Fuel Injected Male: When Your Butt Plug Gets Hacked

Saturday, November 18, 2017

When Your Butt Plug Gets Hacked

COMPLETED 19 NOVEMBER 2017

An orifice-opening article on the joy and risk of Teledildonics
Legal issues in sex toy hacking

+ a new term in the gay/sexual lexicon: "Screwdriving"

Underlining, highlighting and bold print by FuelMix:

On a recent trip to Berlin, Alex Lomas’ acquaintance posed him a challenge: Can you find a Bluetooth-enabled butt plug in the wild, and can you turn it on without its owner’s help? Lomas, a penetration tester with the British cybersecurity firm Pen Test Partners, pulled out his phone, consulted the detection app LightBlue, and quickly identified a Lovense Hush, purportedly “the most powerful vibrating buttplug on the market,” that Lomas says was nestled in the rear end of a stranger.

What’s more, that Hush was vulnerable, open to hacking by anyone who knew how.

As the world hurtles toward total app-connectivity, the gap between what our devices could do and what the law can address widens, particularly with teledildonics—or, sex tech that you can control remotely, over the internet. A sex toy hacking situation like the one Lomas identified isn’t likely to occur outside a lab, but linking a vibrator to the internet opens up the possibility that it might, and we should be ready to discuss it.

Lomas published the results of his experiment on the Pen Test Partners blog, and coined the term “screwdriving,” a sexualized play on wardriving (or the drive-by stealing of other people’s wi-fi). In a Skype interview with Gizmodo, he summarized the procedure in layman’s terms: Hush uses Bluetooth Low Energy, basically the more modern version of Bluetooth, to connect with smart devices. If you are wearing the butt plug out in public, and a designated partner is standing within about 30 feet of your tuchus, then that partner can control its vibration speed and pattern discreetly from their phone. Which is all well and good, Lomas said, unless that person wanders out of (admittedly limited) connectivity range. In that case, Hush “will sort of fail open into a discovery mode, ready for other people to discover and then take control,” to pair with the plug—there’s no password protection, or the PIN is an easily guessed 0000 or 1234—and pilot your anal experience, uninvited. (In an email, a Lovense rep explained that this is indeed the case, although the toy does have a function that automatically turns it off if the connected device falls out of range. Lomas pointed out that the customer would have to know that any of this is even possible, which many won’t.)

Lomas did not sync with the Hush and dial up the vibration, but he could have, and therein lies the problem. A consumer could venture out into the world, intending to have a secret erotic experience with one person, but end up having telesex with someone else entirely. But what kind of crime even is that—cyber, sex, or some kind of newfangled hybrid? And is anyone out there equipped to handle it?

The answer seems to lie somewhere in the neighborhood of not really slightly surprising as news of sex toy vulnerability becomes more and more frequent. White hat hackers have already exposed a number of adult companies—Lovense, WeVibe—as unstable repositories for the surprisingly detailed stores of intimate user data they’ve been collecting, mostly unbeknownst to their customers.

WeVibe’s data insecurity led to invasion of privacy lawsuits and modest settlements, yet the possibility that random third parties could insert themselves into a mutual masturbation session on Skype or a camming platform like Chaturbate has been less widely discussed. Hush isn’t the only assailable toy: Pretty much any BLE-enabled toy (or indeed device, whether that’s a hearing aid or a smoke detector) could be opened to outside probing. Products connected to apps like Body Chat seem pretty open to outside intervention, while the camera-equipped Siime Eye vibrator is easily hijacked by anyone with the know-how, potentially affording strangers vividly detailed views of your genitalia. That victim would certainly be able to claim invasion of privacy, but a breach of that scale seems more significant.

To be fair, the possibility that an unwanted third party could hack a sex toy is sliver slim: As Lovense explained in its response to Lomas’ experiment and in an email exchange with Gizmodo (of the Internet of Things sex toy makers contacted, Lovense was the only one to respond), Hush can only connect to one device at a time, and screwdriving would require sophisticated knowledge of BLE and “Lovense protocol,” along with “BLE sniffing hardware” most people don’t have. Even if someone did manage to pounce on your butt plug’s lapsed BLE connection, they’d need to be extremely close: within 30 feet and “a clear line of sight,” so, probably following you around. But it’s possible to buy long-range Bluetooth transmitters and receivers, and Lomas reported that a number of readers tweeted at him post-publication to say they’d successfully located their neighbors’ toys through a shared wall.

Lomas acknowledged that some Hush buyers may be into a stranger’s surreptitious involvement, and that’s perfectly fine; the problem, as he sees it, is that the average consumer probably won’t realize they’ve consented to a semi-private experience—that they are, “essentially, walking around with a giant butt plug transmitter” broadcasting out their anuses, or inadvertently offering a telescopic tour inside their vaginas.

Indeed, in considering teledildonic hacks from a legal perspective, consent should be a big part of the equation: instinctually, a stranger surprising you with genital vibrations reads as a violation. Legally, sexual assault doesn’t require penetration, merely “sexual contact or behavior that occurs without the explicit consent of the recipient.” According to Shanlon Wu, a defense lawyer in Washington D.C. and a former federal sex crimes prosecutor, the absence of consent like what would result from a remotely controlled, hacked sex toy signals sex assault.

“The typical definition of a felony-type sexual abuse is an unconsented-to penetration,” whether it’s with a body part or an object, Wu said. As regards the latter, he doesn’t see the legal equation changing if it’s a hand or a device controlling the object’s movement. Wu acknowledged that some lawyers might get bogged down in the virtual aspect of the offense, and view wearing a teledildonic device as blanket consent to its use. But consent is not transferrable, he said.

Wu offered an analogy: “If I’m entering a boxing match ... I’m consenting, obviously, to the contest with my opponent. If he hits me, I can’t be yelling, ‘Oh, he assaulted me, he punched me!’ because we’re consenting to punching each other. But if his corner man, his manager, comes out and clocks me in the head during the match, they can’t argue, ‘You consented to a boxing match, so anybody gets to beat up on you.’” Similarly, if you consent to someone using a sex toy on you, that’s not an invitation for any passerby to join in.

“Consent is consent whether it’s in person or whether it’s remote, and I think that’s the thing to focus on,” Wu said. He sees this form of cyberstealthing as a straightforward sexual assault prosecution, but Stewart Baker—a partner at the law firm Steptoe & Johnson where his practice covers cyberlaw and technology-related issues—disagreed.

“I’m having trouble fitting this neatly into a sex crime framework,” Baker told Gizmodo. “If somebody breaks into your dildo, they’re criminally responsible,” he said, but the question is how.
While Baker agreed that vibrator hijacking skewed the concept of consent, he also speculated that trying it as a sex crime could raise complicating questions about agreed-upon partner participation. If the sex toy in question comes with a built-in camera, that could implicate its owner in ways that won’t sit well with many people: Baker noted that consensual sexting between teens has already translated to several child pornography prosecutions, and if two minors are using a camera-equipped vibrator with one another on Skype or any other internet-connected video platform, they could inadvertently land themselves in a similar world of legal hurt. The clearest path forward Baker sees is prosecuting screwdriving as a cyber crime, under the 1986 Computer Fraud and Abuse Act, which encompasses all wittingly unauthorized access of a computer as well as the filching of its contents. While it does not specifically address teledildonics, the CFAA arguably offers a means of placing consent in a cyber context.

“The difference between being authorized and having consent is vanishingly small,” Baker said, “and so if you don’t have authority to do something with somebody else’s dildo, then if you’re doing it remotely over the internet, you’ve committed a crime that could turn out to be a felony [under the CFAA].”

Who’s likely not liable, though? The manufacturers, unless they’ve somehow misrepresented the product, Baker said. (The Lovense rep with whom Gizmodo spoke said they would broach the idea of adding a clarifying label to product packaging with the CEO.) While civil suits have resulted from toymakers’ insecure data collection methods, when it comes to a telesex hack, the only person responsible is the hacker. Which means it’s reasonable to request that both the manufacturers and the law figure out how to address sex toy vulnerabilities.

For both Wu and Baker, screwdriving cases remain relegated to the realm of the hypothetical and some disagreement on prosecuting such a crime likely stems from a lack of precedent. A CFAA violation and a sexual assault are both felony crimes, though, and their possible sentences vary widely. Arguably more important are the implications of treating a sex toy hijacking as a computer-related crime, rather than a crime against a person. Doing so risks minimizing an offense that ultimately hinges on unasked-for intimate contact, and a lawyer who argues that wearing a device like Hush in public is opening themselves to its unauthorized use is victim blaming.

The legal approach to screwdriving, though, would likely depend on whatever real life victims materialize, and as sex tech veers increasingly toward IoT connectivity—syncing with an app, virtual reality masturbation sessions, setting off a cross-country partner’s vibrator—without manufacturers pausing to patch security holes, it seems reasonable to expect they will. And while it’s probably not time to agonize over whether or not a hacker is waiting in the wings of your Skype sex session, ready to hijack your vibrator at any moment, it might be time to start thinking about what the future of sex crimes looks like. Better now than after we’ve arrived.

-----"If Your Vibrator Is Hacked, Is It A Sex Crime?", Claire Lampen, 31 October 2017, Gizmodo

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

READERS FEEDBACK

September 2019 "I am in awe at how far ahead of its time this blog is - and how correct its analysis has been on so many fronts. I can understand your disgust at censorship on social media and hope that you will find a way to bring back your writings in a way that will benefit so many gay men."

September 2018 "Your voice needs to be heard."

September 2018 "...love the pithy take on gay life in general and in this city. Often far more to the point than other media. And a more than handy sense on the street for the sauna scene in the city..."

August 2018 "Please allow me to commend you for your service to the gay community for your ongoing analysis and entertainment. I have recommended your blog on many an occasion to unthinking fags who need a metaphorical slap as well as thoughtful guys who I feel would benefit from and enjoy your musings."

March 2018 "...not only is your blog relevant right now, but it is also light years ahead of its time. That is quite an accomplishment."

January 2018 "I find your clarity on issues most illuminating. Your ability to see thru the hypocrisy and double speak of the lame stream media is refreshing."

December 2017 "Have been a huge fan of your site for years."

December 2017 "You got an infectious and intellectual air on topics that I rarely see online."

April 2017 "...your writing is always witty and meaningful."

September 2016 "Thanks so much for your enlightened, enlightening and entertaining blog."

August 2016 "You have set a new and very high standard with the quality of your writings, analysis, a refusal to be politically correct - and your sharp wit. You have contributed highly to those gay men looking for empowering alternatives in a changing world. Your blog is a landmark in gay publishing and deserves a much wider readership."

March 2016 "God bless you FuelMix, for your courage to write the truth with such power and clarity. As I go through your blog, much of what you say resonates with me. I can honestly tell you that your blog has helped me profoundly in my personal development and healing as a gay man."

January 2016 "Your blog gives insight and value to its readers compared to the politically correct fluff found in so many other publications."

January 2016 "Bravo!" You go where others are afraid to go and you do it with intelligence and finesse."

August 2015 "I'm looking forward to your acerbic wit and acid etched observations with great anticipation."

August 2015 "As someone who has tried to blog about various and sundry things at various and random times, I know how hard it can be to feel pressure to produce and to feel motivated and basically to do all the other things it takes to keep a site running. Especially one as entertaining and informative as yours. We all appreciate it even if you don't feel it. Stay awesome."

December 2014 "I love your blog and I think it will stand the test of time. You had a very good process about it that told people the truth even if they didn't want to realize it at the time."

November 2014 "One of the best there is I've seen."

November 2014 "...your efforts HAVE served a significant purpose for a great many gay men on a global level. You have identified and articulated the fundamental tenets of urban gay life that are unsustainable - the tenets that can divide, marginalize, deceive and ultimately kill us - and courageously demonstrated an alternative way to be.

You have created a new and important paradigm for those brave enough to commit to it, and live it, every day of their lives.

Your voice is prescient, insightful, entirely unique and entirely timely and topical. I am grateful to have been fundamentally changed by it."

November 2014 "You've provided a wonderful service to your readers; I must have recommended your work to a couple dozen people on this last work stint, many of whom in my opinion were making poor choices."

November 2014 "You have a great gift for recognizing life's ironies and for expression."

November 2014 "..you've said much that most would not do so publicly. You've also validated the perspective held by many of us."

September 2014 "Thanks for your blog. Your philosophies strangely match my own, which is both nicely comforting and a bit sad. You know, because that's what truth does."

August 2014 "...I'm very glad you write about the emptiness of the materialistic, drug-heavy, gay lifestyle. You do come very close, if not spot on, in many instances..."

February 2014 "..... I would not under-estimate your influence among a wide swathe of an influential segment of the gay population. Your blog's unique mix of insightful financial and political commentary combined with unabashedly ribald sexual reportage result in a very entertaining read."

January 2014 ".....you've saved a lot of us time and literally, our dignity and soul with your provoking posts."

January 2014 "Keep doing your blog.....others have just come across it and I've been told 'he says what we are all thinking but afraid to say'. Your words are truth and provoke thought."

January 2014 ".....your site offers intelligent social commentary not found elsewhere."

January 2014 "You write very well and you have something to say that is different and worth hearing."

November 2013 "Been reading your blog which I can quickly say is now one of my favourites."

September 2013 "Recently, I came across your blog.....Ever since, I've been addicted and hooked. As a 22 year old Asian guy, you say everything that I have always felt and thought and dissected it down to something palpable. I feel a lot wiser after reading your blog....."

August 2013 "I am a fan of your blog. Your view of things mirror mine and your wit is quite refreshing."

July 2013 "No doubt a fun and provocative blog....(in fact, one of the best things I stumbled upon on the Internet, amid all that abuse, rubbish and madness that fills so much of it)."

July 2013 "I've been reading your blog for three years, FuelMix, and it has quite honestly saved my life - as well as the lives of at least two other friends of mine, ostensibly once part of the "community", who woke up in time, saw the writing on the wall and, through extricating themselves of a good deal of psychic wreckage.......escaped alive and whole."

June 2013 "As a proud gay Asian, it's refreshing to read an intelligent Asian based blog like yours with a global readership. Your insights give Asian gay men a real advantage and alternative to the screwed up politically correct agenda spewing from the West."

June 2013 "Whatever you do, don't stop. I think what you do, needs to be said."

May 2013 "Reading your blog again after a while and have to say it is very much enjoyable. It gives just the right slap to all the gays in the midst of all the stereotypical obsessions, and makes us think on the values we really should be focusing on. Keep up the great work."

February 2013 "Thanks a million for your blog and your impeccable writing skills. My five years in HK wouldn't have been that much enjoyable without them!"

December 2012 "...... I have been reading through your blog over the last couple of days, and I have found it extremely well written and interesting. You are always thought provoking (even if I don't always agree with you or find your tone slightly too abrasive at times). Still, I think it is a fascinating read and I dearly hope that you will keep up the good work."

November 2012 ".....I came across your blog. This is well written and great stuff - congratulations."

October 2012 "I read your blog regularly, it's entertaining and illuminating."

August 2012 "I read through some of your articles and found them beyond insightful......"

August 2012 "I love your blog and have recommended it to everyone I know."

July 2012 "Just started reading your blog and wanted to say it is really interesting and well written."

June 2012 "...I want to express my thanks for your blog. I know it would be helping many guys."

June 2012 "Love your blog and your economic perspective."

April 2012 "I am a big fan of your blog and have followed it closely".

March 2012 "I've never witnessed such a degree of frightening insight - both personal and also in a global sense - that has resonated with me .....Your comments on the nature of the gay "lifestyle" and the subsequent emptiness and futility it engenders are apt, and your sardonic...... observations are also very personally cathartic. Despite this perhaps not being a key intention of yours, your writing has also validated my own misanthropy with regard to the gay community...."

February 2012 "Your blog is very interesting. I find highly intelligent and insightful text to be a very satisfying read. You have an incisive edge..."

February 2012 "I love your blog, delving head-on into issues that few others have the guts to address. Your insights into gay culture and politics have been a real eye opener!"

February 2012 "....insightful and caustic and I love your take on things."

January 2012 "...an exceptional blog.....lively and well written"

January 2012 "This blog is amazing....It's also nice to see someone who does a lot of research and has a great knack for writing, which is pretty rare from bloggers these days."

October 2011 ".....smart and insightful blog posts about saunas and gay life......."

October 2011 "Keep up the excellent work. Your style is most engaging and your opinions refreshing."

September 2011 "...I must confess, I'm a fan! You've become a sort of mentor with your matter-of-fact and witty insights."

September 2011 "...a lot of your blog posts are just right on. Some are painfully accurate..."

September 2011 "...absolutely blown away by your blog. Truly there's nothing else like it out there."

May 2011 "I'm a gay Sociology student. Your gritty observations and powerful writing style are more informative than textbooks on homosexuality. I have been researching deep into your blog and am using it as a resource on contemporary gay behavior and attitudes."

March 2011 "...really cutting edge."

"......intelligently controversial and courageous."

".....a fine unique gay blog packed with information and insight."

"....absolutely first class writing and commentary..."

"Thank you for writing your brilliantly iconoclastic blog which I am so happy to have found."

"I have been lurking on your site for a few years now. Enjoy your writing style, although you can be harsh to white guys, but we end up deserving most of it."

"I am commenting chiefly to humbly request that you continue writing your most excellent and utterly unique blog, please, Fuelmix Sir, which I have only recently had the good fortune to discover."

"Your blog was a great read and very spot on."

"We gather around computer terminals in the gay bar to read your postings. They can really start a lively conversation."

"....the Principles of Faggotry series is just epic!"

".....will scare the shit out of the shallow generic gay man."

"....a ruthless and well-written gay blog that forces the reader to sit up and take notice."

"LOL...I’m a self loathing queer, and found your insights great! Keep up the good work!"

"...the world's most politically incorrect gay blog....required reading for men becoming more than just flaky urban queers."

"... sharp anecdotes. Makes you wince and admit that you did the same thing or knew gay men who did exactly that."

"Brilliantly written, intelligent and mercilessly observant..."

"You have written the cruise missile of gay blogs - sleek, deadly and deadly accurate. I love it!!"

"It's like you've psychically tuned in to the collective dissatisfaction that so many gay men have felt for so long but didn't know how to say it...until now. It really is time for a new gay paradigm and you're blazing forward forcing us all to re-think...."

LOOKING FOR STUFFING?

The most comprehensive and accurate Hong Kong Gay Sauna Reviews anywhere on the web. Including those written off as a waste of time and money. Click on the image. See the Reviews of: ABC, Action, Alexander, Big Top, Birds, Central Escalator, Chaps, Club Houzz, Colony, Double, Follow Me, Galaxy, Gateway, Gemini, Hunter, Hutong, Jungle, KK Fitness, My Way Platinum, Ni-Chome, QQ Fitness, The Great, Towel Club .....ALL INDIVIDUALLY LISTED IN THE LABELS SECTION OF THE BLOG WITH THE SUFFIX, "HKG".

GAY SAUNA REVIEW FEEDBACK

".....absolutely spot on....."

".....totally authentic and accurate...."

"You're right, there is nothing else like it on the web."

" The detailed directions were so helpful and saved a lot of hassle"

"Wow! Really really helpful. Thank you so much."

"I showed up there feeling much more confident about what I would and wouldn't find. Your reviews are awesome and well worth reading beforehand. Many thanks."

".....an important database for locals and tourists with limited time wanting to make better choices when there are so many to choose from."

"......eagerly awaiting more sauna reviews with the detail, wit and cogency that only you can command."

Wanna submit your feedback on FuelMix's HKG Gay Sauna Review? Write to: fuelinjectedmale@live.hk

Fuel Injected Male

FuelMix - ATTITUDE AND ILLUMINATION

NOTICE

Saturday, November 18, 2017

When Your Butt Plug Gets Hacked

No comments:

Post a Comment

COMMENT PROTOCOL

From The Ground Up

Total Pageviews

EYE CONTACT AND CRUISING

Subscribe Now: standard

READERS FEEDBACK

COOL GUIDES TO HONG KONG

GAY SAUNA UNDERGROUND

GAY SAUNA ETIQUETTE

LOOKING FOR STUFFING?

GAY SAUNA REVIEW FEEDBACK

Labels

Blog Archive

LINKS

Blog articles may be transmitted, copied or republished online or in hard copy provided that: