SoylentNews is people
SoylentNews
A WiFi connected tea kettle, the iKettle, was recently tested by Pen Test Partners and found severely lacking, spewing forth WiFi access codes for encrypted networks to unencrypted clients with just a few tricks. As reported by geek.com:
Ken Munro, a researcher at Pen Test Partners, recently took to the stage in London to show off what he and his co-workers discovered. Their mark was the iKettle, which was proclaimed "the world's first WiFi kettle" by its creators on the crowd-funding site Firebox.
He was able to trick the kettle into connecting to an unencrypted WiFi network just by giving it the same name as the encrypted network it was originally connected to and using a directional antenna to make sure the signal was loud and clear. Once they'd hijacked the wireless connection, Munro and his partner were able to convince the iKettle to spill the key for the encrypted network.
All it took was two little commands sent via Telnet. And being the helpful little kettle that it is, it even handed Munro the key in plain text.
Original Story: http://www.geek.com/news/connected-kettles-found-brewing-up-security-problems-1637249/
(Score: 0) by Anonymous Coward on Wednesday October 21 2015, @11:42AM
Save time and remote boil from anywhere in the house.
You'll get no sympathy from me if you bought one of these IoT things. They are self-applicating LARTs.