Careful with Your Connected Kettles—They’re Easy to Hack
Remember Ken Munro? Back in August, we discussed how his security firm Pet Test Partners had figured out a way to hack into a Samsung Smart Refrigerator, potentially allowing them access to your Google account. Well, recently they’ve had a smaller, warmer appliance on their minds, and Munro once again decided to open up in an effort to keep everyone more secure: Turns out even a seemingly innocuous connected kettle can give out your Wi-Fi password to those looking to hack into your system.
Munro looked specifically at the iKettle, which can be turned on remotely via a smartphone app. “If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle,” he told The Register. “I can sit outside of your place with a directional antenna, point it at your house, knock your kettle of your access point, it connects to me, I send two commands and it discloses your wireless key in plain text.”
It’s scary to think that someone could use a tea kettle to potentially ruin your entire life—or whatever it is hackers are trying to do. But at the same time, it’s also important to remember that we live in a society, people. Sure, kettle technology companies should do a better job of securing their products, but I could also say I’ve found a security flaw in your home because I can kick in the front window with my foot. Let’s not do that, everyone! Let’s not start hacking into each other’s kettles!
If you have to hack into something, just stick with the Smart Refrigerator. Anyone with a Smart Refrigerator could probably stand to be taken down a peg anyway.