Australian researchers have been looking into the data security for remote controlled sex toys.
Goldfisk and Follower got hold of the schematics for the We Vibe 4 Plus, a U-shaped vibrator that can be controlled via Bluetooth using a remote control or a smartphone app. The wireless functions mean the device's makers had to report its details with
the United States the Federal Communications Commission, and that filing allowed the hackers to figure out a way to crack the device.
It turns out it was fairly easy to hack, and find out what information the We-Vibe collects and transmits to the mobile app. The team managed to decipher the Bluetooth command strings and manipulate the We using a desktop computer. They reported the job
was relatively simple - the Bluetooth data string is only eight bytes long and the first byte controls the device's mode.
The two also found that the makers of the We collect exactly when the device is used, which of the ten vibration modes they are using, and even the temperature of the device. All this data is stored on corporate servers and in the terms and conditions of
the device the manufacturer reserves the right to pass it on to the authorities.
The Register notes that sex toys are illegal in many places - including Alabama, some parts of Georgia, and until recently Texas. Using such devices is a criminal matter and there have been prosecutions.