Some devices are better left disconnected from the wonder we call the internet. Case in point: this “smart” chastity sex toy that’s been leaving users’ penises locked up with no method of escape. It’s like something out of a techno-horror film, really.
TechCrunch reports that the Cellmate Chastity cage, which is made by a China-based company called Qiui, has severe security flaws. It connects to a custom app via Bluetooth so a partner can control the Cellmate from their phone. The bad news: it’s controlled by an application programming interface (API) that’s entirely unsecured.
Pen Test Partners, a U.K.-based security firm, (as in penetration testing, not penis testing, but we are nonetheless amused) has been researching the Cellmate’s security issues for months now. The unsecured API means anyone can gain access to the chastity toy without a username or password — it wouldn’t even take very sophisticated hacking.
Hacking potential notwithstanding, the device is so buggy that some users have found their penises locked up for no apparent reason. Maybe we can all agree to stop selling unsecured smart devices that might trap us?
The company’s known about this — To make matters much, much worse, Qiui has known about the security flaw since the beginning of the summer. Pen Test Partners reached out to the company and TechCrunch after discovering the flawed API. At the time, Qiui’s chief executive, Jake Guo, told TechCrunch the fix would arrive by August (which is still much too long to allow hackers into your customers’ sex lives, if you ask us).
But August came and went with no change in the device’s software — as did two other self-imposed deadlines. “When we fix it, it creates more problems,” Guo said in an email, as if that explains anything at all.
Buggy to an extreme — The good news is there haven’t been any reports of this flaw being utilized in the wild. No one’s gone out of their way to lock up someone’s penis just yet.
The bad news: even without its unsecured API, the Cellmate is abhorrently buggy. The Bluetooth-connected app is prone to locking up according to reviews, leaving the wearer with no way to unclasp the device’s locking ring. And, by all appearances, this thing is not easy to take off without brute force.
Oh…oh no — Users have been leaving reviews across a variety of platforms about the problem for months. It doesn’t look like Qiui has made any effort to respond to these reviews, at least not on the public forums they’ve been posted to.
Here’s a sampling of the reviews that reveal just how horrific the Cellmate is (h/t to @samleecole for the collection):
The lesson here is simple: we don’t need to make everything “smart.” And when we do, it needs to actually be smart enough to not trap your penis for an indefinite period.