Panic over Lovense App Recording User Sex Sessions Is ‘Uninformed,’ Says InfoSec Expert
Is sensationalism getting the best of sex tech reporting?
It all began on Reddit. A few days ago a user started a thread titled “PSA: Lovense remote control vibrator app recording ‘private’ sessions without express permission.”
In it the person explains how they found a six-minute .3gp file in the app folder. It was an ambient sound recording from the last time they’d used the app to remotely control their partner’s vibrator.
Since they hadn’t been using the in-app voice chat function, the user expressed shock. They then admitted they weren’t “tech savvy enough” to know whether such recordings were sent to Lovense, but assumed they were.
They weren’t, the official Lovense Reddit account soon replied, saying it was a “minor bug” affecting Android only and that “no information or data is sent to [their] servers.”
Lovense said that after using the Sound Control feature, a temporary file was created that didn’t delete itself after finishing a session. The file would overwrite itself with when reopening the Sound Control feature, meaning only the latest recording was saved.
According to Lovense, the Android “software bug” has been fixed. The file now deletes itself after exiting Sound Control. Also, upon restarting the app it performs a check to ensure the temporary audio file is deleted.
So it appears the issue has now been resolved. But perhaps not without causing some unnecessary reputational damage to the sex tech industry. And how serious was it that a temporary ambient sound recording was created in the first place?
Debunking the ‘conspiracy’
Brad Haines is an information security expert who launched the Internet of Dongs (IoD). The white-hat hacker regularly tests remote sex toys and their apps for vulnerabilities and privacy issues.
After a different Reddit user read the original post, they contacted Haines asking him to look into claims levied against Lovense. I recommend that you read Haines’s full blog post “Destroying the Reddit Lovense Remote Vuln Conspiracy,” in which he confirms no recordings were sent to Lovense and offers an analysis of what he thinks happened.
In the post, Haines also explains that the Sounds Control feature records ambient sound as part of its function to control a vibrator’s intensity. “The higher the ambient sounds, the higher the vibration strength,” he wrote. How else would this feature work if not by recording the user’s environment, Haines rightly asked.
Again, check out Haines’s software analysis to understand more about why he says the issue was overblown. However, one comment he made at the beginning of his post resonated with me in particular:
“…something could be the most boring thing on the planet, but the moment it's associated with sex, it's a sensation.”
Yup. Folks get all worked up about topics that are relatively benign when linked to sexual technology. Of course, consumers have the right to ask questions and it’s commendable when they want to actively seek knowledge in order to ensure their privacy.
But what is the media’s role in all of this? In particular, Haines is unimpressed with how The Verge reported on the Lovense app’s software issue, especially since the original Reddit user was upfront about their limited tech knowledge.
“The media picking up the post and reporting it nearly verbatim and bringing up other IoD vulnerabilities proven to be rife with errors and half truths just adds to the problem those of us trying to bring security to the consumers of these devices,” wrote Haines.
It’s hard to have productive conversations when the sensationalism of sex clouds the topic. Similar to how the mainstream media often publishes inaccuracies on the state of sex robots without doing due diligence to verify claims, it seems like teledildonics also isn’t getting the nuanced coverage it deserves.
Haines also brings up both the Reddit user's and The Verge writer's references to the We-Vibe class action lawsuit. He said this case has also not only been overblown, but is likely unfairly coloring people’s perception of sex tech developers.
“The assumption that there was a nefarious or malevolent purpose to the file is an indicator of a great many cognitive fallacies. The assertion that there is a ‘history’ is likely based on the We-vibe case. We've commented on it here before and once you get past the sensational headlines, you realise the lawsuit was a big deal about pretty much nothing.”
What do you think about the former “bug” found in the Lovense Remote app for Android and its coverage by the media? Share your thoughts in the comments section below.
Image source: geralt