
Vibratissimo Panty Buster
Review date: 11/01/2018
If you're looking for a connected sex toy that doesn't do much to protect your privacy and security, this is the one. This vibrator is designed to be worn in the panties against the skin and can be used at home, or discreetly in public. The app lets you or your partner hundreds of miles away operate the vibrator through a smartphone. The privacy and security problems with this device are many and well documented. The device allows for remote access without consent. The connection to the device from the app is via insecure Bluetooth, which can allow hackers to take control of the device if they are in range. This product seems to be made only for those who enjoy the thrill of potentially having their smart sex toy hacked.
What could happen if something goes wrong
Mozilla did an independent security review of this product to confirm documented security problems. In our audit, security researchers found lots of critical vulnerabilities, including the ability to impersonate other users and remotely control the device. This means someone could simply pick your boyfriend's name and then pretend to be him while controlling the device remotely. According to our security audit, It's also fairly easy to hack into and control the device remotely. You can read our independent security review linked in the updates section below.
Privacy
Can it snoop on me?
Camera
Device: No
App: Yes
Microphone
Device: No
App: Yes
Tracks Location
Device: No
App: Yes
What is required to sign up?
Can’t Determine
Phone
Can’t Determine
Third party account
Can’t Determine
What data does it collect?
Personal
Biometric
Social
How does it use this data?
How can you control your data?
What is the company’s known track record for protecting users’ data?
Can this product be used offline?
User friendly privacy information?
Links to privacy information
Security
Does this product meet our Minimum Security Standards?
Encryption
Strong password
Allows for remote access without consent. Partners send each other links to connect, but the links are easily guessable by anyone. For local access, it fails to authenticate.