back to article Al-Qaeda targets net-connected coffee machine

An Aussie risk advisory services manager has issued a chilling security alert concerning the Jura F90 net-connected coffee machine, warning caffeine-heads that the hi-tech brewing device could open their Windows PC to exploitation by internet paedophiles and al-Qaeda*, CNET reports. The Jura F90 Craig Wright, who works for " …

COMMENTS

This topic is closed for new posts.
Boffin

quite some potential here

I can see how Al-Qaeda could disrupt the entire industry if they reprogram the coffeemaker to decaf.

goggles cause i wont go near a jura without them

0
0
Bronze badge

There's still safe ways to get caffeine even now.

It's called Irn Bru

0
0
Paris Hilton

Windows of course...

From the linked article "Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user."

Paris, as even she wouldn't put XP on a coffee machine

0
0

Internet or LAN?

I can understand accessing it over your LAN, but the internet?

I also can't see anything in their instructions as to whether there's a sensor to stop it pouring when there isn't a cup under the nozzle.

Otherwise Al-Qaeda could be hacking into it and pouring lovely rich dark espresso all over your floor.

Now *that* would be a crime against humanity!

0
0
Linux

What next, Suicide Espresso

What could they go, make the machine order coffee from a specific region thus atrifically inflating price and letting them gain word dominance based on your caffine addiction.

OH MY GOD!!! WE ARE ALL GOING TO DIE!!! THIS IS THE END OF WESTERN CIVILIZATION!!!

0
0
Coat

Re: tagline

Given the temperature of the coffee, this would surely be a "scalding" buffer overflow rather than "chilling".

0
0
Joke

The trouble is?

That most people may not pay a great deal of attention to security until the networked and automated office coffee maker has been hacked?

0
0
Coat

AT LAST!!!

Networked coffee. YEAH!!!!

0
0
Coat

42 days...

...for that evil collaborating coffee machine!

it probably spends evennings and weekends reading 'training manuals' and child porn!

0
0
Anonymous Coward

Meh ... big deal

My toaster's had its own IP address for years.

0
0

Odd article

Its a bit odd how many luddites a technology publication manages to have on its payroll. Relax, its just a security advisory! If El Reg had a bit more imagination then it could have explored the implications of the growing number of internet-enabled consumer devices. Many of these will be based on low-cost firmware models that will probably be difficult/impossible to patch leading to long-term vulnerability windows.

0
0
Ash
Dead Vulture

How come when I visit thesun.co.uk...

... I'm redirected here?

El Reg: Dredging the barrel that feeds IT.

0
0
Coat

buffer overflow

A buffer overflow on this type of asset should be especially dangerous.

0
0
Coat

Title?? I don't need no stinking title

"allows users to select "coffee specialities" via their PCs"

I was hoping that the net connected machine could put the weather forecast in the choccy toppings, or something equally imaginative... turns out they've just made a fancy remote control!

Now, how to convert a printer to print chocolate???

IGMC in a minute:

The last thing we need in a modern office is a coffee machine that's susceptible to [buffer] overflow

0
0

not the first

It is not the first networked coffee maker: http://www.ddj.com/architect/184409827

0
0
Silver badge

The real question is

Can this machine be used to illegally file-share copyrigthed songs and movies?

We all know that copyright infringement is the worst crime against humanity and this may open the coffee drinkers to, at the very least, a massive C&D assault by RI and MP Ass'es of America.

0
0

Coffee selection

So you can select the coffee type via a browser, but you still have to walk over to the machine, put your cup under, press "go", wait for the coffee and then walk back? Why?

0
0
ade
Coat

Hur Hur

<dullard> Is it Java compatible? </dullard>

Coat, got.

0
0
Flame

reminds me of..

...the old linux howto

http://tldp.org/HOWTO/Coffee.html

flames because that's what my flat would be in if I tried it myself!

0
0
Anonymous Coward

Is that Danish story true (US seizing Danish assets)

http://jp.dk/uknews/article1371510.ece

"Christa Møllgaard-Hansen, owner of Christabella's in the town of Maribo on Lolland, routinely buys women's clothing and shoes from around the world to resell in Denmark. But a recent purchase of six dresses from Pakistan for $205 was considered by the American authorities to be money going to support terrorists."

"Møllgaard-Hansen said she was surprised that such a small sum could be made into such a big issue, but was happy that the amount was not a larger one which could have caused her serious financial problems - unlike drilling engineer Sigurd Solem's experience with the US Treasury Departments’ Office of Foreign Assets Control, where $16,000 of an employee's pay was confiscated by the American agency."

0
0
Silver badge
Coat

Coffee Machine Overflow Error...?

Surely that would be when you get more than a cup full and it ends up pouring all over your feet?

0
0
Joke

Espresso

so this is a JAVA exploit then?

Brings new meaning to NetBeans vulnerability.

0
0
Anonymous Coward

Way of Life

You don't need to invoke Terrorism to have a threat to our Way of Life. Merely suggesting that there could be a crisis in the delivery of caffeinated beverage should be enough! Coffee machines should be considered to be part of the Critical National Infrastructure.

0
0
Coat

@ Greg Fleming's IP-enabled toaster

No problems with butter overruns?

0
1

Coffee a security threat for centuries

Note the world famous victorian WMD - the Princesse Marie de Orleans Suprise Bombe.

"A luxurious white coffee ice cream is (cunningly) concealed in a meringue casing and served with a (rogue) peach purée"

0
0
Dead Vulture

WTF?

You made it up? And it's in the headline? Sensationalist much?

0
0
Anonymous Coward

@ade

You owe me a new keyboard. :-(

One without coffee & sn0t in it.

0
0
E

Even worse threat

...than buffer overflow:

Filter Overflow Attack!

0
0
Bronze badge
Coat

Re: Windows of course...

"From the linked article 'Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.'

Paris, as even she wouldn't put XP on a coffee machine"

Maybe they chose XP because it's the smilie that most clearly describes the coffee it makes...?

0
0
Bronze badge

Stick to Turkish then

Didn't I see that Jordanian cleric Abu Qatada's terms of bail include the curious restriction that he should not communicate with Osama bin Laden? If he enjoys an occasional cup like the rest of us he'd perhaps be well advised to stick to drinking Turkish coffee made on a gas stove.

0
0
Pirate

Ah, the TWO horsemen of the Infocalypse

Only paedos and Terr'ists? I guess that's just 'coz it's a simple embedded device. Were it a full-featured user device then we'd get Drugs and Organised Crime too, and then you'd have to register before using one.

Hey, that wouldn't be so bad. ASIO could monitor your caffeine consumption and see if your cardiac problems are due to excess consumption? If so Medicare won't have to pay. Taxpayers would be thrilled! And what about children drinking coffee?

Skull-n-crossbones because in the future only hackers 'n pirates will use unlicensed coffee machines.

0
0
Coat

Perhaps...

...filters would be appropriate then.

OK, alright, I'm going.

0
0

RMartin, Ash and Brian

http://en.wikipedia.org/wiki/Humour

"Sense of humour" - GROW ONE!

As to a lot of the other posts: Sheer brilliance. ade, you bloody-near killed me. and to the initial post: if I thought for a moment that there was a clear and present danger of our machines being remotely switched over to decaf, I'd start my own little "Waronterr'r"

Thankfully the espresso machine here in our IT dept is a stand-alone model and the only overruns it's likely to experience are if someone's caffeine-withdrawal-induced jitters cause them to punch the button too many times...

0
0
Gates Horns

You can mess with my PC but...

You can mess with my PC but please not the coffee machine.

The future is not looking bright.

0
0
Pirate

Communications

Surely this could be used by terrorists as a comms device. Simply connect to the internet:

Columbian Espresso - Send more money

Espressochoc - Attack now

Expect the door to be kicked down, and heavily armed officers will be removing your coffee machine.

0
0
Joke

@Jon Tocker

Surely that would be.....

A WAR ON THE DECAF!

Taxi for pctechxp!

0
0
Pirate

Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0)

Haha, reminds me of the RFC :

"... This document describes HTCPCP, a protocol for controlling,

monitoring, and diagnosing coffee pots.

1. Rationale and Scope

There is coffee all over the world. Increasingly, in a world in which

computing is ubiquitous, the computists want to make coffee. Coffee

brewing is an art, but the distributed intelligence of the web-

connected world transcends art. Thus, there is a strong, dark, rich

requirement for a protocol designed espressoly for the brewing of

coffee. Coffee is brewed using coffee pots. Networked coffee pots

require a control protocol if they are to be controlled. "

lolz. Death by Nescafe.

ftp://ftp.isi.edu/in-notes/rfc2324.txt

0
0
This topic is closed for new posts.

Forums