. They can add a feature so that people don't need to spend thousands on colonoscopies! Brilliant!
  • If they gather the data and analyze it, they can make better sex toys and sex robots. It's Kinsey's wet dream...

  • Just that the product is secure. I just don't want to be compromised through a backdoor by some Russian hackers.

  • "The sex toy uses a smartphone app, "

    Seriously? Might as well build the sex toy right in the smart phone then. Maybe the smart phone is the ancestor of the XQJ-37 Pan-Sexual Roto-Plooker envisioned here after all:

    http://wiki.killuglyradio.com/... [killuglyradio.com]
    http://wiki.killuglyradio.com/... [killuglyradio.com]

    Back on topic: In 2016, I prefer sex toys to be wired anyways. Less chances they will replicate and take control of the world this way.

Remember Darwin; building a better mousetrap merely results in smarter mice.

Working...