In news that nobody ever wants to hear, researchers found a very serious security flaw in a ‘smart’ chastity sex toy that allowed for the toy to be hacked and overridden, potentially trapping its wearer in there permanently. Absolutely no-fucking-thank you very much.
As per Business Insider, the Qiui Cellmate toy is touted as the world’s first app-controlled chastity device, but security researchers at Pen Test Partners found a huge issue with the device’s app, making it wildly easy to access the app’s interface and potentially controlling the device remotely.
Basically, the researchers found they could access the device’s interface without using a password, which is a hell of a weak spot for something that literally has your balls in a vice.
If you’re blissfully unaware of what a chastity device is, it’s a toy used in the BDSM community that locks a submissive’s penis in a chamber with a clamping metal ring that sits behind the scrotum, or over the vulva entirely, which can only be unlocked by the dominant keyholder. They also go by the name of ‘cock cages’ among other things, and are part of orgasm control and denial play for all genders.
The only different thing about this one is that instead of having a physical key, it’s locked and unlocked remotely via an app, which is apparently vulnerable to being hacked by someone who isn’t the submissive’s trusted partner or partners.
On top of that security flaw, the Cellmate has no known emergency override, and the researchers reported in a blog post that if a user wanted to remove themselves from the device, they would have to use an angle grinder or something similar to cut through the metal ring holding the device in place, or dismantle the entire device to release the clamp.
If that’s not all, the researchers also found that it was very easy to access the smart sex toy app’s API data, which also unlocked personal details and private messages of the device’s users. Which look maybe deep embarrassment is something that works in the BDSM play here so that could be a good or bad thing in the grand scheme of things.
The Pen Test researchers contacted the Qiui Cellmate creators to confirm if this issue was going to be fixed. At the time of writing it’s reported that the issue has been fixed for new users, but not retroactively patched for existing users.
