Your Coffee Pot Just Got You Pwnd

20080618-pwnedmachine.jpgThis internet-compatible coffee-maker appears to have some vulnerabilities to hacking. As posted on the Security Focus website:

Fun things you can do with a Jura coffee maker:
1. Change the preset coffee settings (make weak or strong coffee)
2. Change the amount of water per cup (say 300ml for a short black) and make a puddle
3. Break it by engineering settings that are not compatible (and making it require a service)

The connectivity kit uses the connectivity of the PC it is running on to connect the coffee machine to the internet. This allows a remote coffee machine "engineer" to diagnose any problems and to remotely do a preliminary service.

Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.

Compromise by Coffee.

I don't know, kids. Old Mr. Coffee might be scratching his head when it comes to this newfangled internets, but at least he's not going to hack my computer. I don't know why you'd want an web-accessible coffee-maker anyway.