Click here to load reader
Upload
totaldefense
View
34
Download
0
Embed Size (px)
DESCRIPTION
Satis, an electronic toilet that can be controlled via an smartphone app has been breached. Visit http://blogs.totaldefense.com/securityblog.aspxfor cloud-based endpoint security solutions for home and businesses.
Citation preview
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 1
Security breach: Who flushed my toilet?
Last year, a Japanese hi-tech company launched one of the surprising luxury products marketed to the
public - The ‘Satis’. A new several thousand dollars toilet delivered with an application controlled via
smart phone devices.
However, it turns out there is a security breach, so that anyone, even with basic knowledge in smart
phones, can remotely activate many of the toilet’s functions.
The toilet, currently sold for about $5,600, lets the owner warm the toilet seat, splash water, play
music and flush by snapping on the smartphone’s screen. It also enables sophisticated toilet track of
water and electricity quantities, and even keep a calendar with your visits to the toilet.
The application issue that triggers the toilet, allows anyone with the app to take over such toilet, even
if it is not his. How is it possible? Simple. The default security code of the application through the
toilet receives the commands using Bluetooth technology is the same every time - four zeros (0000).
This “very creative” code makes it easy to connect to any ‘Satis’ toilet. An attacker can simply
download the app and use it to flush the toilet again and again, activate the seat heating and basically
everything else, thus causing the owners to absorb high costs of water and electricity.
The only limitation is that the application must be within Bluetooth range, so anyone who wants to
carry out an attack like that, would have to be relatively close to the toilet itself.
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 2
This security issue is only the tip of the iceberg, as many devices like refrigerators and washing
machines become more and more “smart” making them vulnerable to such attacks and similar, thus it
is obvious that we will see more breaches in the near future.
About TotalDefense:
Total Defense(@Total_Defense) is a global leader in malware detection and anti-crimeware solutions. We offer a broad portfolio of leading security products for the consumer market used by over four million consumers worldwide. Our solutions also include the industry’s first complete cloud security platform, providing fully integrated endpoint, web and email security through a single Web-based management console with a single set of enforceable security policies
Total Defense is a former business of CA Technologies, one of the largest software companies in the world, and has operations in New York, California, Europe, Israel and Asia.
Visit http://www.totaldefense.com/ for web, cloud & mobile security solutions for home users and businesses.