This incident also made Summers reconsider using internet-connected devices, especially those that go around his most private parts.

One would think.
posted by Joan Rivers of Babylon at 12:26 PM on January 29, 2021 [11 favorites]

Oh God, don't try to free yourself with bolt cutters. Go to a doctor, and don't be embarrassed, they've seen weirder.
posted by biogeo at 12:28 PM on January 29, 2021 [10 favorites]

I don't even trust a phone app with access to my email, let alone access to my penis.
posted by madajb at 12:36 PM on January 29, 2021 [1 favorite]

Y'all don't get it, see, the vulnerability to malware is part of the kink.
posted by phooky at 12:38 PM on January 29, 2021 [11 favorites]

Y'all don't get it, see, the vulnerability to malware is part of the kink.

Except that it's not, as the interview illustrated - the victim felt rather violated by the attack.
posted by NoxAeternum at 12:42 PM on January 29, 2021 [8 favorites]

This is one of those unfortunate sagas that makes for a funny headline but is absolutely awful.
posted by Going To Maine at 12:43 PM on January 29, 2021 [13 favorites]

I'm trying to wrap my head around someone who, after nearly a decade of people saying, "This 'Internet of Things' is crazy! I don't want all my appliances to be vulnerable to hackers!", thought, "OK, but what if I could lock my junk into it?"
posted by The Tensor at 12:47 PM on January 29, 2021 [9 favorites]

There’s no one answer to that. If you read the interview, it appears that Summers hadn’t considered that it would happen. Presumably he (and his partner) hadn’t been exposed to that decade of people saying that that the Internet of Things is crazy. I suspect that they are like most people, really.

Also, the internet of things is everywhere now, and it’s growing - is an average person going to really draw a fine line between the powerful computer in their phone and the computers in their light bulbs? Ubiquity (or perceived ubiquity) is leading to false confidence.

What we really need is a good mass cultural event, like a remake of Maximum Overdrive but with North Korea taking control of the world’s cars.
posted by Going To Maine at 1:18 PM on January 29, 2021 [6 favorites]

(tm, tm, tm, copyright me)
posted by Going To Maine at 1:18 PM on January 29, 2021 [3 favorites]

honestly I would pay at least $500 for someone to ransom my chastity cage for $1000
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 2:14 PM on January 29, 2021 [1 favorite]

What we really need is a good mass cultural event, like a remake of Maximum Overdrive but with North Korea taking control of the world’s cars.

No thanks, I'm still trying to get over the remake of The Manchurian Candidate with Biff from Back to the Future being elected President.
posted by The Tensor at 2:16 PM on January 29, 2021 [22 favorites]

I'm trying to wrap my head around someone who, after nearly a decade of people saying, "This 'Internet of Things' is crazy! I don't want all my appliances to be vulnerable to hackers!"

The thing is, most people have not been around a lot of that.

Most people don't read tech news. Most people aren't aware of the security vulnerabilities in internet-connected devices. Maybe they've heard a story or two in the last decade, but it's not exactly something that they're thinking about when they buy one of these devices.

They think, "Cool, I can control my fridge with an app!" or "I don't really need an app, but whatever."

If you're on Metafilter, you are probably much more tech savvy than your average consumer.
posted by Kutsuwamushi at 2:16 PM on January 29, 2021 [13 favorites]

I'm glad it ended without permanent damage to the individual - and I can see how anyone would freak out if part of their body is trapped and inaccessible and how that would be emotionally scarring. I remember freaking out when I couldn't get a ring off my finger one day - like full blown panic attack.

That said if someone mistakenly sent these devices to all the Proud Boy members, so they can fulfill the Proud Boy pledge not to err...pleasure themselves. Then stood back to watch the chaos. I broadly be ok with that.
posted by inflatablekiwi at 2:29 PM on January 29, 2021 [5 favorites]

much more tech savvy

“tech savvy” is becoming a hard to interpret phrase as technology gets more complicated - notably, it’s possible to be extremely “tech fluent” -know how to use fancy UIs, be all up on different apps, etc.- without actually being savvy enough to be afraid that someone could own you on the internet of things. I wouldn’t necessarily consider myself particularly “tech fluent” -never used TikTok, no idea how, still bad at boolean searches, marginal google skills, etc.- but I do know that the IoT is a dangerous and weird place.
posted by Going To Maine at 2:40 PM on January 29, 2021 [7 favorites]

I think that MetaFilter users are probably above average regardless of which definition you use.
posted by Kutsuwamushi at 3:23 PM on January 29, 2021 [2 favorites]

It's the new Internet math: bitcoin + findom = roflcopter
posted by They sucked his brains out! at 3:24 PM on January 29, 2021 [8 favorites]

This has got me thinking. I'm really not up to speed with IoT vulnerabilities. Can somone point me to a good summary?
posted by lovelyzoo at 4:27 PM on January 29, 2021 [1 favorite]

I wish there was a site that curated decent internet of shit alternatives.

I don't need a chastity cage but it would be cool if I could buy a pretty color-changing lightbulb without basically inviting other people to read my email.
posted by evidenceofabsence at 4:34 PM on January 29, 2021 [13 favorites]

It was an insensitive joke, and I apologize for that. It doesn't really feel like a joke, though. Tensor is right: we are decades into this problem. It's been a front-page, top-of-the-hour news story for years. To use a current analogy: this isn't March, when people could walk around thinking that washing their hands was enough; this is more like December, where if you're not wearing a mask you're either aggressively ignoring advice or are listening to sources that are actively lying to you.

A decade and change ago, when my company was first talking about adding network support for our 3d printers, we spent a few days discussing what the worst-case scenario could be if someone hacked your printer. They could waste filament or ruin a print, sure. You could come home to find that someone had printed a giant dong on your machine, which would suck but wasn't the end of the world. But what if someone could light your house on fire? So we hacked up a version of the firmware that disabled all the safety features, turned on the heating elements in various ways, and actively tried to ignite itself, and it was only when we figured out that it couldn't that we discussed ways to implement the feature.

IoT devices aren't necessarily going to be hacked, but it's always a possibility. The question to ask shouldn't be "is this unhackable", it's "what's the worst thing that's going to happen to me if it gets hacked". If the answer is "my lightbulbs go out", that's not too bad. If you have photosensitive epilepsy, "a channer may use my lightbulbs to give me a seizure" might be a real concern. Having access to an always-on microphone in your home? You'll have to make your own decision about whether that's enough of a danger to unplug Alexa. "My partner and I will lose access to my genitalia" is something you really need to think about.
posted by phooky at 4:55 PM on January 29, 2021 [10 favorites]

Metafilter: probably above average regardless of which definition you use
posted by Big Al 8000 at 5:10 PM on January 29, 2021 [2 favorites]

Metafilter, where the mods are strong, the posts are good looking, and all the users are above average.
posted by cmfletcher at 5:20 PM on January 29, 2021 [14 favorites]

Yeah I'll just stick with letting my wife hold the keys to my holy trainer.
posted by signsofrain at 5:25 PM on January 29, 2021 [1 favorite]

"Nonetheless, he was able to break the cage, but the cutters still cut through him, he said. "

THROUGH him? I mean the cutters still cut him, I get, but the cutters still cut THROUGH him seems like should have asked a clarifying followup question. Through the cage, or through the penis? Cuz, that's just very very different.
posted by stevil at 5:38 PM on January 29, 2021 [1 favorite]

I am reminded of this blog post by Metafilter's own Charlie Stross, which begins "I'm trying to work out how I'd go about explaining this news item from WOWinsider to someone thirty years ago, in 1977, and it is making my head hurt because there are too many prior assumptions nested recursively inside it to unpack easily."

I am also reminded that he has written that the problem with writing near-future SF is that reality keeps overtaking his imagination.
posted by adamrice at 5:39 PM on January 29, 2021 [3 favorites]

I once made a primitive robotic butt plug that would inflate and deflate to varying degrees at random without the user's consent. (Why? If you have to ask, you'll have little use for the answer.)

I thought about selling an internet-enabled version, but I could just imagine 4chan brigading some poor sap's butt plug and releasing the transcript of the 911 call.

(And me rightly getting napalmed by his/her ambulance-chasing lawyers.)
posted by klanawa at 8:36 PM on January 29, 2021 [2 favorites]

If the answer is "my lightbulbs go out", that's not too bad.

Thing is, it rarely is. So yes, that's the worst direct, physical thing that can happen, sure. But your lightbulbs could also be used as a platform to get a toehold inside your private network, or a platform to exploit a vulnerability in whatever proprietary wireless protocol, allowing all manner shenanigans with anything else on your network to be that much easier. And you will have other stuff on the network, or you're not buying IoT stuff because you couldn't control it.

When you do your banking on your computer or phone, and your browser stores your passwords and credit card details, the lightbulbs themselves aren't really the thing you need to be worried about (though yes, something that can physically hurt you as well is even worse).
posted by Dysk at 8:56 PM on January 29, 2021 [8 favorites]

so wait. there was no physical key backup? in the kink, the other person could still hold it, but why not have one in case of, i dunno, an internet outage? power outage?
posted by wibari at 10:51 PM on January 29, 2021 [1 favorite]

so wait. there was no physical key backup?

Putting your trust in a team of anonymous Russian military cyber hackers who run a side hustle for hard currency is the ultimate kink.
posted by They sucked his brains out! at 11:11 PM on January 29, 2021 [2 favorites]

Thankfully, my light bulbs are neither directly Internet-connected nor fully dependent on a cloud service to work since they can be controlled directly from devices on the local network. And if my network somehow fails, they make perfectly good dumb light bulbs by flipping the light switch a couple of times.

It seems like local control would be a bare minimum feature for something that locks up your junk, but what the hell do I know?
posted by wierdo at 4:05 AM on January 30, 2021

I think the issue is more that people have been able to use bulbs as an entry point into local networks.

(On preview: what Dysk said.)
posted by evidenceofabsence at 8:45 AM on January 30, 2021 [1 favorite]

To be honest, if there's someone within a few dozen meters of my house trying to hack my network, I likely have bigger problems than them hacking the zigbee on my light bulbs. (Because it's far more likely I've attracted the attention of a three letter agency than a random neighbourhood hacker)

For starters, have you disabled WPS on your router? It's been vulnerable to easy brute-force attacks for a decade, and that allows easy direct access to your internal network. Better not be using bluetooth either. Are your credit cards and passport in a RFID proof wallet?

Businesses have been forced to move away from the 'hard on the outside, soft in the middle' model of security for a while now due to Bring Your Own Device - i.e. random personal kit without IT oversight turning up and being plugged in wherever, complete with whatever ransomware/russian spybot horrors are lurking on it.

*Everything* needs to be secure in its own right, and not trust anything else, because you cannot trust your perimeter firewall alone to be enough. So yes, that means your (crap security) IoT devices shouldn't be sharing a network with stuff you care about, but that also means each phone and laptop should be receiving regular security updates and be hardened against malicious attacks too, and any service with data about you should have 2FA for starters. Do you trust everyone that's holding that data, and all the people that work for them too?

It's really, really hard in this world to actually do anything if you were as paranoid as you probably should be given the amount of vulnerabilities out there; you just have to protect yourself as best you can, and avoid the biggest pitfalls while balancing actually being able to live your life online.

For the record, I would probably include putting my junk in an internet-only unlockable cage as a bit too much of a risk, but we all got to pick our own comfort level I guess!
posted by Absolutely No You-Know-What at 12:38 PM on January 30, 2021 [2 favorites]

The Internet of Thing
posted by hypnogogue at 8:51 PM on January 30, 2021 [2 favorites]

I wondered house many people draw a distinction between the internet of things and Bluetooth.
posted by Going To Maine at 9:54 PM on January 30, 2021

Also read this via Slashdot yesterday. Seemed a bit too loose/good to be true, i.e. a guy interviewed over the phone said this widely-predicted terrible thing eventually totally happened to him and he maybe showed some proofs of BTC transfers from one account to another account. Everyone clapped and then Ralph J. Earnalist clocked out
posted by I'm always feeling, Blue at 10:01 PM on January 30, 2021

Which isn't to say that I don't want it to be true, obvs!
posted by I'm always feeling, Blue at 10:02 PM on January 30, 2021

To be honest, if there's someone within a few dozen meters of my house trying to hack my network, I likely have bigger problems than them hacking the zigbee on my light bulbs. (Because it's far more likely I've attracted the attention of a three letter agency than a random neighbourhood hacker)

Unless some vulnerability in zigbee has just been released and some neighbourhood kid decides to do a spot of wardriving...

There's not much point worrying about three letter agencies for most people. If they're after you, there likely isn't much you can do anyway.
posted by Dysk at 10:39 PM on January 30, 2021

4chan brigading some poor sap's butt plug

So nearly a Chuck Tingle title
posted by Jon Mitchell at 1:22 AM on January 31, 2021 [3 favorites]

The ones I make the kids wear have explosive bolts.
posted by Mr. Yuck at 3:17 PM on January 31, 2021