| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to Lovense's app recording and storing nearby sounds is not the first time vulnerabilities have been discovered in Lovense's software. In December of the previous year, the company had to address various flaws that allowed the exposure of users' email addresses [65304].
(b) The incident involving Lovense's app recording and storing nearby sounds is not an isolated case. Earlier in the year, another internet-connected sex toy manufacturer, Standard Innovation, had to compensate its customers with over £2m after its app was found to be sending data about owners back to the company [65304]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of Lovense's Remote app. The app had a bug that caused handsets to record and store sounds made while its vibrators were in use. This issue was not clear to users, as the company's privacy site stated that they designed their system to record as little information about users as possible. The bug was identified by a Reddit user who found a lengthy recording on their phone, indicating a flaw in the design of the app [65304].
(b) The software failure incident related to the operation phase can be observed in the case of Lovense's app recording and storing sounds without the users' explicit consent. The app was designed to listen to nearby sounds using a smartphone's microphones to trigger certain actions. However, users were not aware that the audio was being stored, leading to a potential privacy breach during the operation of the app. This highlights a failure in the operation of the system, where users were unknowingly subjected to having their sounds recorded and stored while using the app [65304]. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident related to the Lovense sex toy app recording and storing nearby sounds can be categorized as within_system. The issue was caused by a bug within the app that led to the recording and storage of sounds made while the vibrators were in use. The company acknowledged this bug and released a fix to address the problem. The incident was limited to Android devices, and Lovense clarified that no information or data was sent to their servers as a result of this bug [65304]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the Lovense sex toy app was due to a bug that caused handsets to record and store sounds made while the vibrators were in use. This bug was a non-human action, as it was not intentionally introduced by a human but rather a result of a programming error within the app [65304].
(b) On the other hand, the response to the incident, including issuing a fix and updating the app to address the problem, was a human action taken by Lovense in response to the bug being discovered by a Reddit user. Additionally, the company had to tackle various flaws in their software in the past, indicating that human actions in software development and maintenance can also contribute to software failures [65304]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident related to hardware:
- The incident with Lovense's app recording and storing nearby sounds was due to a bug with the app causing handsets to record and store sounds made while the vibrators were in use [Article 65304].
(b) The software failure incident related to software:
- The issue with Lovense's app recording and storing sounds was described as "a minor bug" that was limited to Android devices [Article 65304].
- Lovense acknowledged the bug with its app and issued a fix to address the problem, indicating that the root cause of the failure was in the software itself [Article 65304]. |
| Objective (Malicious/Non-malicious) |
non-malicious |
(a) The software failure incident related to the Lovense sex toy app recording and storing nearby sounds was non-malicious. The incident was caused by a bug in the app that led to the recording and storage of sounds made while the vibrators were in use. The company acknowledged the issue and described it as a "minor bug" that was limited to Android devices. The recorded audio files were not transmitted off the device, and the company issued a fix to address the problem [65304].
(b) The incident did not involve any malicious intent to harm the system. It was primarily a result of a software bug that unintentionally led to the recording and storage of audio files on users' devices. The company responded promptly to the issue, released an update to fix the bug, and assured users that no information or data was sent to their servers. The incident highlighted the risks associated with using internet-connected gadgets but was not a deliberate act to cause harm [65304]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident related to the Lovense sex toy app recording and storing nearby sounds can be attributed to poor decisions made by the company. The incident was caused by a bug in the app that led to the recording and storage of sounds made while the vibrators were in use. The company's app was designed to listen to nearby sounds for triggering purposes but inadvertently stored the audio files without the users' explicit consent. This poor decision to store the audio recordings led to privacy concerns and raised risks for the users of the smart sex toy [65304].
(b) On the other hand, the incident could also be seen as a failure resulting from accidental decisions or unintended consequences. The company claimed that the audio recording issue was a "minor bug" that was limited to Android devices and that no information was sent to their servers. It seems that the recording of the audio files was not the intended behavior of the app but rather an accidental consequence of the bug in the software. The company quickly addressed the issue by releasing an update that deleted the temporary audio files after use, indicating that the storage of the recordings was not intentional [65304]. |
| Capability (Incompetence/Accidental) |
development_incompetence, accidental |
(a) The software failure incident related to development incompetence is evident in the case of Lovense's app bug that caused handsets to record and store sounds made while its vibrators were in use. The issue was discovered by a Reddit user who found a lengthy recording on their phone, indicating a lack of professional competence in ensuring proper data handling and privacy measures [65304].
(b) The software failure incident also demonstrates accidental factors contributing to the failure. Lovense acknowledged the bug as a "minor bug" that was limited to Android devices, indicating that the issue was not intentional but rather an accidental flaw in the software [65304]. |
| Duration |
temporary |
(a) The software failure incident in the article was temporary. The issue was described as "a minor bug" that was limited to Android devices, and the company confirmed that "no information or data is sent to our servers" [65304]. Additionally, the company released an update that addressed the problem by deleting the temporary audio file after exiting the Sound Control feature and performing an additional check and delete each time the app is started to ensure the issue was resolved [65304]. |
| Behaviour |
crash, value, other |
(a) crash: The software failure incident in the article can be categorized as a crash. The Lovense sex toy app had a bug that caused handsets to record and store sounds made while its vibrators were in use. This unintended behavior of recording and storing sounds led to a situation where the system was not performing its intended functions correctly, resulting in a crash scenario [65304].
(b) omission: The incident does not directly relate to a failure due to omission where the system omits to perform its intended functions at an instance(s). The primary issue was the unintended recording and storing of sounds, rather than the system omitting any specific functions [65304].
(c) timing: The incident does not align with a failure due to timing, where the system performs its intended functions correctly but too late or too early. The core issue was the unauthorized recording and storing of sounds, not a timing-related failure [65304].
(d) value: The software failure incident can be associated with a failure due to the system performing its intended functions incorrectly. In this case, the Lovense app was not supposed to record and store sounds made while the vibrators were in use, leading to incorrect behavior of the system [65304].
(e) byzantine: The incident does not exhibit characteristics of a byzantine failure, where the system behaves erroneously with inconsistent responses and interactions. The problem in this case was more straightforward - the app recording and storing sounds without user consent, rather than exhibiting complex and inconsistent behaviors [65304].
(f) other: The other behavior observed in this software failure incident is the unauthorized and unintended recording and storing of sounds made while using the sex toy app. This behavior falls outside the typical categories of failure and highlights a privacy and security concern rather than a traditional software malfunction [65304]. |