SoylentNews is people
SoylentNews
from the internet-of-things-that-shouldn't-need-internet dept.
TechDirt: Not Even Your 'Smart' Jacuzzi Is Safe From The Internet Of Broken Things
The Internet of things — aka the tendency to bring Internet connectivity to devices whether they need them or not — has provided no shortage of both tragedy and comedy. "Smart" locks that are easy to bypass, "smart" fridges that leak your email credentials, or even "smart" barbies that spy on toddlers are all pretty much par for the course in an industry with lax privacy and security standards.
Even your traditional hot tub isn't immune from the stupidity. Hot tub vendor SmartTub thought it might be nice to control your hot tub from your phone (because walking to the tub and quickly turning a dial is clearly too much to ask).
But like so many IOT vendors more interested in the marketing potential than the reality, they allegedly implemented it without including basic levels of security standards for their website administration panel, allowing hackers to access and control hot tubs, all over the planet. And not just SmartTub brands, but numerous brands from numerous manufacturers, everywhere [. . . .]
For those who need reminders, let us not forget prior SN (horror) stories:
- IoT Pet feeders that stop feeding pets
- Peloton treadmills
- Insteon smart home lighting and other controls
- Smart male chastity devices that won't unlock, need metal grinder to remove
(Score: 5, Insightful) by Opportunist on Thursday June 30 2022, @09:09AM (4 children)
Why the hell would you expect a Jacuzzi maker to know the first thing about security? It's the usual problem: You have engineers that have done nothing their whole life but design a certain appliance. A TV set, a fridge, a toaster or, as in this case, a Jacuzzi. They're probably very good at this, even, because they have been doing that for years. Honing their skills, trying stuff, figuring out things that work and others that don't work so well. They have plenty of experience making really great appliances.
In comes marketing and demands that their appliance now needs to be "on the internet" because not only is it the big new thing and another tick in the feature checkbox list (and we all know, customers buy the appliance that has more checkboxes ticked, even and especially if they don't have the first clue what the four-letter-acronym next to the checkbox even means) and of course we can also use it to siphon data from the customer that we can sell. Awesome, we have to have that!
Now you have engineers who don't know jack about making something "on the internet" but have to add "internet" to their appliance. They take whatever thing they find somewhere and stick it in. It works? Great. Ship it. Security? Yeah, the Jacuzzi is safe against overflowing and you can't get hurt by the nozzles, why do you ask?
(Score: 3, Insightful) by PiMuNu on Thursday June 30 2022, @10:19AM (3 children)
Worse still - PHB brings in IoT contractors to implement internet control loop over the top of the regular control loop. The contractors then charge/blackmail $$$ for server maintenance/etc forcing jacuzzi maker into stupid decisions like dropping support for older purchases/etc.
(Score: 1) by anubi on Thursday June 30 2022, @11:27AM (2 children)
To me, "internet enabled" means another ~$30/month subscription will be required or some function will be disabled.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 5, Informative) by maxwell demon on Thursday June 30 2022, @11:49AM
To me, "internet enabled" means that I should probably not buy it.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Insightful) by Opportunist on Thursday June 30 2022, @05:32PM
"Internet enabled" essentially means "disabled without internet".