Popular Sex Toy Caught Sending Intimate Data To Manufacturer

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should sex toys remain unaffected. Fusion is reporting that the We-Vibe 4 Plus, a popular vibrator sends a range of intimate data to its manufacturer. The sex toy uses a smartphone app, which lets a use control the vibration among other things. From the report: When the device is in use, the We-Vibe 4 Plus uses its internet connectivity to regularly send information back to its manufacturer, Standard Innovations Corporation. It sends the device's temperature every minute, and lets the manufacturer know each time a user changes the device's vibration level. The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes. This was revealed on Friday at hacker conference Defcon in Las Vegas by two security researchers, who wish to be called only by their handles @gOldfisk and @rancidbacon. The two examined the app's code and the information being sent by the device over Bluetooth. In a statement sent by email, Standard Innovation Corporation's president Frank Ferrari confirmed that the company collects this information. [...]

Editing

There are so many grammar and punctuation errors in that summary that it hurts to read it.

Re: Editing

It's hard to type properly with only one hand

Re: Editing

[johnsnails]

Somewhat obligatory. https://i.imgur.com/End1a.jpg

This already happens

[Major+Blud]

" seriously intimate personal information like when you get off, how long it take"

Most Slashdotters already have information like this collected by their ISP ;-)

Re:This already happens

[Jawnn]

" seriously intimate personal information like when you get off, how long it take"

Most Slashdotters already have information like this collected by their ISP ;-)

No mod points today, but +1 Funny, everybody.

Re:This already happens

information like this

Having a list of the pr0n sites you dorks browse is nothing like a time graph of a woman's intimate alone time.

Data is not just data. There is a difference between storing someones email address and storing their private sex tapes. At some point you have to stop putting easy blame on the users and start seriously asking the companies storing this: what the fuck made you think it was OK to store that.

If you were a company selling sex toys to women (inb4 SJW/MRA bullshit), what the fuck are you doing storing this shit. And I know why btw. Because some autistic nerd in development, or beady eyed marketer, mouth breathed that they needed "research dnata" and that they just could. You gave the keys to your companies reputation with its customers so some socially maladjusted coder or psychopathic MBA and they crashed in on a data bender through the information superhighway.

Dear companies. STOP. STORING. DATA. You don't need all this shit.

Re:This already happens

Or, maybe if they saw a common enough trend in the speed/intensity vibrations, they could make some automatic programs that could be run so that women could go through the cycle without having to make manual adjustments, just sit back and enjoy it?

Re:This already happens

Also, if you think something like:

[0:00 to 0:34] Level 1, Speed 4
[0:34 to 1:17] Level 2, Speed 6
[1:17 to 2:01] Level 4, Speed 2
[2:01 to 3:45] Level 6, Speed 7

..is hot, then you're an idiot.

Re:This already happens

[rubycodez]

You're funny, of course the amount of data collection and correlation and selling of that data, is growing. You are in the minority, most people don't care.

Re:This already happens

[HumanWiki]

Also, if you think something like:

[0:00 to 0:34] Level 1, Speed 4
[0:34 to 1:17] Level 2, Speed 6
[1:17 to 2:01] Level 4, Speed 2
[2:01 to 3:45] Level 6, Speed 7

..is hot, then you're an idiot.

Actually, it's you that is the idiot.

Take a pornographic image of any kind and strip it down to the data layer (that means open it in a text editor of choice) and look at all that garbage text.

If you think that "s(:Ú÷Sòoè/$QÓ4dr£'XåÒúZúsUjÏpáåìa±‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÕG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ÊÆÛ]" is hot, then you're an idiot...

It's not the data in the raw that's the issue, but what the data in the raw represents.

Re:This already happens

[ColdWetDog]

what the fuck made you think it was OK to store that.

When you clicked through the EULA, you said they could.

What. can't you read?

Re:This already happens

It's not the data in the raw that's the issue, but what the data in the raw represents.

Imagine if a child used a sex toy like this. All those sensor readings could be considered cp!

Re:This already happens

[omnichad]

If you think that "s(:Ú÷Sòoè/$QÓ4dr£'XåÒúZúsUjÏpáåìa±‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÕG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ÊÆÛ]" is hot, then you're an idiot...

Until you get used to it. All I see now is blonde, brunette, redhead.

Re:This already happens

[neilo_1701D]

what the fuck made you think it was OK to store that.

When you clicked through the EULA, you said they could.

What. can't you read?

Sorry... I didn't stop when I was young and went blind.

Re:This already happens

If you think that "s(:Ú÷Sòoè/$QÓ4dr£'XåÒúZúsUjÏpáåìa±‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÕG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ÊÆÛ]" is hot, then you're an idiot...

Being a "t(:ÛøSøoø/$QÔ4dr£'XåÔúZøsUjÔpáåìa‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÔG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ËÇÜ]" man, I agree 100%

Re:This already happens

[argStyopa]

I've always wondered what the point was of 15+ minute porntube videos.

Re:This already happens

[Aighearach]

The vast majority of people are going to be creeped out because "somebody is watching them" but have basically no emotional response at all to "data is being recorded." If you phrase it as, "personal information being recorded for later playback" then you'll get a rise out of a lot more of them. But you're not going to get comprehension if you say "data connection." Data, that means it is just impersonal numbers, right?

Re: This already happens

[Xenx]

Well, no. The ISP wouldn't normally have access to the VPN logs.

Re:This already happens

[speedplane]

If you think that "s(:Ú÷Sòoè/$QÓ4dr£'XåÒúZúsUjÏpáåìa±‘2à¥n úÜê–¦G÷ájç4Íï`Ý^în&ä\ð}.Fú?x¥P. øòzóæ|w;¥Jt/6VÑTUýõ$mHôÿ ]}uóæ|/3àj½óTá`ümØ{*.?@8ÕG3àiå{üæò(#ÿ ñãWQÄÀ—€|åyð£ÎWÀü+‘\]r{25½öBÆaúvç+Ìø'3à~EX©5—ßÝ(ÊÆÛ]" is hot, then you're an idiot...

Until you get used to it. All I see now is blonde, brunette, redhead.

Dude! You mistook that upper case "I" for a lowercase "l"... that chick has a dong.

Re:This already happens

[LordWabbit2]

"you'll get a rise out of a lot more of them" - yeah, some people are just born exhibitionists.

Re: This already happens

Vibrating Private Network.

Re: This already happens

[Cinnamon+Beige]

The question here is if a EULA actually can include consent to this, or if it's in the region where the consent must be explicit--with no questions whatsoever about if you knowingly agreed or not. Either way, however, this has all the makings of a massive PR disaster...and a good amount of data getting trolled. After all, if the toy can't tell if it's interacting with a human, I could see some owners deliberately trolling the company by getting their laundry (among other things) off...

Re:This already happens

[budgenator]

I know people who would want to record the full sensory, and neuro-chemical responses and then share it on social-media; have you seen how many people brag about their fitbit numbers?

Re:This already happens

[rubycodez]

A person revealing chosen personal things about themselves to the world is fine though. Very different from corporations sharing data and snooping thousands of data events about you and finding things out.

Marketing is a four-letter word

[Scutter]

Is nothing sacred anymore? Are we really nothing more than market research tools and products to be sold to the highest bidder anymore? Look, if you give me something for free, I don't think it's necessarily unreasonable to ask for something in return (provided you disclose that you're collecting that data). But if I'm paying for it, then please just stop. I'm the customer, not the product.

Re:Marketing is a four-letter word

[Opportunist]

The question that I'd raise is whether it is illegal to use the manufacturer's product on him.

Sans lube, of course.

Re:Marketing is a four-letter word

[JustAnotherOldGuy]

Is nothing sacred anymore?

In a word, "no".

I'm the customer, not the product.

In this case, you're both.

Re:Marketing is a four-letter word

[parkinglot777]

Look, if you give me something for free, I don't think it's necessarily unreasonable to ask for something in return (provided you disclose that you're collecting that data). But if I'm paying for it, then please just stop. I'm the customer, not the product.

If the product can be connected to a toy-controlling smart-phone app, which should be owned from the company, then there might be some sort ToS that requires you to click "I Agree" before you can use the app. Most people don't read that kind of thing anyway, so they may agree to let the company collect data. This is typical way of getting consent from consumers without them really know what they are doing.

Re:Marketing is a four-letter word

Are we really nothing more than market research tools and products to be sold to the highest bidder anymore?

No, we're not, and it's our own damn fault. People are flocking to anything that promises them anything in return for their data. Privacy is a non-issue. Even close friends to whom I explained the technology and how it's used against them don't take the slightest precautions. People who should know better practice full on data exhibitionism. This war is lost. Too many old geeks have defected, and the new generation grew up with this stuff, so it's normal to them. Welcome to the Panopticon. Used to be a prison, now it's your home.

Re:Marketing is a four-letter word

[funwithBSD]

Sing with me!

The internet is for porn! The internet is for porn!

Porn porn porn... and Marketing!

Re:Marketing is a four-letter word

[eyenot]

Personally, I feel that if your genitals are this enormous gateway straight into to your soul and that you're always, always and forever vulnerable about your own sexuality to such as extent that it needs to be hidden by default, then the problem's not with society the problem's with you.

Re:Marketing is a four-letter word

[Shadow+IT+Ninja]

Right, this is an item which you pay for. People defending all this invasion of privacy often say that the point is to get things for free. In practice, however, I have found that free things are more likely to respect your privacy. This is especially true of software. Take, for example, Android apps for GPS navigation. Garmin Navigon costs $49 (last I looked) which is expensive for an Android app. It wants access to all kinds of things which don't seem necessary for it's function. They have an excuse for access to the camera. It's to tell you if you are driving in the correct lane. I don't know what their excuse is for needing access to your contacts list. In contrast, the free app, Mapfactor Navigator, only asks for access to the things you would expect and it has a much better privacy policy.

Re:Marketing is a four-letter word

[TangoMargarine]

So you wouldn't mind getting randomly anal probed at any point during your day, right?

Re:Marketing is a four-letter word

[rubycodez]

wrong, even for Slashdot you are the product for its advertisers. You are product. You are chattel. Moooo! Moooo! said the consumer product cow.

Re:Marketing is a four-letter word

[Bing+Tsher+E]

Anal? The GP spoke of genitals.

Did you miss that week of health class in 7th grade?

Re:Marketing is a four-letter word

The contact list has the addresses of your contacts. So if you want the app to navigate to one of your contacts, it needs access to the contact list. That does not mean it should upload the contact list anywhere, or that doing so would be excusable, just that there is actually a good enough reason for a GPS app to want access to the contact list.

Re:Marketing is a four-letter word

[AthanasiusKircher]

Is nothing sacred anymore?

In a word, "no".

It's funny -- when I read about this, my first thought was "This is appalling." But my second thought was, "Gee, is this really that bad compared to the amount of privacy invasion we're faced with almost continuously these days?"

Unless you run a half-dozen browser plug-ins (and few people do), your every move online is likely being tracked by dozens of companies. Unless you're careful to turn off various features on your phone, tablet, etc. your location is likely being tracked by dozens of apps.

In the grand scheme of things, this may be one of the most "private" acts, but it's also potentially one of the least worrying in terms of what companies could do with the data. The common cookies/trackers, apps, etc. that most users have running continuously are frankly much more worrying in terms of how much corporations could invade your life, use the data in nefarious ways, etc.

On the other hand -- it might take something like this to actually get consumers to wake up and realize the dangers of all of the more common tracking going on. Perhaps when some hacker manages to get into the data from these devices and publishes some Congresswoman's vibrator use data, there might finally be a public outcry to have a serious public discussion on privacy issues and tracking without a clear "opt-in".

Re:Marketing is a four-letter word

[JustAnotherOldGuy]

In the grand scheme of things, this may be one of the most "private" acts, but it's also potentially one of the least worrying in terms of what companies could do with the data.

Agreed. There might (potentially) be some embarrassment involved but beyond that I don't see any genuinely serious consequences.

-

Perhaps when some hacker manages to get into the data from these devices and publishes some Congresswoman's vibrator use data, there might finally be a public outcry to have a serious public discussion on privacy issues and tracking without a clear "opt-in".

Even that won't do it. The thing is that by and large, no one seems to care much anymore. A lot of people have gradually become accustomed to the idea that everyone's privacy has been eroded, and almost no one appears to give a damn (with the exception of a few privacy-watchdog groups).

People have become accustomed to sharing every bloody thing on Facebook and Pinterest and Linkedin and Instagram and Twitter, etc etc etc...so to many of them it's just not a big deal if someone were to find out they use a vibrator or whatever.

Online tracking pales in comparison to stuff like the automated license plate readers that popping up everywhere and the FBI planes that circle American cities 24 hours a day recording everything that moves and indiscriminately sucking up cellphone traffic. You can turn a phone off or use a burner phone, but you can't turn off or obfuscate your license plate.

Hell, even your TV has a microphone in it now, and who the hell knows when it's on or off, or whether or not it can be remotely activated. It's already been shown that your cellphone can be used as a remote listening device by the government.

I think that meaningful privacy has been eclipsed by technology, and I don't see the trend reversing anytime soon. George Orwell is probably spinning in his grave like a centrifuge.

Re:Marketing is a four-letter word

[TangoMargarine]

You've never heard of anal sex? Guess you missed that part of health class.

Re:Marketing is a four-letter word

[ewibble]

Have you actually read any of these terms and condition most of them that they can be changed, even mortgage agreement that effect the biggest asset that most people have, have such clauses.

Part of contract law states you must have a "meeting of minds", how can this be the case if it contains a clause saying on party can change the conditions at their will. And it is not Ok to say well you can just stop using the service if you don't like it. You have invest time and effort in that product, you will not be compensated for transferring to another one.

Re:Marketing is a four-letter word

[poofmeisterp]

Anal? The GP spoke of genitals.

Did you miss that week of health class in 7th grade?

That week of health class in 7th was spent at home.. with the uh "flu". Yeah.

Re:Marketing is a four-letter word

[idontgno]

Welcome to the Panopticon. Used to be a prison, now it's your home.

And now I have a new signature. Thanks.

Re: Marketing is a four-letter word

[TangoMargarine]

And your point is...?

Re:Marketing is a four-letter word

[Aighearach]

My first thought was, for a lot of people this is a feature because future models will be better at getting them off.

But if you read Dan Savage, you might be skeptical that it will help their sex lives.

If they disclose it, I don't see why it is a problem. I wouldn't want to use it, but a lot of people would. Especially if they offer free software upgrades for people who share their data.

The general case is scarier to me. My banking data or my political activities seem more in need of protection than masturbation details. The only people in the world who care about this data are people who sell devices to aid the activity. Whereas with my banking data, it is not only people who sell banking services that might want to steal it!

Re:Marketing is a four-letter word

[azcoyote]

Is nothing sacred anymore? ...

Of course not. If sex is not sacred anymore, then why would the data concerning it be? Sex itself is sold as a commodity. The sex toy reduces a sacred act to a mere technological-biological process of particular temperatures and intensity settings. There is nothing meaningful in it. So it makes sense that this essentially meaningless but useful data would be collected for further marketing purposes. The essential value of that data, just like human bodies in general today, will be determined by its marketability.

The underlying issue here, then, is not a mere privacy issue. It is the bigger issue of the meaning of the human body. Unless we can see the body as sacred, then nothing else in the world can remain sacred before the press of market pressures.

Re:Marketing is a four-letter word

[Aighearach]

People without ad blockers are product. People with ad blockers are content providers. It isn't just one basket of people. Millions of normals come here to find out what the nerds have to say.

Re:Marketing is a four-letter word

[MooseTick]

"Is nothing sacred anymore?"

When werethe metrics around the use of a vibrator ever sacred?

Re:Marketing is a four-letter word

[thegarbz]

Are we really nothing more than market research tools and products to be sold to the highest bidder anymore?

Who said anything about data being sold? If this data creates a better vibrator with a more explosive orgasm then sign me up, happy to share all the details.

Re:Marketing is a four-letter word

[thegarbz]

Yes typical "it has access to information so it must be bad" mindset. Man how did we ever survive when we used computers with software that didn't run in a sandbox and had permissions for everything ... but I digress.

I find the paid apps have far more features, as such those features request more information. Sensor data? For more accurate dead reckoning when you lose GPS. Contact list? So it can pull up your stored addresses in your phone, ... you know something that would be pretty damn useful in a GPS app. SMS? Yeah they must be reading my private messages, nothing to do with the emergency feature that lets you send your location to a recipient (from your contact list) with a push of a button.
Worth noting also is that this is a German company which falls under some of the strictest user privacy laws in the world.

Anyway back on topic: Sex toys. Why would a manufacturer need information about such sex toys, to sell for marketing? Yeah right. More like improve the product, ensure it can't overheat in unanticipated ... loads, identify the best vibration pattern to bring the most people to orgasm instead of the dumb arse pattern cycling of typical toys. If sharing this makes the bedroom even more fun when the next version comes out then hell sign me up!

It seems of late the people who complain most about data collection are also the same ones who complain that companies don't understand what customers want.

Re:Marketing is a four-letter word

[_merlin]

Camera access isn't for driving, it's for the walking "reality scanner" feature. It shows labels for places of interest, street names, etc.

Re:Marketing is a four-letter word

[Barny]

Right, and so long as they are not storing any identifying information with the data, there really is no problem with it. You could have an opt-in to add extra data, unpopulated by default, but on the whole, if it is just telemetry, there shouldn't be a problem.

Oh, and a little poking at the guys who found it reveals this: https://twitter.com/0x0i5/stat...

So basically, there is not an ounce of data in there that can point to a particular user, it is completely anonymous. Storm in a fucking teacup...

Re:Marketing is a four-letter word

[Barny]

Right, and as I linked elsewhere, it is completely anonymous. Better orgasms for everyone!

https://twitter.com/0x0i5/stat...

Re:Marketing is a four-letter word

[PyroMosh]

Actually, no. It doesn't work like that at all.

In most places, there are basically two types of written contracts that the law recognizes:

Negotiated - What you're thinking about, where you and another party have the ability to negotiate, haggle, and come to a consensus.

Contracts of Adhesion - This includes ELUAs, the contract between you and your electric company, etc. These *are* non-negotiable, take-it-or-leave-it contracts.

Seems unfair, doesn't it? There is a bright side.

Contracts of Adhesion are generally held to a higher standard than Negotiable contracts. If there's ambiguous wording, or a typo, or whatever, it doesn't matter, the courts take that literally, and the company or entity that wrote the contract is held responsible.

Basically, if in doubt with a Contract of Adhesion, the law will side with the party that had no choice. I'm simplifying things here, but that's the general spirit of the difference.

We use these contracts every day. No major provider of services would be able to do business without them. Public utilities, airlines, software vendors, schools, telcos, ISPs all use these types of contracts.

Dell is not going to negotiate with you on the terms of their wifi driver. Verizon isn't going to negotiate their TOU. Those things just aren't going to happen, despite how your mind extrapolated that "all contracts are the same!" when you learned about negotiated contracts.

But I *do* like how you spouted off like you knew exactly what you were talking about, despite not knowing very basic things about contract law. Well done.

Re:Marketing is a four-letter word

[eyenot]

People who live without fear don't worry what other people think about them.

That's what "social justice warriors", the American liberal left, and the like don't begin to comprehend or understand: that they are only speaking on behalf of severely damaged and malicious members of society; meanwhile, plenty of minorities have gone on to become very successful, non-racist members of a society that they don't see as racist; plenty of gay people have gone on to become very successful, homosexual members of a society that they don't see as homophobic; plenty of people who don't fit whatever norm you hold true -- the details of which you think is more important than the details of the lives of everybody you claim to support -- and those people don't miss a minute of sleep because of it, aren't suffering one shred of anxiety over any perceivable discrimination, aren't held down by any over-arching power, and don't sweat the differences between men and women and black and white and you name it, because those people are "over it".

"Woke" is great. "Woke" is some shit, alright? Go ahead, be "woke" all you want. I'm glad you ain't sleepin', because there's some real world shit out there that unless you're "woke", you won't get.

But go ahead and tell me "woke" is all there is to life when you know damn well you can't always remember your own phone number or how to cook toast right when you just woke up.

"Woke" is great and all but unless you're *COMPLETE*, there's no satisfaction for you. "Woke", you're still just trying to piece together some dream you just think you had. Unless you're one steely mother fucker, if you just "woke" you aren't up for very much meet and greet, try and true, or any else that matter.

So all these "SJW" sorts and the rest of liberal politics are just barking up the tree of reactionary sorts who come down to their level. The people who engage in this don't even deserve to be sorted as "left" and "right" -- they're just reactionary consumers, plain and simple. Their politics are consumer products and they can't act because they're too busy reacting.

Now, given this perspective (which you basically have to agree with or look like a fucking tool, admit it,) what was that you said to/about me, again? "Tool"? "Sanctimonius"?

If Freud wasn't post-modern history's most absurdist spermbank I'd borrow from his porn mag and throw a little pin-up of "PROJECTIONIST!" your way, because obvious you sound more than a little bit jealous. Of what, I have no clue. You never know what people declare vals in, these days!

Re:Marketing is a four-letter word

[strikethree]

The only people in the world who care about this data are people who sell devices to aid the activity. Whereas with my banking data, it is not only people who sell banking services that might want to steal it!

Try running for office and your "masturbation" details will be released. Oops.

For myself, I would not care if you used a vibrator or not but there are hundreds of thousands of mouth-breathers out there who do care.

Re:Marketing is a four-letter word

[david_thornley]

People who are likely to be harmed, maybe killed, for what other people think of them tend not to live without fear. The rest of your post seems to get specific about how things are in your fantasy world, and I'm not really interested.

Re:Marketing is a four-letter word

[budgenator]

Try running for office and your "masturbation" details will be released. Oops.

For myself, I would not care if you used a vibrator or not but there are hundreds of thousands of mouth-breathers out there who do care.

I remember Bill Clinton telling GM UAW members about banging Bimbos in the back of his El Camino and getting rug burns on his knees from the astro-turf in the bed. He still got elected POTUS, got impeached over lying about banging Bimbos in the Oval Office, but he still got elected!

Re:Marketing is a four-letter word

[Aighearach]

Try running for office and your "masturbation" details will be released. Oops.

This isn't the 1950s, or even the `80s. The entire scandal would be if you were overly embarrassed by it. As long as you laugh about it or make a joke about your libido, then you pass that test.

If that's the sort of thing you have to worry about people finding, you're as squeaky clean as the most saintly politicians.

Re:Marketing is a four-letter word

[rubycodez]

even with ad blocker I see icons and links to social media swill.

Moooo! Moooooo! we're all cows! Moooo said the herd of social media cows!

Looks like the seller wants what the buyer wants

[unixisc]

Intimate stuff - be it data or other things that the customer had in mind when buying it. So that they can de-automate this and replace toys w/ people in the long run

Asking for a friend

[swb]

Do they have the smartphone-enabled model that lets you control the vibration functionality from a *remote* smartphone, so you can further bridge the phone sex gap?

I'm asking for a friend.

Re:Asking for a friend

[Razed+By+TV]

You would be talking about OhMiBod. See also the website chaturbate (sex cam chat, often coupled with the OhMiBod vibrator.)

Re:Asking for a friend

[OverlordQ]

They? Not sure, do they exist? Yeah.

Pentesting

Brings a whole new meaning to pentesting doesn't it?

"more transparency for our customers."

[sehlat]

Which way is the transparency?

To the customer, by making it plain Big Brother is watching their orgasms?

To the company, as in "OK. Delilah in Kansas City likes Echo Mode at 5.7Hz. Why don't we start offering pre-customized models which have all the user's preferences pre-programmed? For a fee, of course."

when you get off and stuff

"The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes."

sure, then they sell your data to your health insurance company, employers, the goverment so they all know about your sexual activities and perceived health. takes longer than a few minutes for you to get off? that will earn you an interesting chat with your manager the next moring.

"Steve, we've noticed you recently have been sexually quite active. We are pleased it works out for you. However we're really concerned about the decline in your performance, sexually. I look at my statistics sheet here, and it says you usually took just 1.5 minutes, which is very good. It releases stress but it doesn't impact your productivity that much. So that's a good thing. However, for almost 2 weeks now, we see that it takes you 5, sometimes 10 minutes to get off. I have to tell you, we don't like this development. You have to look into this. If you can't improve it, we will ban you from any sexual activities in the future and treat you with a stress relexant. Am I clear?"

brave new world

Re:when you get off and stuff

[poofmeisterp]

"The company could easily figure out some seriously intimate personal information like when you get off, how long it takes, and with what combinations of vibes."

sure, then they sell your data to your health insurance company, employers, the goverment so they all know about your sexual activities and perceived health. takes longer than a few minutes for you to get off? that will earn you an interesting chat with your manager the next moring.

"Steve, we've noticed you recently have been sexually quite active. We are pleased it works out for you. However we're really concerned about the decline in your performance, sexually. I look at my statistics sheet here, and it says you usually took just 1.5 minutes, which is very good. It releases stress but it doesn't impact your productivity that much. So that's a good thing. However, for almost 2 weeks now, we see that it takes you 5, sometimes 10 minutes to get off. I have to tell you, we don't like this development. You have to look into this. If you can't improve it, we will ban you from any sexual activities in the future and treat you with a stress relexant. Am I clear?"

brave new world

Oh, my, the data selling opportunities. Here, DrugCo, is data on 530 users worldwide that aren't doin' it as long as they used to. And Pr0nico Industries, here's data on 530 users worldwide who like to switch modes while using a dildo.

Okay, I'm gonna stop here.

You joke but..

If you can get over the fact it's about sex, it's actually a pretty good collection of metrics to collect when you're looking to get the best performance out of your product.

They'll take that data and use it to improve future products to better get you off /with science/

Also could provide pretty good data for legit scientific study - It can be hard to get funding to study taboo subjects.

Of course, this all needs to be clearly stated in a privacy policy and data should be anonymized.. That's the real fuck-up here.

Re:You joke but..

I used to dismiss the "rape culture" allegations, but clearly a lot of people seem to not understand the concept of consent.

Re:You joke but..

[Bruinwar]

Never joke about marketing. Anonymized data will somehow become non-anonymized once they see money being left on the table.

Re:You joke but..

[rsborg]

They'll take that data and use it to improve^Wmake more profit oriented future products to better get you off /with science/

FTFY

When they know what gets you off, you will be paying them more for it.

Re:You joke but..

[thegarbz]

Yeah because i'll pay big money to know the pattern of vibrations that brings Buinwar to orgasm.

That's my fetish.

Re:You joke but..

[david_thornley]

Anonymizing data turns out to be more difficult than it seems. Individual people can often be tracked down even without what is usually considered personally identifying information.

This just in

[Opportunist]

Sex toy makers are dicks.

EDITORS

[JustAnotherOldGuy]

Hire some.

That summary is so poorly written that it borders on editorial malpractice.

Re:EDITORS

[TheGratefulNet]

give the editors a break. they had to type this summary with only 1 hand!

Re:EDITORS

[JustAnotherOldGuy]

A corrected summary, free of charge. Hire me, slashdot, for the love of language!

"In a world where thermostats and smart locks can be hacked and where companies covertly record information, why should we expect sex toys be any different? Fusion is reporting that a popular vibrator, the We-Vibe 4 Plus, sends a variety of intimate data back to its manufacturer. The sex toy uses a smartphone app which lets users control the vibration as well as other functions."

Re:EDITORS

[utahjazz]

In a world where thermostats, and smart locks can be hacked, and companies covertly record information, why should you want to be hired. Slashdot is reporting that being an editor, a popular job, sends a range of intimate data to its manufacturer. The web site, which lets a use comment among other things.

Re:EDITORS

[Xyrus]

give the editors a break. they had to type this summary with only 1 hand!

They could do better. Why? Because I know something you don't know.

They are not left handed.

Yes they do

[SuperKendall]

Not sure if it's this one, but the device I read about is connected to the women's smartphone, but it also linked to a "partners" phone so they can activate it at will.

The good news is...

[StandardCell]

...this security issue will affect very few /.ers...

Not understanding the issue

[Morgon]

Okay, so they capture completely non-personally-identifiable information... so?

They log how often the user changes vibration settings. This seems like clear product improvement data. Remove lesser-used settings and utilize the information on how frequently the settings are changed to create an auto-program that mimics that alternation.
They capture the temperature. This seems like possible safety data, if nothing else.

If it activated the microphone to record the ambient "noise", you'd have a clear case of 'catching' someone sending data. Does it send the phone's device ID? I didn't see it in the summary. So I'm genuinely not seeing what's inherently wrong with wanting to understand how products are used and could improve, especially in the burgeoning sexual-health industry.

Re:Not understanding the issue

[gurps_npc]

The real problem with your philosophy is that so much of that information is secretly personably identifiable.

It is like the extra data a browser gives - things like versions, addons, etc. There is enough variability that you can determine the exact person.

It may not be good enough in a court of law, but it is good enough for a private investigator.

Re:Not understanding the issue

[jenningsthecat]

Does it send the phone's device ID? I didn't see it in the summary.

The article also doesn't even mention the topic of personally identifiable information. That fact alone speaks volumes about the question, given that TFA quotes a rather lengthy statement from the company president, who didn't once take the opportunity to say that the device doesn't collect personally identifiable data.

So I'm genuinely not seeing what's inherently wrong with wanting to understand how products are used and could improve, especially in the burgeoning sexual-health industry.

Please note that "wanting to understand how products are used and could improve" is neither the ethical nor the logical equivalent of collecting private, intimate, real-time data without anywhere informing the purchaser that this is happening. Also, even if the data collected isn't personally identifiable now, it could become so later, and there are plenty of precedents for this.

Another note: when the president of the company says "our policy does disclose that we may collect data", that refers to their website policy; it IS NOT disclosed when the app is downloaded, according to TFA.

Do you see now "what's inherently wrong" with this picture?

Re:Not understanding the issue

[AmiMoJo]

Non-personally identifying data rarely is non-personally identifying. Also, they failed to mention it in their privacy policy, which means they probably broke the law in many EU countries where it is mandatory when data is collected this way.

It's okay if they ask and have an opt-in button, but just doing it on the sly is underhanded and wrong.

Re:Not understanding the issue

>Okay, so they capture completely non-personally-identifiable information... so?

Is nothing sacred to you? So non-personal info gets sent but it relates to personal (very personal) moments. Moments where users would prefer to be 'left alone'. Will the desire of companies to 'customize everything' in order to 'take care of us better than we can ourselves' really get some play in the world of personal moments? Next in: toilets note our wiping techniques in order to better offer us robotic wipers in the future. But hey, our usernames & other PII is not transmitted so we will CERTAINLY be ok with the snooping, and not feel self-conscious, nervous, intruded upon, or anything like that during one of mankinds' most historical private moments... where we really need to feel relaxed.

* companies should get a study group like any other researcher, and not rely on spying metrics. I'm certain there will be volunteers for this. *
You must be a real joy at parties. No, really! A developer's statistical, spreadsheet, and algorithmic party for sure! Regular human relationship & fun parties with actual ladies... probably not so much.

Re:Not understanding the issue

[omnichad]

it IS NOT disclosed when the app is downloaded, according to TFA.

By that point, you've already bought the item. It's a little late to change your purchase decision.

Re:Not understanding the issue

[Morgon]

Right now, somewhere in this world, someone is masturbating. There's no way in hell anyone could argue that I've just violated their privacy.

So again, if this is not transmitting any personally identifiable information, there's no betrayal of trust.

Re:Not understanding the issue

[Morgon]

You raise a fair point - it would have definitely behooved them to explicitly say that no PII is being transmitted. However, the researchers apparently cracked this communication, so I would expect them to have found and loudly reported such.

I don't necessarily agree with the rest of your comment, at least at this time. Tinfoil hats are just too uncomfortable for me to wear continuously. If such time it does happen, I'll proactively retract my opposition.

To be clear:
Collecting personally identifiable is certainly wrong without explicit opt-in. There's no indication that this is happening.
Collecting anonymous data is not bad, but I would concede that an opt-out should be made available.

Re:Not understanding the issue

[Morgon]

Right now, somewhere in this world, someone is masturbating. As you read this, someone else just increasedtheir device to vibrate a little faster.
I don't think anyone can argue that I've violated anyone's privacy by stating that. That's the equivalent of what this discovery, as written, entails.

Maybe I'm not as overly-conservative (bordering on prudish, if I may say so) as you. If I bought a toilet or seat that monitored how often [the user] took a dump, really I don't care. Frankly, in that particular instance, I wouldn't even care if they knew it was my account/username that was taking said dump. Pooping is not a shameful act. So maybe that wasn't the best analogy on your part.

I would argue that study groups are MORE personally-identifiable and intrusive than this method of data collection. Sure, people are 'signing up' for it, but you know who the testers are, and they know they're being tested - possible data skew.

I'm not saying that the company shouldn't adjust how they do this (others brought up proper disclaimers, and I think an opt-out button would be good), but again, I find it extremely difficult to justify the word "caught" in this instance. If no PII is sent, I truly do not see the issue. Sex is not embarrassing.

Re:Not understanding the issue

[joe_frisch]

There are often ways to de-anonymize information. Does it send device serial numbers? Are those recorded from online purchases? Does it send any location data (cell etc). Unless great care was taken to ensure that the data doesn't contain anything identifiable, it safer to assume that it does.

Once you have the personal data, the risks from knowing what the person was watching when using the toy are significant. It is not by itself damning, but it can be one of a set of data that can paint a picture of someone's activities. Sometimes that picture is just embarassing. Sometimes it could be used in divorce cases. Some poor people may match to potential criminal behavior.

Re:Not understanding the issue

[Morgon]

I rescinded above - apparently from a screenshot of the REST endpoint, it does incorporate the username of the person, which makes this a lot worse than if it were truly anonymous datapoints.

Re:Not understanding the issue

[thegarbz]

The real problem with your philosophy is that so much of that information is secretly personably identifiable.

Conjecture. There's no supporting evidence that enough unique information is recorded to identify individuals. Quite the opposite of a browser which leaks about as much info about you as it can.

Re:Not understanding the issue

[thegarbz]

Please note that "wanting to understand how products are used and could improve" is neither the ethical

Errr yeah it is and products have been doing this since the dawn of time. The best companies are those who pay attention to their customers in this way and always have been.

Re:Not understanding the issue

[Nethemas+the+Great]

Are you going to be concerned when I tell you that Wal-Mart et al. are collection points of toilet paper purchases matched to your payment card? That Walgreens knows you just bought an anti-diarrhea medication and your prescription for Viagra has two more refills left after your July purchase?

Re:Not understanding the issue

[gurps_npc]

Read this article:

http://teachingprivacy.org/the...

Re:Not understanding the issue

[david_thornley]

Of course it's conjecture, unless the company tells us exactly what it does with the data. Are you happy with a company having extremely intimate information about you as long as you don't positively know it can be misused?

Better orgasms through mathmatics.

[Dutchmaan]

On the upside, it could be used to create a custom profile on what REALLY gets the person off. I imagine a vibrator that "learns" would be a welcome asset to a lot of women out there.

Re:Better orgasms through mathmatics.

[Megane]

Now all they need to do is combine it with the technology from Clippy the Paperclip.

It looks like you're trying to get an orgasm. Would you like some help with that?

Re:Better orgasms through mathmatics.

[k6mfw]

Reminds me and other old timers the Doral cigarette TV commercials, and did the standup comedians have a field day with that one (though at the time I was quite young and didn't get it until later years).

Frank FERRARI.

Heh?! Max speed?

Wait for it...

[CaptainOfSpray]

Newsreader: in the latest IT scandal, Standard Initrode Corp has admitted that its Autobanger sex toys have been remotely hijacked by a variant of the Stuxnet virus. The effect of the hijacking is to cause the device to repeatedly apply the user's favorite settings, until the user becomes unresponsive. Last week's revelations by Federal investigators that a number of unexplained deaths among Congressmen and -women were caused by unexpected heart attacks may be related.

Re:Wait for it...

[rubycodez]

or the remote just stops working

https://www.youtube.com/watch?...

Re:Looks like the seller wants what the buyer want

[Wootery]

...what?

NP; they are now a new name

[WindBourne]

Standard Innovation Corporation's or SIC will become Data Innovation Corporation or DIC.

The insider threat is real

[Hitechwizard]

Just another example of how the insider threat results in data exfiltration.

Need to upgrade my virus protection

[paiute]

Great - now I have to worry about man-in-the-middle attacks in the bedroom too?

Okay ...

[fahrbot-bot]

(a) This is the creepiest thing I've read all week.
(b) When can I control the smartphone from the vibrator?

Re:Okay ...

[phorm]

Still waiting for the facebook status update plugin...

Just the tip of the iceberg..

[nanospook]

As the ravenous Internet of All things pounded her joyfully, the unspeakable happens.. the tip flips open to reveal an undisclosed hidden cam! Somewhere Kim Jong is chortling!

Runs on Bluetooth?

[gachunt]

Hmmm, now I know the true reason for Google wanting to do this:

Chrome Is Nearly Ready To Talk To Your Bluetooth Devices [Aug. 9, 2016]

Re: Looks like the seller wants what the buyer wan

[unixisc]

It meant that they'd at some point replace the vibrators w/ actual live human beings. People replacing toys, as opposed to toys replacing people

I stand corrected

[Morgon]

Nevermind, I take back what I said - the article itself didn't specifically address the PII aspect, according to this Tweet/Image, you can infer the REST endpoint does include the username.

While I again don't personally care too much if it were me, and also while I think usernames are a weak form of PII, I do understand how storing it per account can be disconcerting and definitely hope this discovery will help change the company's policies.

This is FANTASTIC!

[theshowmecanuck]

Technology to help reduce medical costs. They can add a feature so that people don't need to spend thousands on colonoscopies! Brilliant!

Re:"Smart" Device = Spy In The Cab

[Swave+An+deBwoner]

How long before people wake up and simply say stick all this so called "smart" technology where the su don;t shine ?

I think you maybe misunderstand exactly what this device is used for?

Re: Hackers...

That is a big number. I am gonna be impressed.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:OH HOW INTERESTING, NOT FBI IT'S DILDOS SPYING

[eyenot]

[cue: old man *shaking fist at sky*; (screaming:) "god damn dildo spies!".]

[error: at 12; return 3.]

I don't care what kind of anal ytics this collects

[iamacat]

Just that the product is secure. I just don't want to be compromised through a backdoor by some Russian hackers.

A smartphone app, seriously?

[ls671]

"The sex toy uses a smartphone app, "

Seriously? Might as well build the sex toy right in the smart phone then. Maybe the smart phone is the ancestor of the XQJ-37 Pan-Sexual Roto-Plooker envisioned here after all:

http://wiki.killuglyradio.com/...
http://wiki.killuglyradio.com/...

Back on topic: In 2016, I prefer sex toys to be wired anyways. Less chances they will replicate and take control of the world this way.

SCIENCE!

[rpresser]

I for one welcome our new sex toy overlords.

Seriously though. If they had only gotten consent, this'd be some seriously publishable data.

old but timely...

[Ian-K]

A woman calls into a sex shop:
Woman (in always a trembling / stuttering voice): is it your shoooop that sellllls this brand neeeeew electrooonic vibraaaaator?
Salesman: Yes ma'm, that's us.
W: which is 12 innnches llll-ong...?
S: that's right...
W: all leeeeeaather...?
S: yes ma'm...
W: and the new, eeeextra sssstrong viiibraaaaation...?
S: yes, that's us, ma'm...
W: wellllll then, pleeeeeeeease, tell me how to turn it offffff...

Now, it would be a fun (?) hack if someone hacked into it and controlled the vibration remotely. Revenge of the ex boyfriend, anyone?

ahahah

[fubarrr]

Teledildonics MITM?

No "In soviet russia" jokes?

[ebvwfbw]

Seems like it writes itself.

In Soviet Russia the dildo uses you!