crosspostato da: https://mastodon.uno/users/informapirata/statuses/110996237771598641

Il creatore della cintura di castità “intelligente” ha lasciato esposti e-mail, password e posizioni degli utenti

@eticadigitale

Un’azienda che produce un dispositivo di castità che può essere controllato da un partner su Internet ha esposto gli indirizzi e-mail degli utenti, password in chiaro, indirizzi di casa e indirizzi IP e, in alcuni casi, coordinate GPS, a causa di diversi difetti nei suoi server, secondo un ricercatore di sicurezza

Di @lorenzofb su #techcrunch

https://techcrunch.com/2023/09/02/smart-chastity-cage-emails-passwords-location/

  • AutoTL;DRB
    link
    fedilink
    English
    11 year ago

    This is the best summary I could come up with:


    The researcher, who asked to remain anonymous because he wanted to separate his professional life from the kink-related work he does, said he gained access to a database containing records of more than 10,000 users, thanks to two vulnerabilities.

    He also reached out to the company on June 17 alerting them of the issues in an attempt to get them to fix the vulnerabilities and protect their users’ data, according to a screenshot of the email he sent and shared with TechCrunch.

    [REDACTED] has left the site wide open, allowing any script kiddie to grab any and all customer information.

    “Your cock is mine now,” the hacker told one of the victims, according to a researcher who discovered the hacking campaign at the time.

    In 2016, researchers found a bug in a Bluetooth-powered “panty buster,” which allowed anyone to control the sex toy remotely over the internet.

    In 2017, a smart sex toy maker agreed to settle a lawsuit filed by two women who alleged the company spied on them by collecting and recording “highly intimate and sensitive data” of its users.


    The original article contains 702 words, the summary contains 182 words. Saved 74%. I’m a bot and I’m open source!