The problem with near-future SF…

… is that it’s not long before it’s no longer fiction!

My 2019 story The Auditor and the Exorcist included an IoT coffeemaker that was hijacked by a malicious hacker. It’s 2020, and here’s the hacked IoT coffeemaker: https://arstechnica.com/information-technology/2020/09/how-a-hacker-turned-a-250-coffee-maker-into-ransom-machine/

I strongly suggest not buying anything Internet-connected that you’re not committed to personally, manually patching with every security update, and whose software doesn’t come from a source you trust to keep up with security fixes. Some companies, like Apple and Windows, have a good track record of patching security holes on the regular, of securing communications, and of making sure that you have a way to tell “official” updates from “code a hacker has sent me to run”. Some (many) open-source software projects have the same.

And then there’s “Smarter”, the maker of these coffee makers:

The core problem with Smarter’s first-gen connected coffee maker is that it doesn’t employ even the most basic security practices for software, especially those that go through a network. Communication with the smartphone app isn’t encrypted and firmware updates coming through that same app is nether encrypted nor checked for integrity. It’s no surprise, then, that Avast security researcher Martin Hron was able to “update” Smarter’s coffee machine with ransomware disguised as firmware and make all hell break loose.

JC Torres / Slashgear

Like the hacker manipulating the IoT coffeepot in The Auditor and the Exorcist, Hron made Smarter’s coffeepot go haywire:

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.