A smart tea kettle could show the boiling point of bad IoT security
[MUSIC]
It turns out having an intecur smart tea kettle can land you in some pretty hot water.
We decided to take a look at the ikettle from smarter, an internet of things connected device where you can boil water from an app on your phone.
IOT devices have become increasingly notorious for how easy they are to hack And we brought in Jason Hart from Gemalto Security to give us a demonstration.
It turns out there's a lot worse things that could happen than somebody boiling your water without your permission.
So what happens if a smart tea kettle gets hacked?
So there's actually two problems here.
The first one is actually the attacker taking control of your smart tea kettle.
The rules say using the kettle itself to gain access to your home wi-fi which you spent a lot of money and time and effort securing your home wi-fi network.
So no matter how secure you make your home wi-fi network it doesn't matter if it's encrypted or if your password is sixteen characters long
If this smart tea kettle or any insecure Internet of Things devices is connected to it, it can be easily hacked, as Jason demonstrated.
But first some tea.
We're just sending remote commands to the tea kettle.
In this case the kettle has six or seven different commands, the temperature, on and off, that's it.
So what command did you just send to have it boil?
We just sent AT, which is the command to say
I'm ready for this, in this particular coding language plus, hello kettle equals 0, 1 and so switch the catalog.
As you can see, Jason was able to send a command from his laptop to the smart kettle after busting through the stupid simple password, six zero's.
It's particularly bad considering that you can't change the password on this smart kettle.
But what's worse is that once a hacker like Jason is in your kettle, he's got the rest of your house too.
And someone can just come along remotely, extract that private wi-fi key and then use it against the network itself.
You know this is basic stuff.
Secondly, you know the way that the communication happening between the device.
The kettle and the app itself is clear text.
Once an attacker has your home WiFi network, the hacker pretty much has access to everything.
Your home network is as strong as your weakest link even if that low boiling point comes from a tea kettle.
Up Next
Did a Week With the Apple Watch Make Me Use My iPhone Less?
Up Next
Did a Week With the Apple Watch Make Me Use My iPhone Less?
How Google Tests the Cameras in Its Pixel Phones
How Google Tests the Cameras in Its Pixel Phones
Boston Dynamics Retires Its HD Atlas Robot
Boston Dynamics Retires Its HD Atlas Robot
What's the Future of Phones? Expert vs. AI
What's the Future of Phones? Expert vs. AI
I Touched Disney's HoloTile Floor: Behind the Scenes at Imagineering
I Touched Disney's HoloTile Floor: Behind the Scenes at Imagineering
Can I Live With a Nokia Flip Phone in 2024?
Can I Live With a Nokia Flip Phone in 2024?
How Google Captures 3D Images for Immersive View
How Google Captures 3D Images for Immersive View
How to Get the Best Answers From an AI Chatbot
How to Get the Best Answers From an AI Chatbot
It's Almost Here: My Big Questions for Vision Pro
It's Almost Here: My Big Questions for Vision Pro
CNET's Best Smartphones From 2023
CNET's Best Smartphones From 2023
Tech Shows
Latest News All latest news
Apple May Give FineWoven Accessories 1 More Season
Apple May Give FineWoven Accessories 1 More Season
US vs. TikTok: What Happens Next
US vs. TikTok: What Happens Next
Battle of the Humanoid Robots: MenteeBot Is Ready
Battle of the Humanoid Robots: MenteeBot Is Ready
What to Expect at Apple's May 7 iPad Event
What to Expect at Apple's May 7 iPad Event
Did a Week With the Apple Watch Make Me Use My iPhone Less?
Did a Week With the Apple Watch Make Me Use My iPhone Less?
How Google Tests the Cameras in Its Pixel Phones
How Google Tests the Cameras in Its Pixel Phones
Most Popular All most popular
First Look at TSA's Self-Screening Tech (in VR!)
First Look at TSA's Self-Screening Tech (in VR!)
Samsung Galaxy S24 Ultra Review: More AI at a Higher Cost
Samsung Galaxy S24 Ultra Review: More AI at a Higher Cost
'Circle to Search' Lets Users Google From Any Screen
'Circle to Search' Lets Users Google From Any Screen
Asus Put Two 14-inch OLEDs in a Laptop, Unleashes First OLED ROG Gaming Laptop
Asus Put Two 14-inch OLEDs in a Laptop, Unleashes First OLED ROG Gaming Laptop
Samsung Galaxy Ring: First Impressions
Samsung Galaxy Ring: First Impressions
Best of Show: The Coolest Gadgets of CES 2024
Best of Show: The Coolest Gadgets of CES 2024
Latest Products All latest products
Battle of the Humanoid Robots: MenteeBot Is Ready
Battle of the Humanoid Robots: MenteeBot Is Ready
2025 Audi Q6, SQ6 E-Tron: Audi's Newest EV Is Its Most Compelling
2025 Audi Q6, SQ6 E-Tron: Audi's Newest EV Is Its Most Compelling
Hands-On with Ford's Free Tesla Charging Adapter
Hands-On with Ford's Free Tesla Charging Adapter
Nuro R3 is an Adorable Self-Driving Snack Bar
Nuro R3 is an Adorable Self-Driving Snack Bar
First Look: The $349 Nothing Phone 2A Aims to Brighten Your Day
First Look: The $349 Nothing Phone 2A Aims to Brighten Your Day
Best of MWC 2024: Bendable Screens, AI Wearables and More
Best of MWC 2024: Bendable Screens, AI Wearables and More
Latest How To All how to videos
Tips and Tricks for the AirPods Pro 2
Tips and Tricks for the AirPods Pro 2
How to Watch the Solar Eclipse Safely From Your Phone
How to Watch the Solar Eclipse Safely From Your Phone
Windows 11 Tips and Hidden Features
Windows 11 Tips and Hidden Features
Vision Pro App Walkthrough -- VisionOS 1.0.3
Vision Pro App Walkthrough -- VisionOS 1.0.3
Tips and Tricks for the Galaxy S24 Ultra
Tips and Tricks for the Galaxy S24 Ultra
TikTok Is Now on the Apple Vision Pro