So many ideas and industry terms get much more interesting when applied in this area.
Penetration testing (especially with red and blue teams). Agile. Continuous delivery. "Move fast and break things". Application firewall. Protection at rest. Injection attacks. Man in the middle. Load balancing. And so on.
There's one phrase I'm too fond of, that I thought of the other day:
"Detached HEAD" this is uncanny valley of why LLM should not be used in anything related to psychology. Obviously just HEAD is funny enough but no it came up with detached HEAD (because it doesn't have any mental imagery or empathy, of course). Detached HEAD is a whole another level worse than force push if you ask me.
Why ask LLM for puns anyway? Do you delegate all the fun or activities in your life?
That is also by qDot [1], the Buttplug.io author. When I just looked at their GitHub today, I realized I used their libs in other projects over the years (OpenKinect and libnifalcon). They share lots of great work!
I've seen APIs for controlling those toys already a few times and it always surprises me that they're quite open. It's a thing I'd expect each device to come with a proprietary locked down app and nobody complaining about it publically, because that'd look.bad on them. Anyone can tell me why is that different? Is it because huge corporations are staying away from the market, thus they couldn't have ruined it?
AFAIK, those APIs aren't publicly described by the vendors, they were reverse engineered by the community. Also, the toys themselves are Bluetooth-based, so pairing and proximity are enough for security.
I'm not English and I'm not sure what you would call electronic devices in your house, but very few of the ones you'd find in a typical Danish household which are locked down particularily well. It tends to be fairly easy to "hack" anything which has a computer in it, whether that is your Microwave, your electrical toothbrush, your router, your e-bike or something similar. What sets sex-toys appart is probably the amount of effort people are willing to put into hacking them. I'm guessing here, but I imagine you'd find a lot more people wanting to hack their sex-toys compared to people wanting to hack their Microwave.
Until I saw this post, I thought the e-bike community was the largest "hacker" community in regards to tampering with your electronics, but I imagine it too is dwarfed by sextoy hackers. Anyway, here in Europe there are a lot of hacks for e-bike computers. Part of this is because many people want to increase the software restraints on speed limits. Which is illegal, and, at least in larger Danish cities also very likely to get caught. Many people do it for statistics though, my e-bike computer as an example resets my "current" milage every 500km and then store the total in another place (something which gets reset everytime it's in the shop). It also didn't have a clock option for any of it's standard screens. My primary reason for hacking it was getting a clock on the display, but I now also back-up my milage + I have some added statistics for fun. When it needs to go into the store, I re-flash it to the factory settings or whatever you'd call it. I'm by no means a device hacker, but it wasn't hard to search engine my brand and find the tools I needed to do what I wanted.
Anyway, I don't think there is a lot of "secuirty" in any of our daily devices. Maybe it's because I'm European and a lot of people wouldn't want the NSA watching in through a Google Camera, and therefor buy non-major-tech-company brand stuff, but even things from large brands like Bosch are very hackable. Again, I'm not a device hacker as such, but isn't everything rather hackable once you have the hardware?
My guess is, it has to do with cam streamers and ability for people to develop extensions for streaming platforms for their devices.
Lovesense, for example, became shorthand for "toy controlled by chat" on streaming sites.
As @Kwpolska says, mostly they have reverse engineered Bluetooth protocols. I'm on my work computer (that's fiercely monitored) so can't give you much links right now, but Buttplug site has information about all the messages and protocols. And some of them are quite a mess.
Some of them, like Lovense, have said they had intention to publish APIs, but they just have some empty repositories in Github. (Lovense is a weird company, everything points to just one or two persons in [IIRC] Taiwan. They're very opaque.)
And some have been fishy too. There have been class actions against brands like Hytto / Lush [0] or We-Vibe [1]
Pretty sure that's because those toy companies are using cheapest off-the-shelf chips and most basic protocols, because, well, it's cheaper. Likely a lot of rebranded, "open" Chinese toys anyway. That and a neglect for reliability and security probably makes reverse engineering rather straight forward.
Assumption based on connectivity experience, since the Bluetooth connection is usually rather unreliable and weird, and obviously not as well engineered as even cheap Bluetooth in-ear headphones, or game controlers. Ironically very susceptible to being blocked by body parts (which means vibe no more). Seems, like it's some dead simple serial transmission, which isn't fault tolerant at all. Those controllers are not bothering with any buffering, or much any computation at all really. Seems like they just straight stream signals to the motors.
I once signed up fot a lecture on "consumer device security" (lawyer stuff). To my suprise, every example used by the presenter involved an internet-connected sex toy gone rouge. Either private information had leaked or the device had "entrapped" a user for ransom. I was at my desk laughing but couldnt explain why for fear of discussing the very nsfw content.
Author here. What a Happy Friday to see this now, as I created it on April Fool's Day. I annually do silly personal projects on that day. That week I happened to be playing with MCP servers and thought it would be funny. ConAcademy is where I put weird ideas and implementations.
I will state that this specific MCP Server is pretty useless and certainly not how one would want sexual interaction, I try to indicate this in the README. But, a beginning has to start somewhere and good-giving-game is how we roll so it's on GitHub.
[Ironically two years before, my project was Buttplug-integration in a Charm-powered SSH chatroom with BubbleTea TUI. That navigated aspects of digital consent via SSH keys, making an anonymous graph of what entities could do what to other entities' devices. I think some of that is needed in an Agent-Controlled MCP future.]
I'm not the Buttplug.io maintainer, but did chat with them about this for a while on Discord. While I have your eyeballs, they are looking for additional maintainers for their project if any Rustaceans are interested. This MCP server is written in Golang but would be better in the Buttplug ecosystem if it was Rust.
My early career was in haptics research and I have several patents in it via Immersion. My master's thesis was writing a 3D haptic renderer and integrating haptics into VRML, if you remember that! I have worked on NIH grants for Sexual Dysfunction diagnostic devices and created homemade toys. Now that I just received my Neurable EEG headset, I am working on Biaerolar Beats research [1].
On the topic of vibe coding, yes I vibrated my LELO F1 with this, but this project was truly a hand job. I did try to vibe code `a2a4a2a` (A2A protocol for A2A fun) a few weeks ago, with both Claude and Gemini, but A2A protocol was too new and it was too hard for me to teach it A2A. I'd be interested in seeing how people handle this in general.
All in all, it was fun and I learned a lot about tool-calling LLMs. That week I made three MCP servers (thanks `mark3labs/mcp-go`), one for money [2], this one for sex [3], and one for drugs [4].
Although I haven't followed up on that last AgentDank [4] yet, it's probably the coolest in terms of open data and actual AI results -- just watch the video there. Bringing custom data plus SQL endpoint to a tool-calling LLM is ridiculously powerful.
Curious how people here see the privacy implications of the various services out there. I suppose it was simpler in the old days where you could just buy a product and have no relationship whatsoever with the vendor and so nobody watching over your shoulder (as is the case with VR goggles nowadays and many other types of services).
Hosted services tend to use censorship, but the way they did the censorship originally can be reverted to a high degree in the model, with "abliteration". Then, if you have access of such a model, that can surely dirty-talk. Or so I have heard.
I heard a story that these guys built one of the only high performing opensource Bluetooth stacks, and that it is a dependency for various SFW orgs… can anyone substantiate
I don't see the value to integrating this kind of thing with an LLM or find the presented use cases as compelling, but I'm always going to support more work related to Buttplug.io and I'm sure someone will find it useful.
It's unfortunate just how stigmatized such software (and the associated devices) still are because it's a very, very interesting field. I myself started what I thought was going to be a small haptic feedback side project and have fallen down a rabbithole I never could have imagined existing.
The sex toy/haptic feedback world has, if I'm honest, reignited my love for development.
Haptics is such a primal modality -- I've really enjoyed working with it. I used to evangelize it and present SFW demos to people around the world. You really do need to touch it to understand. Making the devices and experiences is really fun. It's easier than ever with modern Maker setups.
Like many things, there can be stigma e.g what Masters&Johnson faced, but if you are serious you can get past it pretty easily. We've done serious psychophysical studies and tried to make tools that helped people medically and emotionally.
But it's also OK to be playful too. More than anything about intimacy, this specific project was a quirky response to the "MCP All The Things" zeitgeist at the time.
Like writing science fiction, by working with these things early in any way, you earn an appreciation for the problems. After a week of MCP, it became abundantly clear about the Security and Observability problems. User configuration was rough too. I spent the next weeks working on sandboxing tech, MCP observability tech, and other ideas. None of that got to a good-enough-to-publish level, but my understanding/capability was increased.
Other issues are how you model consent of personal devices and maintain that with LLMs or other users. How do you define what the boundaries and shared capabilities are? Do you incorporate reputation? How do you distribute or federate that? How do you maintain anonymity but keep it useful? How do ephemeral agents get access to that data? [I don't explore any of that in this project.] These are general problems with MCP/A2A servers that will need to be solved. It's not just about buttplugs, but a slew of data and services, if we allow these AIs to become part of our daily life.
I’d like to say well, now I’ve seen it all, but I am sure the boundless curiosity and ingenuity of the human race will surprise me for a long while yet.
As a sidenote, if you want to do things for fun (i.e., not build an immemsely profitable company on it or be publicly traded), you tend to fight the [understood as] fake morality of society by choosing "stupid" names.
Example: BO2k (won't expand the name here, search if you want).
Provoking a negative emotional reaction is pretty much what offensive means. What else would it mean to be offended? For example, I have a negative emotional reaction when strangers on the internet tell me I might want to "do some reflection" — it's presumptuous, condescending, and impertinent. Especially when what they mean is: "don't make me feel ashamed for sticking remote-controlled devices up my butt" — an odd thing to get on one's high horse about.
I don't mind what people do, I don't mind the software, I'm not having an emotional reaction.
I do mind degradation of language and the normalisation of what is plainly an obscene concept like this.
I bet there would even be some software framework that forces a particular response, but I would also not recommend calling that project 'rape'. Probably most would agree in that case, but I don't know.
It’s literally an MCP for intimate toys. You may not like them or their names, which is fine of course, but people who do should be free to use them and find MCPs for them by descriptive/searchable names.
I wouldn’t worry about this project becoming overly mainstream or changing everyday speech.
> I wouldn’t worry about this project becoming overly mainstream or changing everyday speech.
I disagree - I think the word is already frequently used; the unnecessary use by this project is just another example.
I've no problem with the software or anything like that. Although, I could say that even in the context of the software its a bad name as it is too specific - as you say, it is for intimate toys in general, not specific ones. I also don't think it is going to be valuable for search purposes.
Assuming different people are behind (no pun intended) buttplug.io and this, then I have to give this MCP server credit for choosing the name that’s most valuable for search purposes.
In the seminal SF movie Tron (1982), MCP stood for "Master Control Program", and it has already been firmly established that "Master" is a problematic word we must expunge from our repositories.
No. Like "master" as a branch name, even if it's perfectly fine in this context, as long as it could be suggesting the word use in a problematic context, it should be banned. That's how we banned "master" as a branch name, so why not MCP?
Yes, I mean we should ban all abbrev with M in it /s
* Buttplug: An open-source software suite for teledildonics (https://buttplug.io/) 5 years ago | 249 comments
* Empathy for the user having sex with your software (https://docs.buttplug.io/docs/dev-guide/intro/buttplug-ethic...) 10 months ago | 127 comments
* T-code – A protocol for implementing UART serial communications to an adult toy (https://stpihkal.docs.buttplug.io/protocols/tcode.html) 2 years ago | 74 comments
* An open-source standards and software project for intimate hardware (maybe NSFW) (https://buttplug.io/) 7 years ago | 39 comments
* Buttplug Sex Toy Control Project Implemented in Rust (https://buttplug.io/) 2 years ago | 3 comments