Internet-connected coffee maker leaves your PC, mornings at risk
by Donald Melanson 
posted Jun 19th 2008 at 12:39PM
It looks like those that enjoy a little remote control over their coffee could be unwittingly leaving both their PCs and their precious brew vulnerable, at least according to BDO risk advisory services manager Craig Wright, who found that his Jura F90 internet-connected coffee maker had several significant security holes, including a buffer overflow in its internet connection software. That, he says, could potentially allow an attacker to take control of the PC connected to the coffee maker, not to mention control the strength of the coffee and perform unwanted diagnostics. Of course, given the number of internet-connected coffee makers out there right now, Wright admits that the potential risk is relatively low (and moot if it's behind a firewall), but he has some dire warnings for the future, saying that eventually "you'll be able to turn on your oven with your mobile phone," which he says could lead to a malicious hacker "burning the house down."
Filed under: Household
Reader Comments (Page 1 of 1)
Danakin @ Jun 19th 2008 12:43PM
HAHAHA...I don't even know how to respond to this.
rndmnme @ Jun 19th 2008 12:55PM
Simple. Judgment day is upon us. Cameron just got it very, very wrong. Skynet will hack into our ovens, coffee makes, irons, and other devices, cause them to over heat and burn us all to the ground. Sure, those small devices will perish, but the giant robots will rule the world and...
.... yeah, I'm not sure how to respond to it either.
OneLove @ Jun 19th 2008 3:00PM
would a buffer overflow make my capuchino more froffy?
freediverdude @ Jun 19th 2008 12:43PM
I don't understand the point of an internet-connected coffeemaker?
Minilap @ Jun 19th 2008 12:50PM
It's just a little extra thing you can buy for Jura F9 and Z5 that lets you reprogram your unit using your computer rather than the small screen. You could also run short diagnostics and see statistics of how many coffes you made, how many times you cleaned it and etc etc.....
monkfishbandana @ Jun 19th 2008 12:58PM
Me neither?
OneLove @ Jun 19th 2008 3:04PM
so you could make coffee that tastes like poRn.
iczer2 @ Jun 20th 2008 8:51AM
Probably the same thing people said when a Coke machine was connected to the Internet.
freediverdude @ Jun 19th 2008 12:45PM
I don't understand the purpose of an internet connected coffeemaker?
freediverdude @ Jun 19th 2008 12:46PM
Oops, sorry, I didn't see my first post show up, so I thought it didn't go through, I apologize for the dupe.
Minilap @ Jun 19th 2008 12:46PM
You can't burn someones house. The most you could do is run short diagnostics and reprogram the water and powder quantity, which is no big deal.
Danakin @ Jun 19th 2008 1:05PM
they meant that for the
'you'll be able to turn on your oven with your mobile phone'..."malicious hacker" 'burning the house down.'
lines...the coffeemaker couldn't.
lizaoreo @ Jun 19th 2008 2:31PM
Well, it's not some much about the coffee maker as it is about the potential that similar flaws could exist with internet enabled ovens and the like.
And yes, there are some rather nice looking internet enabled ovens out there, I saw them in one of my SmartHome ads. You can get a single for about 5k or a double for about 7k. They are refrigerated so you can actually prep your meal, stick it in the oven, then when you are leaving work or getting close to home or whatever, you can start the oven remotely via the internet or cell phone.
Pretty neat, but you obviously want to be careful with something like that.
Bill @ Jun 19th 2008 12:47PM
Call me a Luddite, but I'll never have my oven nor my ice cube maker plugged into the interwebs.
Reader @ Jun 19th 2008 2:08PM
You Luddite, you. Just think about how much more perfect your ice cubes could be! Maybe one day you grab an ice cube and think dammit, this is like 5 degrees below zero, I wanted 4. If you had a computer controlled ice maker, it would have been possible.
Eli @ Jun 19th 2008 12:53PM
Niki, please stop spamming.
retro77 @ Jun 19th 2008 12:54PM
I would connect my house to an INTRANET but never to the internet....geez.
John @ Jun 19th 2008 1:52PM
You say that now; give it ten years.
retro77 @ Jun 19th 2008 1:57PM
even after 10 years...intranet....heavily secured, not touching the internet....
teej @ Jun 19th 2008 3:50PM
im n ur intranetz, hacking them 2 extranetz.
94 taurus owner @ Jun 19th 2008 12:57PM
Again......Why.........
IT-Accountant @ Jun 19th 2008 1:04PM
Burn houses down with my cellphone?
COOL!
j/k
IT-Accountant @ Jun 19th 2008 1:04PM
Burn houses down with my cellphone?
COOL!
j/k
BratPAQ @ Jun 19th 2008 1:30PM
ill reprogram your sugar dispenser to make it dispense twice the sugar you want, you'll have diabetes in a year or two, muwahahaha!
Wormbolt @ Jun 19th 2008 1:39PM
Does it have a touchscreen?
If not, I don't want.
MBS @ Jun 19th 2008 2:13PM
Well... if it _does_, then it's nothing but an iPhone clone.
If it does _not_, however, have multi-touch then it is obviously inferior to Apple technology and we shall all wait for the iCoffee maker which when it arrives we will all herald as the invention of the coffee maker and call all other coffee makers iCoffe-clones.
MBS @ Jun 19th 2008 2:13PM
Well... if it _does_, then it's nothing but an iPhone clone.
If it does _not_, however, have multi-touch then it is obviously inferior to Apple technology and we shall all wait for the iCoffee maker which when it arrives we will all herald as the invention of the coffee maker and call all other coffee makers iCoffe-clones.
MBS @ Jun 19th 2008 2:14PM
Damn it! I _knew_ someone would turn this into an iphone argument!
Wormbolt @ Jun 19th 2008 8:27PM
To all the people who low-ranked me, I want you to know I completely accept the low ranking. I just want to make sure it was because I made a terrible, obnoxious and tedious joke and not because you actually thought I was someone who thinks everything that runs on electricity should have a touch screen.
Chimes @ Jun 19th 2008 1:46PM
How about put one coffee-machime in the office? While waking up, you can order coffee at home before going to office
AMM @ Jun 19th 2008 1:52PM
The only internet-controlled coffee machine I'm interested in is the one that sends a Starbucks barista to my house on Saturday mornings when I'm still sitting around in my PJs.
Mischa Lockton @ Jun 19th 2008 2:06PM
Never mind that the PC connected is vulnerable- haxors can now make my coffee weaker? That is defcon 5.
PGP-Protector @ Jun 19th 2008 2:36PM
But how is your coffee maker and refrigerator going to order new supplies for delivery if you don't let them communicate with the local delivery agency.
Also when your coffee maker reports an error, it can't forward your normal settings to your GPS equiped car and have the order pre placed and timed for your arrival at your local Starbucks.
kal326 @ Jun 19th 2008 2:41PM
In other news Starbucks suspected of trying to hire contract hackers.......
OneLove @ Jun 19th 2008 3:01PM
so you could make coffee that tastes like poRn.
Kimuri42 @ Jun 19th 2008 3:13PM
This sounds like a typical Mega Man Battle Network storyline.
crow610 @ Jun 19th 2008 4:12PM
Sarah Connor?
Blaktornado @ Jun 19th 2008 4:36PM
Internet Connected Coffee; now with more pr0nz and hate.
-Tj- @ Jun 20th 2008 2:08AM
Greeaaaat.... Yet another device that will further solidify the idea in some people that the CD/DVD/Blu-ray drive tray is a cup holder.
XenoX101 @ Jun 20th 2008 5:18AM
Hacking a coffee machine?
Oh what TERROR that could cause.. I can see it already, people getting lattés instead of espressos, having too much sugar in their coffee, possibly even *gasp* not getting a coffee. It'd be CHAOS!
XenoX101 @ Jun 20th 2008 5:18AM
Hacking a coffee machine?
Oh what TERROR that could cause.. I can see it already, people getting lattés instead of espressos, having too much sugar in their coffee, possibly even *gasp* not getting a coffee. It'd be CHAOS!
TREX6662k5 @ Jun 20th 2008 6:44AM
Well, how about if it downloaded RSS feeds or displayed weather info while waiting for the coffee to brew? Or slideshows off a network resource...
Cassini @ Jun 20th 2008 7:56AM
A coffee maker that connects to your computer?
Dumb. And pointless.
I've been making coffee for quite some time without a computer and have been just fine and will continue to be. So will everyone else. Including businesses, like Starbucks, and Peets.
Making coffee is like scratching your head. How hard is that? What on earth would we need a computer for?
Why do companies that can no longer think creatively give up so easily by integrating USB connections or sticking an "i" in front of their product names?
Instead of letting their products speak for themselves by improving on existing mechanisms, they do things that are completely unwanted and superfluous.
Kai @ Jun 21st 2008 2:51PM
A point away from the coffee maker, but who still runs a computer without a firewall these days? (all major OSs have built-in firewalls, isn't it?)