Taking too long? Close loading screen.
Connect with us

Tech

Internet-enabled male chastity cage can be remotely locked by hackers

Published

on

A security flaw in an internet-enabled male chastity device allows hackers to remotely control the gadget and permanently lock in wearers, researchers disclosed today.

The Cellmate Chastity Cage, built by Chinese firm Qiui, lets users hand over access to their genitals to a partner who can lock and unlock the cage remotely using an app. But multiple flaws in the app’s design mean “anyone could remotely lock all devices and prevent users from releasing themselves,” according to UK security firm Pen Test Partners.

Even worse, as the chastity cage does not come with a manual override or physical key, locked-in users have few options to break out. One is to cut through the cage’s hardened steel shackle, an operation that would require bolt cutters or an angle grinder, and that is made trickier by the fact that the shackle in question is fastened tightly around the wearer’s testicles. The other, discovered by Pen Test Partners, is to overload the circuit board that controls the lock’s motor with three volts of electricity (around two AA batteries’ worth).

News of the security flaw was first reported by TechCrunch, and it suggests it’s worth doing your research before purchasing “smart” gadgets with more intimate use cases.

“It isn’t tremendously unusual to find an issue like this in many IoT fields, and teledildonics is no real exception,” security researcher Alex Lomas of Pen Test Partners told The Verge via direct message. “Both ourselves and other researchers have found similar issues over the years with different sex toy manufacturers. I do personally feel that the most intimate devices should be held to a higher standard however than maybe your lightbulbs.”

Past security flaws discovered in internet-enabled sex toys have let hackers potentially hijack live-streaming footage from a dildo and take control of Bluetooth-enabled butt plugs. You can see a video explaining the flaw from Pen Test Partners below:

[embedded content]

In the case of the Cellmate Chastity Cage, the device’s manufacturers seem to have been unusually uncommunicative in responding to the flaw. Researchers at Pen Test Partners say they first disclosed the issue to Qiui in April and received a quick response, but the company didn’t fully solve the vulnerability and has since stopped responding to emails. We’ve contacted Qiui to find out more and will update this story if we hear back.

The flaws stem from an API used to communicate between the chastity cage and its mobile app. This not only allowed hackers to remotely control the device but also gain access to information, including location data and passwords. Qiui updated the chastity cage’s app in June to fix the flaw, but users who have not updated their app are still vulnerable.

As Lomas explains to The Verge, Qiui is in a bit of a bind. If it disables the old API completely, it will fix the security flaw but risk locking in users who haven’t updated the app. But by leaving the original API functional, older versions of the app will continue to work with the security flaw intact. Pen Test Partners says after talking with Qiui for months, it, and other independent researchers who discovered the same issues, has decided to go public to encourage a more complete fix. The company says its write-up of the flaw also obscures its exact nature to discourage hackers looking to take advantage of the problem.

The flaw stems from an API used to communicate between the physical device and its mobile app.
Image: Qiui

As noted by TechCrunch, though, it seems this particular flaw is the least of the Cellmate’s problems. Reviews of the device’s mobile apps on Apple’s App Store and Google’s Play Store include many complaints from disappointed customers who say the app often stops working at random.

“The app stopped working completely after three days and I am stuck!” writes one user. “This is DANGEROUS software, do not lock yourself in!” Another one-star review reads: “App stopped opening after an update. This is terrifying given the amount of trust placed in it, and there’s no explanation on the website.” And a third complains: “My partner is locked up! This is ridiculous as still no idea if being fixed as no new replies from emailing. So dangerous! And scary! Given what the app controls it needs to be reliable.”

So what can people do to avoid this sort of security flaw when purchasing internet-enabled sex toys? Lomas says, unfortunately, there’s no guarantee when buying these products. “It’s very difficult, just by looking at a product or app, to tell whether it’s storing your data safely, or if they’re capturing verbose usage information and such,” he says. But a good start is to simply do your research before you buy.

“Hopefully some countries and states will start to introduce standards for IoT products in the future, but in the meantime have a search for ‘product name + vulnerability,’” says Lomas, “or take a look for pages that talk about security on the vendor’s website (and not just the old trope of ‘military grade encryption’!)”

Source

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

This app lets you ‘cut-and-paste’ real life objects

Published

on

Apple has boasted a lot about the AR capabilities of its new LiDAR equipped iPhone 12 Pro. It means that your new iPhone will be able to ‘map’ the room better to place objects.

However, I hadn’t found an AR app that I might use regularly — until now. A few months ago, developer Cyril Diagne showed off a demo of an app called ClipDrop that lets you ‘drop’ real-life objects to your desktop. Now, the app is here as a beta version, and I already love it. It’s pretty evident by the feature image of this story.

The concept of the app is cool. You can take a picture of any object and the app with automatically remove the background and convert it into an image. You can then paste the image on your desktop and use it in your applications. In addition to objects and people, you can also extract text from a book or page that you have.

[Read: What’s a LiDAR sensor and why’s it on the iPhone 12 Pro?]

ClipDrop mostly does a good job of separating the object in focus from the background. But sometimes you’ll see blurred edges or missed parts. Since the app is in the beta stage, hopefully, it’ll improve over time.

It also works directly with apps like Pages, Powerpoint, Photoshop, and Canva. So, you can directly paste objects around you to your project. Plus, you can use the desktop app to extract text or images from websites or apps.

The app is available on all platforms (iOS, Android, macOS, and Windows) to try out. However, you’ll need to pay $39.99 for a year to unlock all features.

For more gear, gadget, and hardware news and reviews, follow Plugged on Twitter and Flipboard.

Published October 23, 2020 — 09:06 UTC

Source

Continue Reading

Tech

Scottish city to get ‘world’s largest’ fleet of hydrogen-powered garbage trucks

Published

on

This article was originally published by Christopher Carey on Cities Today, the leading news platform on urban mobility and innovation, reaching an international audience of city leaders. For the latest updates follow Cities Today on Twitter, Facebook, LinkedIn, Instagram, and YouTube, or sign up for Cities Today News.

Glasgow is set to introduce a fleet of 19 hydrogen-powered refuse trucks after being awarded £6.3 million (US$8 million) in funding under the UK government’s £23 million Hydrogen for Transport Program (HTP).

UK Transport Minister Rachel Maclean said the trucks would form “the world’s largest fleet of hydrogen refuse vehicles” and showcase “how the UK is at the forefront of green transport technology”.

The investment will also see the launch of a new hydrogen refueling station and is part of the government’s wider strategy to support the growth of hydrogen infrastructure alongside the deployment of new vehicles.

Glasgow, the UK’s fifth-largest city, was set to host the COP26 UN summit in November this year, but this has now been postponed until November 2021 due to COVID-19.

In September, three energy industry firms – Scottish Power Renewables, BOC (a Linde company) and ITM Power – announced ‘Green Hydrogen for Glasgow‘, a partnership to offer an end-to-end market solution for reducing vehicle emissions through a proposed green hydrogen production facility located on the outskirts of Glasgow. The Scottish city aims to become the first net-zero city in the UK by 2030.

Hydrogen hub

The UK’s shift towards decarbonizing its transport sector has gained traction in recent years, and last week its first hydrogen-powered train, the HydroFLEX, ran trials following a £750,000 grant from the Department for Transport (DfT) and more than £1 million of investment by rail firm Porterbrook and the University of Birmingham.

Speaking at the trial, Transport Secretary Grant Shapps also announced the government’s ambition for the Tees Valley region in north-east England to become a “trailblazing hydrogen transport hub”, which would bring together representatives from academia, industry and government to drive forward the UK’s plans to embrace the use of hydrogen as an alternative fuel.

The move could see the region become a global leader in the green hydrogen sector while creating hundreds of jobs.

A shift to hydrogen is part of a masterplan commissioned by the DfT to understand the feasibility of the hub and how it can accelerate the UK’s ambitions in hydrogen. The plan, expected to be published in January, will pave the way for exploring how green hydrogen could power buses, lorries, rail, maritime and aviation transport across the country.

Only around a third of the UK rail network has been electrified, with little extra track converted in the last few years. Without continuing to diversify the network, the government is faced with the dilemma of how to eliminate diesel trains that produce carbon dioxide and other harmful pollutants.

While the use of hydrogen can be ‘green’ – by splitting water into hydrogen and oxygen using renewable electricity from solar and wind power – concerns have been raised about a cheaper and more prevalent method to extract it from natural gas or coal, which emits carbon dioxide.


SHIFT is brought to you by Polestar. It’s time to accelerate the shift to sustainable mobility. That is why Polestar combines electric driving with cutting-edge design and thrilling performance. Find out how.

Published October 23, 2020 — 09:00 UTC

Source

Continue Reading

Tech

Here’s our first look at Huawei’s Mate 40 Pro

Published

on

Huawei announced the Mate 40 Pro yesterday, and now we have one in hand. It might not be easy to recommend Huawei phones outside of China, since the Trump administration’s targeted sanctions have prevented it working with US companies like Google, but devices like the P40 Pro Plus and last year’s Mate 30 Pro have had hardware as impressive as anything else on the global smartphone market.

The situation shouldn’t be any different with the new Mate 40 Pro. It’s likely to be Huawei’s most advanced device yet — even if there are still questions over the extent to which the company is actually able to manufacture it.

I thought the Mate 30 Pro was the best-looking phone released in 2019, and the Mate 40 Pro builds on that design. The unit I have is in the “Mystic Silver” colorway, which Huawei is promoting the most heavily. It’s a lot more unusual than the name makes it sound — the back is frosted glass, but there’s a kaleidoscopic effect where the phone shimmers different colors depending on the light. It looks great.

The camera module is circular, as it was last year, but this time the lenses are arranged in a ring around the Leica logo. I think I preferred the Mate 30 Pro’s two-tone glossy effect a little better, but Huawei says this year’s model was inspired by a black hole, so make of that what you will. This is still an attractive device from behind.

Around the front, the notch has been jettisoned in favor of a double-wide hole punch cutout for the dual selfie cameras. The OLED display is a little bigger this year at 6.76 inches, and it still has the 88-degree “waterfall” curves on the edges, which Huawei calls a “horizon” display.

These edges mean the power button on the side is still pushed back further to the rear than on most other phones. Unlike the Mate 30 Pro, however, Huawei has found space for physical volume buttons this time, which should be an improvement in usability.

Overall the Mate 40 Pro is looking like another physically and technically impressive Huawei flagship phone, and I’m looking forward to finding out what the company has managed to achieve — particularly with the camera and the new Kirin 9000 processor. The software, of course, will be another matter entirely. Stay tuned for a full review.

Source

Continue Reading

Trending