Unsecured Bluetooth Penis-Chastity Lock Toy: Bad Idea

Look, folks. Sometimes “just because we can” is not a good enough reason to hook your sex toys to the internet. Sometimes, the old analog ways of doing things are better. Especially if what you’re doing is locking up your penis:

But wait! Wouldn’t if be fun if we didn’t need a key? We could Bluetooth it! And have an app! And then my virtual keyholder could lock or unlock the cock from anywhere in the world! What could possibly go wrong?

What could go wrong, you ask? Here’s your answer: The Qiui internet-connected penis chastity lock. Zack Whittaker at Tech Crunch has the story: Security flaw left ‘smart’ chastity sex toy users at risk of permanent lock-in

This could have been bad.

U.K.-based security firm Pen Test Partners said the flaw in the Qiui Cellmate internet-connected chastity lock, billed as the “world’s first app controlled chastity device,” could have allowed anyone to remotely and permanently lock in the user’s penis.

The Cellmate chastity lock works by allowing a trusted partner to remotely lock and unlock the chamber over Bluetooth using a mobile app. That app communicates with the lock using an API. But that API was left open and without a password, allowing anyone to take complete control of any user’s device.

Because the chamber was designed to lock with a metal ring underneath the user’s penis, the researchers said it may require the intervention of a heavy-duty bolt cutter or an angle grinder to free the user.

I’m no expert on penis cages or lockable male chastity devises, but I gather some users enjoy having other parties in control of when and how they can free their dick long enough to have a satisfying sexual experience.

You might trust your lover with the keys to that experience. But once you connect your cock lock to the internet, suddenly there’s a third party in your triangle of lust and frustration: A basement crew of unresponsive Chinese developers, along with everybody in the world smart enough to hack their weak-ass software. How’s that going to end? Not well!

Qiui chief executive Jake Guo told TechCrunch that a fix would arrive in August, but that deadline came and went. “We are a basement team,” he said…

It’s not known if anyone maliciously exploited the vulnerable API. Several user reviews of the app complained that the app had bugs that would cause the device to stay locked.

Image credits, top to bottom: Kami Tora, Froaden, KD Pierre.

Similar Sex Blogging:

• Where There's A Key, There's A Vuln
• Randy Wang's "Small Packet"
• Draining His Balls Without Letting Him Orgasm
• Hands On Firemen In London
• Cock Under Lock
• True Customer Service: Male Chastity Device Mishap

True Customer Service: Male Chastity Device Mishap

The folks at Eros Boutique have a blog now. Mostly they are flogging their goodies (hmm, sounds like fun) but they do have some funny stories from the sex toy selling biz. Like this one:

This guy calls up, asking if we sell extra keys for the CB3000. (*for those of you unfamiliar with the CB3000, its the cream of the crop in male chastity devices. Pyrex. Padlock. If you’re a guy who wants to lock your cock up, this is the way to go.)

But I digress…
…
So “mike” calls.

Do we sell extra keys.

So Lucy tells him we don’t have any extra keys in stock, but he might want to call the CB3000 people and see what the deal is. “But,” she asks, “doesn’t the CB3000 come with 2 extra keys? What happened to them?”

So Mike says:

“You see, the woman who put this device on me isn’t my wife, and now she’s out of town for a few days, and I just don’t find it funny anymore.”

“Oh.” Lucy says. “Well, sir, that’s what you get for letting a strange woman put something on your penis.”

There’s more – Lucy’s not as heartless as she sounds. But that’s a classic line.