Cellmate: Male Chastity Gadget Hack Could Lock Users In (bbc.com) 126
A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously. The BBC reports: Qiui's Cellmate Chastity Cage is sold online for about $190 and is marketed as a way for owners to give a partner control over access to their body. Pen Test Partners believe about 40,000 devices have been sold based on the number of IDs that have been granted by its Guangdong-based creator. The cage wirelessly connects to a smartphone via a Bluetooth signal, which is used to trigger the device's lock-and-clamp mechanism. But to achieve this, the software relies on sending commands to a computer server used by the manufacturer.
The security researchers said they discovered a way to fool the server into disclosing the registered name of each device owner, among other personal details, as well as the co-ordinates of every location from where the app had been used. In addition, they said, they could reveal a unique code that had been assigned to each device. These could be used to make the server ignore app requests to unlock any of the identified chastity toys, they added, leaving wearers locked in.
The sex toy's app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug. They have also published a workaround. This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation. Any other attempt to cut through the device's plastic body poses a risk of harm.
The security researchers said they discovered a way to fool the server into disclosing the registered name of each device owner, among other personal details, as well as the co-ordinates of every location from where the app had been used. In addition, they said, they could reveal a unique code that had been assigned to each device. These could be used to make the server ignore app requests to unlock any of the identified chastity toys, they added, leaving wearers locked in.
The sex toy's app has been fixed by its Chinese developer after a team of UK security professionals flagged the bug. They have also published a workaround. This could be useful to anyone still using the old version of the app who finds themselves locked in as a result of an attacker making use of the revelation. Any other attempt to cut through the device's plastic body poses a risk of harm.
Slashdot posters are safe (Score:5, Funny)
Node.js fetish? [Re: Slashdot posters are safe] (Score:3, Informative)
Not necessarily. I discovered other oddballs sometimes want to mate with us. Just because we repel conventional people doesn't mean we repel everything.
Re: (Score:2)
I think you meant everyone.
Not everything.
Re: (Score:3, Funny)
Nerds make household appliances with services I won't elaborate on.
Re: (Score:3)
I think you meant everyone.
Not everything.
I am certain that the original is correct.
Re: (Score:2)
Re: (Score:3)
...doesn't mean we repel everything.
Inflatable dolls with gaping mouths come to mind.
(So does liver and a pair of hand vibrators.)
P.S. Warmup the liver first; straight from the fridge is a real downer!
Re: Node.js fetish? [Re: Slashdot posters are safe (Score:2)
TMI
Re: (Score:2)
Blood temperature, or a bit hot or a bit cold?
Whatever, as the saying goes, fries your liver.
Re: (Score:3)
Re: Slashdot posters are safe (Score:2)
Father! Can't you do something? Cut of your balls?
No, son! Whatever you do to yourself you do it to God! I'm afraid it's scientific experiments for ye...
On topic: I'd expect that /. using the gadget would have taken precautions against hacking. Are you computer nerd or what?
Re: (Score:2)
this is about a hi-tech chastity belt.
for men.
w t f why
Re: (Score:2)
Re: (Score:2)
i forget sometimes that not everyone has a relationship with twin strippers.
i do not really know what they see in me.
but our children are growing up fine
Re: (Score:2)
Re: (Score:3, Funny)
That's the Next Great Startup? Ya never know. Gives "ride sharing" a new meaning.
Why? (Score:4, Insightful)
Not why engage in explicit behaviour, but why risk a locking mechanism to complicated electronics? There are so many other ways around this. Hide the key somewhere in the house and give your partner the location if they've been good is an incredibly obvious way.
No need to ask some Chinese server for permission.
Re:Why? (Score:4, Funny)
Re:Why? (Score:4)
And, apparently, a stranger online is now controlling it.
What are they complaining about, exactly?
Re: (Score:2, Funny)
No need to ask some (Chinese) server for permission.
The slogan we've been failing for the last 20 years of devices, hardware, software, and Appy Apps.
Dear 2030: Enjoy having toilets that won't flush until they've authenticated.
Re: (Score:2)
Dear 2030: Enjoy having toilets that won't flush until they've authenticated.
Authenticated with your ass-print?
Re: (Score:2)
In the future everyone will be in either an Apple/Coca-Cola/Anheuser-Bush household or a Microsoft/Pepsi/Molson-Coors one, except for a few interpid hackers who import a grey market Huawei Luminous Throne (motto: "In communist China, party's AI know what YOU had for lunch yesterday!") and jailbreak it.
Re:Why? (Score:4, Informative)
Why trust anything which can be done locally to using a remote server?
Re: (Score:1)
Re: (Score:2)
How does IPv6 fix it? Just because everything and their dog has an IP address doesn't mean it's actually accessible. (You have obvious IPv6 addresses like link-local which don't cross a router, for example).
If you're implying that because everything has an IP address anything can connect to it, have we forgotten things like firewalls? Hell, you'd think for something like this, you'd probably want to firewall it well to prevent hacks if it didn't need a cloud service.
Re: (Score:2)
> have we forgotten things like firewalls?
Because it has a routable IP address, you can use the firewall to *decide* to make it accessible from the internet or not. Rather than relying on some accidents that are sometimes happy accidents, sometimes not so happy. If you want it accessible, it is. If you want it blocked, it's blocked.
Versus NAT where it can be tricky to get it working right of you want it accessible, and only slightly more tricky for me to get to it if you didn't want it accessible. Which
Re: (Score:2)
Re: (Score:2)
Wrong question. The question isn't whether to trust the remote server. It's whether you trust that server enough to forgo a local option completely.
There's a difference between an internet connected chastity belt, and an internet connected chastity belt with physical key override.
Re: (Score:2)
Hide the key somewhere in the house
For those really into this, the woman will wear the key like a locket. This way the man sees it all the time he's with her.
Another way to wear it is on an anklet [keysandanklets.com].
Re: (Score:2)
I think you're missing the *remote* aspect here. ;-)
You're also missing the emergency backup to something clamped on your cock aspect.
Re: (Score:2)
I'm fairly sure that most of those relationships fall foul of 'coercive control' clauses in domestic violence law.
Re: (Score:2)
The law has limited reach here. When a couple wants to keep the law out of their relationship, even these days they are mostly able to do so.
Society might disapprove, but as long as no third person knows (and thus no information reaches authorities), a lot can be done. The concept, in English usually known under the name "consensual non-consent" legitimizes illegal activities.
E.g. marital rape is illegal these days (though decades ago it was to be not in many juridictions). But if both spouses keep their mo
Re: (Score:2)
Well, you've also got the Spanner case in the UK: http://www.spannertrust.org/do... [spannertrust.org]
Obviously serious assault is different to non-violent coercion but it does set the precedent that consent is not always a defence against interpersonal crimes.
Re: (Score:2)
Re: (Score:2)
Oh. Narrow personal experiences. Oh well - that's one way to never find out what really floats your boat.
Re: (Score:3)
Re: (Score:2)
How about, why use the device. I mean really, what is the idea, if there is no trust why be in a relationship. You can trust them with your life but you can not trust them with their bits. What is the device meant to represent a schizophrenic application of trust, so you value their genitals more than your own life and want them to share that value with you. It would all be so much easier if they sold orgasmo as an inhaler, "Orgasmo, full cerebral stimulation, with none of the scruffiness, during or after,
Re: (Score:2)
I mean really, what is the idea, if there is no trust why be in a relationship.
Err you have the completely wrong idea about BDSM, a literal medieval view of it. Playing with chastity devices is not about lack of trust by one partner, it's about complete trust by the other partner to give complete control to their dom.
Re: (Score:2)
You're wrong about the word "literal" here. Medieval chastity belts are most likely a later-day invention:
There is very little evidence of chastity belts having been used in medieval times. "Medieval" chastitiy belts on display in museums have mostly been proven to be 19th-century forgeries (like many "medieval" torture devices).
If interested in the details, see e.g. the book "The Medieval Chastity Belt - A Myth-Making Process" by Albrecht Classen or the journal article "Der Keuschheitsgürtel, Phantasi
Re: (Score:2)
There you go, the more you learn :-) I guess Robin Hood - Men in Tights is not a reliable history account :)
Re: (Score:2)
Re: (Score:2)
And if it were made from plastic I would still not recommend bringing a sharp set of nail clippers near your balls.
Re: (Score:2)
Re: (Score:2)
So plastic coated in lead paint. :-)
Part of there plan to pinch this to the state for (Score:2)
Part of there plan to pinch this to the state for use in the system.
Re: (Score:1)
You mean "pitch"? A cringe-worthy Freudian slip.
I ignored my best instincts to stay out of this topic.
Click-Bait: 1, Me: -1
Re: (Score:1)
I'm sure they'd sell it to any nation interested.
Cringe (Score:2)
Most painful title ever
Pen Test Partners (Score:5, Funny)
We should all take note that this exploit was found by Pen Test Partners... exploring new avenues for Penetration Testing.
Re: (Score:2)
We should all take note that this exploit was found by Pen Test Partners... exploring new avenues for Penetration Testing.
Ironically telling people how to lock away others so they are no longer capable of penetrating anything.
Hammer/Rock/Blunt Trauma Escape Plan (Score:2)
This "chastity belt" is a novelty - not any sort of effective lock. I am willing to bet I could escape from one of these in 5 minutes with a rock, and very low likelihood of damaging myself.
I am not willing to spend $69.59 on eBay (new) or $149.39 on Amazon (also new) to test this theory and become internet-famous.
Re: (Score:2)
I am willing to bet I could escape from one of these in 5 minutes with a rock
You're a braver man than I.
Re: (Score:2)
I am willing to bet I could escape from one of these in 5 minutes with a rock
You're a braver man than I.
More likely he is just pretty stupid and full of himself. The design looks like you can break it easily with adequate tools. As long as there is no sensitive other equipment in the vicinity, that is. A rock is about the last tool you would use to try to break some sturdy plastic in that area.
Re: Hammer/Rock/Blunt Trauma Escape Plan (Score:2)
I invented the opposite: the Promiscuity Belt. Beta test isn't working so well, despite being set to 11.
Cant Touch this (Score:1)
I told you homeboy (You can't touch this)
Yeah, that's how we livin' and ya know (You can't touch this)
Look in my eyes, man (You can't touch this)
P.S. Someone had to say it ....
The obvious reaction (Score:5, Funny)
Hacking that sounds like a real dick move.
Re: The obvious reaction (Score:2)
I can imagine the emergency call
"Hello? fire department? I have a bit of an...erm...um...emergency..."
Re: (Score:2)
It will not be the worst thing they have seen. Or the most stupid. Trust me on that. Humans are very inventive in doing it to themselves.
Re: (Score:2)
That was a close one (Score:2)
Qiui's Cellmate Chastity Cage
Holy shit! I almost searched for that on Google just to see what it was.
Last thing I need are oddball sex toy ads popping up on every site I go to.
It's bad enough they probably have all my IDs tied together from other data mining and will be adding it anyway just because I posted in this thread.
Re: (Score:2)
That's why I use private browsing for a few things.
Re: (Score:2)
Use private browsing.
That gadget looks kind of small. Chinese. It figures.
Sometimes ... (Score:5, Funny)
...the jokes write themselves.
Guangdong (Score:5, Funny)
Guangdong. Huh huh huh. Heh heh heh.
I'm way too sheltered. (Score:3)
I first though Huh? then How? then Why? ... back to my safe bubble...
Re: I'm way too sheltered. (Score:3)
I feel you brother....had to read the title three times to comprehend. Then I looked with suspicion at my coffee cup.
Locked in (Score:3)
I wonder if some of the wearers of this device wouldn't necessarily mind it. That's really giving up control.
Luckily most customers are OK with pain. (Score:2)
They really are not all that concerned that if it is hacked, their will be some significant pain involved in removing the hacked device.
A few days late for Locktober (Score:1)
Now I've heard everything (Score:3)
A device to lock down a man's ding dong with a path to the internet?
Sure! There is no way this could go wrong...
Re: (Score:2)
I pity the folks trying to make a living writing satirical stories. They do not stand a chance against actual reality these days.
Re: (Score:2)
I remember reading something very similar to your comment: "Und vergiss nicht, dein Job ist es, ihm immer ein paar Nasenlängen voraus zu sein!" or so (don't have the actual source at hand, and it is apparently not on the internet), which i German for something along the lines "And don't forget: Your job is to always be a few nose-lengths ahead of him".
That text was underneath a political cartoon by Haitzinger showing an artist on a bike with a huge ink-brush on his shoulder at the start line of a race.
Re: (Score:2)
To many people control via a phone app via some server who-knows-where is just he way remote controls operate these days.
There are plenty of people with various smart home devices from Alexa to heating controls, etc. I guess the vast majority of users won't even bother to flash alternative firmware to take the manufacturer cloud out of the chain.
In the end I guess that is a question of benefit/risk assesment. And in the case of this particular device, the one making the decision might often not be the one t
Makes for an interesting visit to the ER (Score:2)
I guess some ER people and some firefighters will get experience in how to cut these things off without cutting off anything else...
In other news, a significant part of the human race continues to be abysmally stupid.
Re: (Score:2)
I dated an ER nurse many years ago. She told me they'd removed quite a variety of objects from every hole imaginable.
I also had an older coworker who was renting a room in my townhouse, who one night came to ask me to take him to the ER. Seems he was bleeding from his groin...I never asked why.
I Knew It Would Come to This (Score:5, Funny)
They've been telling us for years that the Chinese would have us by the balls, and now it's actually happened.
Thank God!! (Score:2)
What's hot about it if it can't be randomly and permanently locked by a stranger? That's right, not one damn thing.
Re: (Score:3)
...would wear/use such a device in the first place?
Have we gotten to that far of a level of soy boy in our society?
Well... The premium version comes with OnStar and Find My Penis apps and includes bio-metric security features.
Re:Ok what man in his right mind.... (Score:5, Funny)
Re: (Score:2)
A virtual +6 funny, to you Mr Pseudonym.
Re: (Score:2)
Re: Ok what man in his right mind.... (Score:2)
General disorder number one:
Whenever you encounter primitive species, screw them hard and good!
Re: (Score:2)
It unlocks with a palm print?
Facial recognition ...
Re: (Score:2)
Well... The premium version comes with OnStar and Find My Penis apps
I bet King Missile [youtube.com] would have appreciated this 30 years ago.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
...would wear/use such a device in the first place?
Have we gotten to that far of a level of soy boy in our society?
I can imagine Soyboy calling his wife and desperately whispering, "I'm in the men's room at the conference center! Can you unlock me for one minute so I can pee?"
Re:Ok what man in his right mind.... (Score:5, Insightful)
...would wear/use such a device in the first place?
All sorts of fetishes out there... Chastity devices like this are pretty tame, in the grand scheme of things. I don't understand why such a large portion of our population is so concerned with what others do with their genitals in private. To each their own, as long long as it's consensual who cares?
Re: (Score:1)
Ignoring the soy boy comment there are a few kinds
0) People who are bored sexually.
1) Couples whose sexlife has died off. Many couples find unlimited access sex results in a slow decline in interest in sex. Partially due to the risk of random rejection when you ask for sex.
2) The chastity belt intensifies physical and emotional arousal- result in highschool like levels of emotional and sexual intensity not available any other way.
3) People with a genuine need to be controlled or to control their partner d
Re:Ok what man in his right mind.... (Score:5, Insightful)
Have we gotten to that far of a level of soy boy in our society?
Clearly we're still judging people by what gets them off, so we haven't gotten far enough yet in society.
Re: (Score:2)
Clearly we're still judging people by what gets them off, so we haven't gotten far enough yet in society.
I don't know that there's anything wrong with judging people by what they choose to do as opposed, for example, judging them by the colour of their skin.
I mean, if we don't judge people by what choices they make then exactly what are we supposed to use as a yardstick to, say, condemn criminals or reward whistleblowers who save lives?
We can certainly discuss what sort of behaviour is acceptable, but the fundamental idea of judging people's actions is not in itself wrong.
Re: (Score:2)
I don't know that there's anything wrong with judging people by what they choose to do as opposed, for example, judging them by the colour of their skin.
Judging people by choices they make in private which don't concern you is not that dissimilar to judging them for the colour of their skin. You're passing judgement not on their affect on you but rather on a property of theirs that has no relevance to society as a whole.
I'm glad you don't judge people by colour, but clearly you have some ways to go yet. As a matter of interest are you also homo- transphobic? I'm just trying to judge you based on where you fall on a long line of pointless intolerance.
Re: (Score:2)
I don't know that there's anything wrong with judging people by what they choose to do as opposed, for example, judging them by the colour of their skin.
Judging people by choices they make in private which don't concern you is not that dissimilar to judging them for the colour of their skin.
My understanding of this was that it wasn't something in private. I don't generally care what consenting adults do to each other in private, although there are still limits connected with protecting people from exploitation even if they have consented to it.
Re: (Score:2)
It's not hard to spot weird.
Re:Just install Windows 10 on it. (Score:5, Funny)
Blue Scrotum Of Death
Re:Just install Windows 10 on it. (Score:5, Funny)
Re: (Score:1)
Makes nukes look tame
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)