back to article Bluetooth 'Panty Buster' 'smart' sex toy fails penetration test

Security researchers have found multiple vulnerabilities in smart sex toys that open up the potential for all sorts of mischief by hackers. The Bluetooth and internet-connected Vibratissimo Panty Buster, and its associated online services, made by German gizmo biz Amor Gummiwaren, are riddled with exploitable privacy flaws, …


  1. Blockchain commentard Silver badge

    "a master's thesis with the goal of reviewing multiple smart sex toys including several teledildonics devices. "

    Good to see dwindling university funds so well spent.

  2. }{amis}{ Silver badge


    Damm what a Buzz kill

  3. Anonymous Coward
    Anonymous Coward

    German sausage with holes in? It could have been wurst.

    1. macjules Silver badge

      German sausage with holes in? It could have been wurst.

      LOL of the month so far!

  4. Alister Silver badge

    Armor Gummiwaren

    What an apt name.

    It's almost a disappointment to learn that Gummiwaren means "rubber goods", it sounds such a great name for an anatomical area.

    1. JLV Silver badge

      Re: Armor Gummiwaren

      Armor Amor

      Rubber Love Goods, not Rubber Armored Goods. Which would be Panzer Gummiwaren. Yes, that sounds very whips and chains and naughty dressups with Kommandant-Uniform.

      I for one wouldn't call their security Armor-ed.

      FFS, these guys have 2 jobs. One is to provide a device that pleasures its users. The second is to mind the users' privacy, at least somewhat - that's the very nature of that business.

      The hard work is #1.

      #2 should be - Do we really really need to include feature XXX? Or will it come back to bite us in the ass, but not in a good way? We Vibe already showed the fail, these morons should have known better by now.

    2. handleoclast Silver badge

      Re: Armor Gummiwaren

      Not to be confused with this.

  5. Anonymous Coward
    Anonymous Coward

    SEC Consult has confirmed with The Reg that the database is not accessible any more.


    SEC Consult alleged the manufacturer had said it was even a "desired property of the sex toy"

    Tinder-over-Bluetooth. Swipe left to ... err...

  6. Simon Harris Silver badge

    The Vibratissimo Panty Buster... and the server backend

    Presumably the latter is for the butt plug version.

    1. Blitheringeejit

      Re: butt plug version

      I thought the whole point of the article was that its backend/butt was anything but plugged...

  7. Paul Hovnanian Silver badge

    Hacker manipulation

    "desired property of the sex toy"

    Really? I can imagine some swingers parties where some anonymous play might be fun. As in "Guess who's pushing my button now." But sitting in the coffee shop at the next table over from some pimply-faced geeks?

    Oh, and pics or it didn't happen.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hacker manipulation

      Who goes to a coffee shop with a dildo up her snatch? If there is anyone would do this you have to assume the purpose is some sort of dogging lite, i.e. a form of anonymous sex without the risk of catching AIDS.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hacker manipulation

        Who doesn't?

  8. Ima Ballsy

    Errrr .....

    Perhaps they forgot the security penetration test.

    Maybe a HOT fix would be in order and a chastity PORT blocker ...

  9. Caltharian

    the press seems abuzz about this

  10. Blank-Reg

    Early 2018 and another potential virgin dataset ripe for penetration. Typical.


  11. hatti


    Loving the headline, jokes write themselves these days.

  12. tony2heads

    This sound made up

    "Panty buster" "Gummiwaren"

    Surely this cannot be real

    Icon -obvious!

  13. Martijn Otto

    Fails penetration test?

    * It's a sex toy

    * It's easily penetrated

    Working as expected!

  14. tiggity Silver badge


    I'm guessing it can be occasionally awkward when people ask you what your thesis is about..

    1. Simon Harris Silver badge

      Re: Thesis

      "A comparative study of pudendal stimulation devices with the aim of establishing secure control and telemetry links"

      Nothing awkward about that... at least until you have to explain it in detail.

    2. Voyna i Mor Silver badge

      Re: Thesis

      You need to get out more and look at the titles of some medical theses. Bottoms and things associated with them sometimes need medical attention, and somebody has to research it.

      1. Simon Harris Silver badge

        Re: Thesis

        I've spent a few years of my life sticking things up mens' willies (robotic prostate surgery projects).

        At one point I was interviewed for a Danish newspaper - when I saw the proofs the only three words I recognised were my name, 'robot' and 'penis'.

        Even got a spot on Tomorrow's World with that project

  15. Phil O'Sophical Silver badge

    Apart from the headline I didn't see any double-entendres in the whole article. I don't know whether to be disappointed, or impressed by your forebearance on a Friday.

    1. Francis Boyle Silver badge

      Did you miss

      the bit about exposing administrative interfaces on the internet? Or do I just have a dirty mind?

  16. Blofeld's Cat

    Careful now ...

    "... the server backend had multiple vulnerabilities ..."

    Ye gods, John - have you never head of a NSFW label?

    1. Anonymous Coward
      Anonymous Coward

      Re: Careful now ...

      I doubt NSFW ever applies at Vulture Central.

    2. Ken 16 Silver badge

      save NSFW for where it matters

      Like a long screw while installing a Cisco switch

  17. Anonymous Coward
    Anonymous Coward

    If you can't do the Tank Tank...

  18. Potemkine! Silver badge

    Congrats to Mr Leyden...

    ... for the title.

    Now, let's talk about the new keyboard you owe me...

    1. Anonymous Coward
      Anonymous Coward

      Re: Congrats to Mr Leyden...

      as in Leyden Hosen ?

    2. Ken 16 Silver badge

      one handed typing?

      No THAT is a disturbing visual!

  19. DNTP

    Openly accessible on the internet

    I dunno, maybe market it to exhibitionists?

  20. macjules Silver badge

    Open to penetration and SQL injection ..

    Non-consensual "tickling" could be carried out either against a nearby Bluetooth-based device or over the internet

    My better half has informed me that she will now be staying a safe distance from our IoT-enabled kitchen, just until proper SQL security has been enabled.

  21. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      It should be a measured choice.

    2. DNTP

      Make sure you are open enough to be inserting this commitment into your schedule. Otherwise you'll be stuck with something that doesn't fit your lifestyle but requires serious intervention to remove.

      Medical Intervention.

    3. Anonymous Coward
      Anonymous Coward

      Before buying a dildo you should think long and hard.

      LMAO, I literally fell out of my chair laughing so hard! You win +1 internet for most deft comment I have seen in a long time!

  22. TonyWilk


    In the interests of Science, I looked up: Vibratissimo Panty Buster, available from Amazon.

    The one Customer Review:

    too good to be true..

    Unless you have android 4.4 or higher, you cannot use it. Also, the vibration was weak and the ability to connect via Bluetooth too which made it too irritating as you had to spend ages trying to make it connect. I wouldn't recommend it..

    Just imagine the situation... "Connect you **** !!!!!!!!"

  23. Craig 2

    "Worse yet, an attacker might be able to remotely turn on the device without the consent of the its owner"

    So this could be prosecuted as sexual assault? Plus of course the other charge of hacking...

    Perversely, a remote attacker could end up with a harsher sentence than a physical assailant.

    It's a crazy, crazy world....

  24. Blitheringeejit

    "a more secure pairing method" ...

    Handcuffs, ropes or shackles?

    Non-consensual tickling icon, obvs...

  25. onefang Silver badge

    I'm wondering how simply turning on a dildo is worse than exposing explicit images? I'm also wondering why a dildo maker has a database of users explicit images? Did it include a hidden camera?

    1. VinceH Silver badge

      That made me do a double take, too, until I followed the link in the article, and found:

      "The mobile apps used to control those devices are not just an ordinary remote. The apps offer multiple features for communication and socializing like search for other users, maintaining a friends list, a video chat, a message board and also a feature to create and share image galleries, where images can be stored and shared with friends in the Vibratissimo social network."

    2. Anonymous Coward
      Anonymous Coward

      is it possible to turn a dildo on?

      1. Fruit and Nutcase Silver badge


        is it possible to turn a dildo on?

        REST API?

        (on Port 69)

      2. 's water music Silver badge

        is it possible to turn a dildo on?

        Meta dildo?

    3. Anonymous Coward
      Anonymous Coward

      I think there will have to be an investigative probe to find that out...

    4. Neil Barnes Silver badge
      Big Brother

      Did it include a hidden camera?

      Oddly enough (very oddly!) I was directed to this page from a large format photography forum: (safeish for work)

      (but the point about a pinhole camera is that you have to hold it still for a long time...)

      1. Bill_Sticker

        Re: Did it include a hidden camera?

        Does that sort of thing need flash?

  26. ExampleOne

    My sex toy has a virus?


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019