The Internet of Dongs remains a security dumpster-fire -- UPDATED

The Internet of Dongs is Brad Haines's term for the world of internet-connected, "teledildonic" sex toys, and Haines, along with Sarah Jamie Lewis, have exhaustively documented all the ways in which internet-connected sex toys can screw you, from leaking private data to physically attacking your junk.

But Lewis and Haines's work remains an obscure curiosity that is mostly followed by information security geeks; and now the do-not-buy advice for these gadgets is going mainstream. Just in time for Valentine's Day, Mozilla updated its Privacy Not Included guide (previously) (a review of tech gadgets' security and privacy practices),to include a suite of "romantic" gifts, from fitness trackers to "smart beds" to sleep trackers to sex toys, that track you, transmit your personal details to distant corporations, and sell, leak, or endanger your private information.

I was pleased to see Lovesense blacklisted by name, given the company's incredible, appalling history of security blunders, including making secret audio recordings of your sex sessions (the company called this a "minor bug").

Not all the products are do-not-buys: there's a kegel exerciser that looks pretty good, but others, like the Lovense Lush 2 get failing grades for "shar[ing] your information with 3rd parties for unexpected reasons"; while the charmingly named Vibratissimo Panty Buster flunks for not using encryption (!).

Update: Internet of Dongs has produced its own supplementary assessments that delve into more nuance on these devices, they make a good case that Mozilla's criteria are too coarse to assess smart sex toys. Read the rest