A small sex toy with big problems

[harlan4096]

Werner Schober is a researcher at SEC Consult and a student at the Austrian University of Applied Sciences. In his fifth year, he faced a problem many of us are quite familiar with: He had to choose a thesis topic.

He began by making a tag cloud with words from topics selected by his course mates. All of the standard IT buzzwords were there: bitcoin, GDPR, cloud, etc. But for some reason, there was no Internet of Things (IoT), a hot topic these days. It was a no-brainer, especially with Werner’s work at SEC Consult giving him a fair bit of pentest experience (i.e., hacking devices and networks and finding vulnerabilities in them) that could be applied in his research.

However, the IoT is a very broad concept, covering just about everything from traffic lights and heart pacemakers to smart teapots. The focus had to be narrowed. But the critical infrastructure side of the IoT — such as the aforementioned traffic lights and pacemakers — had already been researched to death. As for the smart home with its brainy kettles and light bulbs, that too had been covered in depth — with no really critical vulnerabilities to speak of. So what if your smart lawnmower’s been DDoSed? Just cut the grass yourself for one day.

Werner opted for a IoT subcategory that hadn’t been widely researched (although studies do exist, since hackers love the forbidden) and where vulnerabilities can lead to real consequences: smart sex toys.

Werner tested three devices: two Chinese and one German. Guess which contained more vulnerabilities? Spoiler alert: It was the latter. And how! The vulnerabilities turned out to be so critical and so numerous that Werner abandoned the Chinese devices altogether and devoted his entire thesis to the German one. He reported his findings at the 35th Chaos Communication Congress (35C3).

Full reading: https://www.kaspersky.com/blog/35c3-inse...toy/25357/