A smart tea kettle could show the boiling point of bad IoT security
[MUSIC]
It turns out having an intecur smart tea kettle can land you in some pretty hot water.
We decided to take a look at the ikettle from smarter, an internet of things connected device where you can boil water from an app on your phone.
IOT devices have become increasingly notorious for how easy they are to hack And we brought in Jason Hart from Gemalto Security to give us a demonstration.
It turns out there's a lot worse things that could happen than somebody boiling your water without your permission.
So what happens if a smart tea kettle gets hacked?
So there's actually two problems here.
The first one is actually the attacker taking control of your smart tea kettle.
The rules say using the kettle itself to gain access to your home wi-fi which you spent a lot of money and time and effort securing your home wi-fi network.
So no matter how secure you make your home wi-fi network it doesn't matter if it's encrypted or if your password is sixteen characters long
If this smart tea kettle or any insecure Internet of Things devices is connected to it, it can be easily hacked, as Jason demonstrated.
But first some tea.
We're just sending remote commands to the tea kettle.
In this case the kettle has six or seven different commands, the temperature, on and off, that's it.
So what command did you just send to have it boil?
We just sent AT, which is the command to say
I'm ready for this, in this particular coding language plus, hello kettle equals 0, 1 and so switch the catalog.
As you can see, Jason was able to send a command from his laptop to the smart kettle after busting through the stupid simple password, six zero's.
It's particularly bad considering that you can't change the password on this smart kettle.
But what's worse is that once a hacker like Jason is in your kettle, he's got the rest of your house too.
And someone can just come along remotely, extract that private wi-fi key and then use it against the network itself.
You know this is basic stuff.
Secondly, you know the way that the communication happening between the device.
The kettle and the app itself is clear text.
Once an attacker has your home WiFi network, the hacker pretty much has access to everything.
Your home network is as strong as your weakest link even if that low boiling point comes from a tea kettle.
I Tried Three Fitness Apps to Help My Postpartum Recovery
Up Next
I Tried Three Fitness Apps to Help My Postpartum Recovery
Samsung Galaxy S24 Ultra: Ultimate Good Lock Tips and Tricks
Samsung Galaxy S24 Ultra: Ultimate Good Lock Tips and Tricks
Did a Week With the Apple Watch Make Me Use My iPhone Less?
Did a Week With the Apple Watch Make Me Use My iPhone Less?
How Google Tests the Cameras in Its Pixel Phones
How Google Tests the Cameras in Its Pixel Phones
Boston Dynamics Retires Its HD Atlas Robot
Boston Dynamics Retires Its HD Atlas Robot
What's the Future of Phones? Expert vs. AI
What's the Future of Phones? Expert vs. AI
I Touched Disney's HoloTile Floor: Behind the Scenes at Imagineering
I Touched Disney's HoloTile Floor: Behind the Scenes at Imagineering
Can I Live With a Nokia Flip Phone in 2024?
Can I Live With a Nokia Flip Phone in 2024?
How Google Captures 3D Images for Immersive View
How Google Captures 3D Images for Immersive View
How to Get the Best Answers From an AI Chatbot
How to Get the Best Answers From an AI Chatbot
Tech Shows
The Apple Core
The Apple Core
Alphabet City
Alphabet City
CNET Top 5
CNET Top 5
The Daily Charge
The Daily Charge
What the Future
What the Future
Tech Today
Tech Today
Cooley On Cars
Cooley On Cars
Carfection
Carfection
The Apple Core
The Apple Core
Alphabet City
Alphabet City
CNET Top 5
CNET Top 5
The Daily Charge
The Daily Charge
What the Future
What the Future
Tech Today
Tech Today
Cooley On Cars
Cooley On Cars
Carfection
Carfection
Latest News
Everything Announced at Microsoft Build 2024
Everything Announced at Microsoft Build 2024
Sonos Ace Headphones Get Set to Take on the AirPods Max (First Look)
Sonos Ace Headphones Get Set to Take on the AirPods Max (First Look)
Microsoft Announces First Surface Copilot Plus PCs Powered by Qualcomm
Microsoft Announces First Surface Copilot Plus PCs Powered by Qualcomm
Everything Announced at Microsoft's Surface Copilot Plus PC Event
Everything Announced at Microsoft's Surface Copilot Plus PC Event
Android 15: See New Features in Action
Android 15: See New Features in Action
If Apple Makes Siri Like ChatGPT or Gemini, I'm Done
If Apple Makes Siri Like ChatGPT or Gemini, I'm Done
Bose SoundLink Max Review: How Does It Compare to the Cheaper SoundLink Flex?
Bose SoundLink Max Review: How Does It Compare to the Cheaper SoundLink Flex?
Hands-On With Huawei's Pura 70 Ultra
Hands-On With Huawei's Pura 70 Ultra
I Tried Three Fitness Apps to Help My Postpartum Recovery
I Tried Three Fitness Apps to Help My Postpartum Recovery
How Many Times Did Google Say AI at I/O 2024?
How Many Times Did Google Say AI at I/O 2024?
Everything Announced at Microsoft Build 2024
Everything Announced at Microsoft Build 2024
Sonos Ace Headphones Get Set to Take on the AirPods Max (First Look)
Sonos Ace Headphones Get Set to Take on the AirPods Max (First Look)
Microsoft Announces First Surface Copilot Plus PCs Powered by Qualcomm
Microsoft Announces First Surface Copilot Plus PCs Powered by Qualcomm
Everything Announced at Microsoft's Surface Copilot Plus PC Event
Everything Announced at Microsoft's Surface Copilot Plus PC Event
Android 15: See New Features in Action
Android 15: See New Features in Action
If Apple Makes Siri Like ChatGPT or Gemini, I'm Done
If Apple Makes Siri Like ChatGPT or Gemini, I'm Done
Bose SoundLink Max Review: How Does It Compare to the Cheaper SoundLink Flex?
Bose SoundLink Max Review: How Does It Compare to the Cheaper SoundLink Flex?
Hands-On With Huawei's Pura 70 Ultra
Hands-On With Huawei's Pura 70 Ultra
I Tried Three Fitness Apps to Help My Postpartum Recovery
I Tried Three Fitness Apps to Help My Postpartum Recovery
How Many Times Did Google Say AI at I/O 2024?