AT&T Tech Support 360Internet-connected coffee maker has security holes
An Australian man has discovered security vulnerabilities in his Internet-connected coffee maker that could allow a remote attacker to not only take over his Windows XP-based PC but also make his coffee too weak.
Craig Wright, a risk advisory services manager at professional services firm BDO, found several security holes, including a buffer overflow in the Internet Connection software that links his Jura F90 coffee maker to his PC.
This $2,000 Jura F90 coffee maker can be connected to the Internet for remote control of the settings. But it also can open up your PC to remote attacks, a security expert says.
(Credit: Jura)Wright posted the information on the vulnerabilities, and the fact that there is no patch available yet, to the BugTraq security e-mail list on Tuesday.
A U.S.-based public relations representative for the coffee maker said she would try to reach spokespeople in the Switzerland headquarters for comment.
The threat hasn't kept Wright awake at night, although the coffee does, he said in an interview with CNET News.com at 2:30 Wednesday morning Sydney time.
"I don't know if many people would target this particular vulnerability because there probably are not a lot of coffee makers at the moment that are Internet-connected, and in my case it's behind a firewall," he said.
However, Internet-connected appliances are the wave of the future. There is already an Internet-connected refrigerator, at least one prototype of a Web-enabled oven, and pilot tests for dryers and water heaters.
Eventually "you'll be able to turn on your oven with your mobile phone" and a malicious hacker could wind up burning the house down, Wright said.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
In this case it could result in a Java denial of services... (I know bad pun)
Craig
Yeah but the intelligence services love it, they embrace it. The amount of information being collected over the internet by them has reached an all time high, the intelligence services are in their zone with the information collecting capability that's going on.
If the government didn't like everything connected to the internet, there would have been a clamp down long ago, infact the government love the internet and hope everything can be internet connected soon.
GCHQ and NSA will need to build bigger data warehouses to store everything, but thats not a draw back for them its an investment when you start to see the amount of searchable data being collected about everyone and stored on the intelligence services databases that top spies can access from anywhere in the world just like consumers can with Google search, accept the intelligence services searches don't come up with the next train to catch, they come up with the next terrorist to catch instead.
All the best,
n3td3v
ppfffftt... mac filter would cost twice as much as the pc filter for the coffee maker :P