Parent company says no data was sent to its servers

Nov 13, 2017 12:10 GMT  ·  By

Hong Kong-based sex toy company Lovense received some bad publicity the past weekend after someone on reddit accused the company of secretly recording users’ lovemaking sessions with the mobile app allowing for remote controlling of its vibrators.

Basically, reddit user /u/tydoctor claimed he came across a .3gp file stored on his device that was “a full audio recording 6 minutes long of the last time I had used the app to control my SO’s remote control vibrator.” This way, the user claimed, Lovesense secretly created audio recordings of the sex sessions, obviously making people believe that the company was actually spying on people.

And since spying is quite a hot topic these days, it’s ten times worse when it involves anything related to sex, so the discussion rapidly made the rounds, with more than 200 users chiming in and debating how and why Lovsense creates the audio recording.

Only that Lovsense officials themselves joined the thread as well, explaining that it was all just a bug and the recording in question is created in order to allow for the Sound Control feature. The company clearly stated that “no information or data is sent to our servers and the cache file currently remains on your phone instead of deleting itself once your session is finished.”

Patch already released

The said behavior was only reported in the Android app, without any audio recording created and stored on iPhones. Lovesense has already updated the app to make the file automatically deleted after the Sound Control feature is stopped.

And because for some people it could be more difficult to trust a company given the intimate nature of the claims, security researcher Brad Haines has decided to analyze the app’s code to determine whether recordings are indeed sent to the company’s servers or not.

“After disassembling the APK with various decompilers, the source was searched extensively and nowhere is that file accessed by any process that sends it anywhere,” he says, adding that the recording was indeed created to enable a sound-control feature.

Users running the app are obviously recommended to install the latest version of the app and next time think twice before giving microphone and camera access to an app they can’t fully trust.