Gadgetory

All Cool Mind-blowing Gadgets You Love in One Place

  1. Gadgetory
  2. CNET
  3. A smart tea kettle could show the boiling point of bad IoT security

A smart tea kettle could show the boiling point of bad IoT security

2017-09-20
it turns out having an insecure smart teakettle can land you in some pretty hot water we decided to take a look at the i' kettle from Smarter an internet of things connected device where you can boil water from an app on your phone IOT devices have become increasingly notorious for how easy they are to hack and we brought in Jason heart from gemalto security to give us a demonstration it turns out there's a lot worse things that could happen than somebody boiling your water without your permission so what happens if a smart tea kettle gets hacked so there's actually two problems here the first one is actually the attacker taking control of you smart tea kettle but also using the kettle itself to gain access to your home Wi-Fi which you spent you know a lot of money and time and effort securing your home Wi-Fi network so no matter how secure you make your home Wi-Fi network it doesn't matter if it's encrypted or if your password is 16 characters long if this smart tea kettle or any insecure Internet of Things devices is connected to it it can be easily hacked as Jason demonstrated but first some tea we're just sending remote commands to the kettle in this case the kettle has six or seven different commands the temperature on or off that's it so what command did you just send to have it boil we just sent at which is the command to say you know at ready for this in this particular coding language + hello kettle equals 0 1 2 switch the kettle on as you can see Jason was able to send a command from his laptop to the smart kettle after busting through the stupid simple password 6 zeros it's particularly bad considering that you can't change the password on this smart kettle but what's worse is that once a hacker like Jason is in your kettle he's got the rest of your house - and someone can just come along remotely extract that private Wi-Fi key and then use it against the network itself you know this is basic stuff once an attacker has your home Wi-Fi network the hacker pretty much has access to everything your home network is as strong as your weakest link even if that low boiling point comes from a tea kettle you
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.