The Internet of Dongs remains a security dumpster-fire
See the original posting on Boing Boing
The Internet of Dongs is Brad Haines’s term for the world of internet-connected, “teledildonic” sex toys, and Haines, along with Sarah Jamie Lewis, have exhaustively documented all the ways in which internet-connected sex toys can screw you, from leaking private data to physically attacking your junk.
But Lewis and Haines’s work remains an obscure curiosity that is mostly followed by information security geeks; and now the do-not-buy advice for these gadgets is going mainstream. Just in time for Valentine’s Day, Mozilla updated its Privacy Not Included guide (previously) (a review of tech gadgets’ security and privacy practices),to include a suite of “romantic” gifts, from fitness trackers to “smart beds” to sleep trackers to sex toys, that track you, transmit your personal details to distant corporations, and sell, leak, or endanger your private information.
I was pleased to see Lovesense blacklisted by name, given the company’s incredible, appalling history of security blunders, including making secret audio recordings of your sex sessions (the company called this a “minor bug”).
Not all the products are do-not-buys: there’s a kegel exerciser that looks pretty good, but others, like the Lovense Lush 2 get failing grades for “shar[ing] your information with 3rd parties for unexpected reasons”; while the charmingly named Vibratissimo Panty Buster flunks for not using encryption (!).
So what makes for a cyber-safe sex toy? According to Mozilla, you’ll want to look out for things like whether the product uses encryption, automatic security updates, strong password requirements (where applicable), an accessible privacy policy, and a way for the company to manage security vulnerabilities in its products.
