SoylentNews

magamo [soylentnews.org] writes:

The Wifi connected tea kettle, the iKettle was recently tested by Pen Test Partners and found severely lacking, spewing forth Wifi access codes for encrypted networks to unencrypted clients with just a few tricks. As reported by geek.com:

Ken Munro, a researcher at Pen Test Partners, recently took to the stage in London to show off what he and his co-workers discovered. Their mark was the iKettle, which was proclaimed “the world’s first WiFi kettle” by its creators on the crowdfunding site Firebox.

He was able to trick the kettle into connecting to an unencrypted WiFi network just by giving it the same name the encrypted network it was originally connected to and using a directional antenna to make sure the signal was loud and clear. Once they’d hijacked the wireless connection, Munro and his partner were able to convince the iKettle to spill the key for the encrypted network.

All it took was two little commands sent via Telnet. And being the helpful little kettle that it is, it even handed Munro the key in plain text.

Original Story: http://www.geek.com/news/connected-kettles-found-brewing-up-security-problems-1637249/ [geek.com]

Original Submission