Top 4th of July Sales Best 4K Projectors 7 Early Prime Day Deals Wi-Fi Range Extenders My Favorite Summer Gadgets Cheap Car Insurance Target's 4th of July Sale Best Running Earbuds, Headphones

Internet-connected coffee maker has security holes

Coffee addict discovers problems with his Internet-connected coffee maker that could open up his PC to attackers.

An Australian man has discovered security vulnerabilities in his Internet-connected coffee maker that could allow a remote attacker to not only take over his Windows XP-based PC but also make his coffee too weak.

Craig Wright, a risk advisory services manager at professional services firm BDO, found several security holes, including a buffer overflow in the Internet Connection software that links his Jura F90 coffee maker to his PC.

This $2,000 Jura F90 coffee maker can be connected to the Internet for remote control of the settings. But it also can open up your PC to remote attacks, a security expert says. Jura

Once connected to the Internet, the high-end coffee maker, which retails for nearly US$2,000 on Amazon, lets you do things like set the strength of your coffee and get remote diagnostic help over the Internet without having to send the appliance in for service.

Wright posted the information on the vulnerabilities, and the fact that there is no patch available yet, to the BugTraq security e-mail list on Tuesday.

A U.S.-based public relations representative for the coffee maker said she would try to reach spokespeople in the Switzerland headquarters for comment.

The threat hasn't kept Wright awake at night, although the coffee does, he said in an interview with CNET at 2:30 Wednesday morning Sydney time.

"I don't know if many people would target this particular vulnerability because there probably are not a lot of coffee makers at the moment that are Internet-connected, and in my case it's behind a firewall," he said.

However, Internet-connected appliances are the wave of the future. There is already an Internet-connected refrigerator, at least one prototype of a Web-enabled oven, and pilot tests for dryers and water heaters.

Eventually "you'll be able to turn on your oven with your mobile phone" and a malicious hacker could wind up burning the house down, Wright said.