Sex toy maker Svakom recently launched its new, camera-equipped “Siime Eye,” which — you guessed it — features a camera embedded in the business end. Unfortunately for everyone interested in amateur anatomy exploration footage, the camera requires wifi access in order to show the video it picks up, a feature which has rendered Siime Eye woefully insecure against a hacking attempt.
The toy is essentially a handheld, vibrating endoscope connected to a mobile app. But according to Pen Test Partners (PTP), a group that tests software and devices to determine their levels of security, it could very quickly become a handheld privacy violation if a competent hacker decides they want to infiltrate the system.
After reviewing the toy’s Android app, PTP determined that the camera vibrator failed their “penetration test,” a common kind of security test to find vulnerabilities in a system. Because some of the device’s gateways to the internet are “hard-coded,” PTP writes, Siime Eye is easy to locate when it’s connected to something like a home wifi network. And that’s to say nothing of an open, public connection, the likes of which are found places like hotels or airports (hey, we’re not here to judge).
PTP also found coding parameters in the device that gave them cause to “assume that there’s functionality in the Siime Eye to send emails, change DNS settings, and even add a Skype account” in order to share the intimate video experience with someone who might not be in close physical proximity.
So, with a little bit of work, PTP was able to gain access to the Siime Eye’s video feed. With a little bit more work, they had control of the entire device, and every bit of functionality it has. Feeling violated yet?
In Svakom’s defense, it’s hardly a bad thing for a company to try to find new and innovative ways to share and experience intimacy. But, especially in an era where our online privacy seems to be eroding by the day, security is an important concern. It’s one that people will have to learn to take into their own hands or be able to trust companies to handle on their behalf. Nobody wants an audience they didn’t ask for.
In the case of Siime Eye, we can be thankful for watchdogs like PTP.
Read the PTP report on Siime Eye.