Qiui Cellmate

Warning: *privacy not included with this product

Qiui Cellmate

Qiui $169
Bluetooth

Review date: 02/07/2021

Love hurts. That's the slogan on the website for the Cellmate chastity cage. The Bluetooth connected Cellmate comes in a long and a short version and touts smoother edges to reduce chafing, a waterproof design, and a built-in timer lock that users can't unlock for the duration. Qiui has also added a way for users to let anyone, anywhere in the world unlock the device over the internet with a digital key. Groovy. Too bad this connected chastity cage keeps popping up in the news because it is easy to hack, letting bad guys lock your chastity cage and charge a ransom to remove it. It does clearly say on the website, "QIUI believes that a true chastity experience is one that does not allow the wearer to have any control over," so maybe that's part of the fun?

What could happen if something goes wrong

Uhm...well, the obvious worst thing that could happen (because it already did) is this chastity cage gets hacked and your bits and pieces get trapped by a bad person looking to blackmail you for a whole bunch of money to get them untrapped. That sounds pretty awful. Do we really need to say more? We will say more. There's also a terribly translated privacy policy lacking a lot of detail only found within the app, so we're not real certain we know what data they are collecting on your chastity cage habits or how they use this data. We'd say stay away from this particular toy, unless the risk of a hacker hacking your chastity cage and trapping your bits and pieces is your thing. Then by all means, go for it!

Privacy

Can it snoop on me?

Camera

Device: No

App: Yes

Microphone

Device: No

App: Yes

Tracks Location

Device: No

App: Yes

What is required to sign up?

What data does it collect?

How does it use this data?

Qiui claims that it does not provide or sell data to third-parties without permission. The privacy policy states that the app obtains personal user data from business partners but it is not clear what it is referring to.

How can you control your data?

It is unclear if or how users can delete their data.

What is the company’s known track record for protecting users’ data?

Bad

Hackers hijacked the Cellmate and demanded a ransom from at least one user in October, 2020, exploiting a known vulnerability Qiui had not fixed. This is very bad.

Can this product be used offline?

Yes

User friendly privacy information?

No

The privacy policy is only available through the app and accessing it isn't user-friendly. It is translated from Chinese to English and not always clear. It is lacking a lot of detail.

Links to privacy information

  • Privacy policy only availble within the Qiui app

Security

Does this product meet our Minimum Security Standards?

No

Encryption

Can’t determine

Strong password

No

We were able to log into the app with the weak password "123456".

Security updates

Yes

Manages vulnerabilities

Yes

Privacy policy

Yes

Their privacy policy is only available through the app once you have download it and it is a very poorly written privacy policy.

Artificial Intelligence

Does the product use AI?

No

Company contact info

Phone Number

No

Live Chat

No

Twitter

No

Updates

We Spoke to a Guy Who Got His Dick Locked in a Cage by a Hacker
Vice
Sam Summers was sitting at home with his penis wrapped in an internet-connected chastity cage when he got a weird message on the app that connects to the device. Someone told him they had taken control and they wanted around $1,000 in Bitcoin to give control back to Summers.
The Dick Jail Is 'Safe' Again, but Use at Your Own Risk
Gizmodo
Last October, security researchers warned that the Qiui Cellmate Chastity Cage had a serious security flaw that could allow hackers to turn a chastity device into a dick jail. Now, the device’s European distributors are saying the problem’s been fixed and your dicks are safe.
‘Your Cock Is Mine Now:’ Hacker Locks Internet-Connected Chastity Cage, Demands Ransom
Vice
A hacker took control of people's internet-connected chastity cages and demanded a ransom to be paid in Bitcoin to unlock it.
Security flaw in male chastity device could leave your pickle in a pickle
Sex Tech Guide
Smart chastity cage, Cellmate by Qiui, was recently found to have some pretty unfortunate security flaws. The device is designed to lock a person’s penis inside it via the companion mobile app, with the idea that the wearer gives control to someone else. However, the flaws mean that anyone could lock all the devices remotely, preventing users from releasing themselves. We imagine that would be quite an alarming experience, and one that may very well require an angle grinder to fix.
Internet-enabled male chastity cage can be remotely locked by hackers
The Verge
A security flaw in an internet-enabled male chastity device allows hackers to remotely control the gadget and permanently lock in wearers, researchers disclosed today.
Smart male chastity lock cock-up
Pen Test Partners
TL;DR Smart Bluetooth male chastity lock, designed for user to give remote control to a trusted 3rd party using mobile app/API. Multiple API flaws meant anyone could remotely lock all devices and prevent users from releasing themselves. Removal then requires an angle grinder or similar, used in close proximity to delicate and sensitive areas. Precise user location data also leaked by API, including personal information and private chats. Vendor initially responsive, then missed three remediation deadlines they set themselves over a 6 month period.

Related products