After he had paired with the butt plug, he was able to make it vibrate on command. Using this tool in tandem with the Lovense phone app, Mellini said he was able to remotely pair with the butt plug without any sort of authentication, password, or PIN. So why would anyone put BLE on a device then? Per Margaritelli's blog post, "If you wanna build and sell some IoT-smart-whatever crap, and you wanna do it quickly because your competitor is about to go on the market with the same shit, you take Bluetooth, you strip it from the very few close-to-decent things it has and voilá," you have a BLE-enabled device. Still, it has found wide use in Internet of Things (IoT) devices because it drains less battery to use.Īs Margaritelli wrote about the scanner used in the butt plug hack, "BLE is a cheap and very insecure version of Bluetooth, in which you have no channel hopping and no built in protocol security." This means it's relatively easy to execute a man-in-the-middle attack, in which a hacker would trick the butt plug into thinking it's talking to the user's phone and to capture information packets being sent between the devices (aka sniffing). Bluetooth is considered to not be the most secure way to send information wirelessly, but its low energy version is even more vulnerable to attacks. ![]() ![]() Read More: The Internet of Dildos is Watching YouĪs detailed by Mellini in his blog post, he was able to hack the butt plug using a Bluetooth Low Energy (BLE) scanner developed by Simone Margaritelli and freely available on Github.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |