Adventures In Smart Buttplug Penetration (testing)

Presented at DEF CON 27 (2019), Aug. 11, 2019, 10 a.m. (45 minutes)

Analysts believe there are currently on the order of 10 billions Internet of Things (IoT) devices out in the wild. Sometimes, these devices find their way up people's butts: as it turns out, cheap and low-power radio-connected chips aren't just great for home automation - they're also changing the way we interact with sex toys. In this talk, we'll dive into the world of teledildonics and see how connected buttplugs' security holds up against a vaguely motivated attacker, finding and exploiting vulnerabilities at every level of the stack, ultimately allowing us to compromise these toys and the devices they connect to.

Presenters:

• smea
  smea got his start making video games for closed consoles like the Nintendo DS using whatever hacks were available at the time. At some point consoles started getting actual security features and he transitioned from just making homebrew software to actually making the jailbreaks that let people run it. He's best known for his work on the Nintendo 3DS and Wii U but has also done exploitation work against high profile web browsers and virtualization stacks. Now he hacks buttplugs, apparently. Twitter: @smealum Github: https://github.com/smealum

Links:

• https://defcon.org/html/defcon-27/dc-27-speakers.html#smea
• https://infocon.org/cons/DEF CON/DEF CON 27/DEF CON 27 video and slides/DEF CON 27 - smea - Adventures In Smart Buttplug Penetration testing.mp4
• https://infocon.org/cons/DEF CON/DEF CON 27/DEF CON 27 video and slides/DEF CON 27 - smea - Adventures In Smart Buttplug Penetration testing.srt (subtitles)
• https://www.youtube.com/watch?v=RnxcPeemHSc

Similar Presentations:

• Hackfest 2016 / Hacking the Internet of Dongs
• BSides Austin 2016 / Protecting your toys - Attempts at securing the IoT
• ToorCon San Diego 17 (2015) / The Consumerization of Home Insecurity