There's still safe ways to get caffeine even now.
It's called Irn Bru
Al-Qaeda targets net-connected coffee machine
An Aussie risk advisory services manager has issued a chilling security alert concerning the Jura F90 net-connected coffee machine, warning caffeine-heads that the hi-tech brewing device could open their Windows PC to exploitation by internet paedophiles and al-Qaeda*, CNET reports. The Jura F90 Craig Wright, who works for " …
This topic is closed for new posts.
quite some potential here
I can see how Al-Qaeda could disrupt the entire industry if they reprogram the coffeemaker to decaf.
goggles cause i wont go near a jura without them
Windows of course...
From the linked article "Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user."
Paris, as even she wouldn't put XP on a coffee machine
Internet or LAN?
I can understand accessing it over your LAN, but the internet?
I also can't see anything in their instructions as to whether there's a sensor to stop it pouring when there isn't a cup under the nozzle.
Otherwise Al-Qaeda could be hacking into it and pouring lovely rich dark espresso all over your floor.
Now *that* would be a crime against humanity!
What next, Suicide Espresso
What could they go, make the machine order coffee from a specific region thus atrifically inflating price and letting them gain word dominance based on your caffine addiction.
OH MY GOD!!! WE ARE ALL GOING TO DIE!!! THIS IS THE END OF WESTERN CIVILIZATION!!!
Re: tagline
Given the temperature of the coffee, this would surely be a "scalding" buffer overflow rather than "chilling".
The trouble is?
That most people may not pay a great deal of attention to security until the networked and automated office coffee maker has been hacked?
42 days...
...for that evil collaborating coffee machine!
it probably spends evennings and weekends reading 'training manuals' and child porn!
Meh ... big deal
My toaster's had its own IP address for years.
Odd article
Its a bit odd how many luddites a technology publication manages to have on its payroll. Relax, its just a security advisory! If El Reg had a bit more imagination then it could have explored the implications of the growing number of internet-enabled consumer devices. Many of these will be based on low-cost firmware models that will probably be difficult/impossible to patch leading to long-term vulnerability windows.
How come when I visit thesun.co.uk...
... I'm redirected here?
El Reg: Dredging the barrel that feeds IT.
buffer overflow
A buffer overflow on this type of asset should be especially dangerous.
Title?? I don't need no stinking title
"allows users to select "coffee specialities" via their PCs"
I was hoping that the net connected machine could put the weather forecast in the choccy toppings, or something equally imaginative... turns out they've just made a fancy remote control!
Now, how to convert a printer to print chocolate???
IGMC in a minute:
The last thing we need in a modern office is a coffee machine that's susceptible to [buffer] overflow
not the first
It is not the first networked coffee maker: http://www.ddj.com/architect/184409827
The real question is
Can this machine be used to illegally file-share copyrigthed songs and movies?
We all know that copyright infringement is the worst crime against humanity and this may open the coffee drinkers to, at the very least, a massive C&D assault by RI and MP Ass'es of America.
Coffee selection
So you can select the coffee type via a browser, but you still have to walk over to the machine, put your cup under, press "go", wait for the coffee and then walk back? Why?
Hur Hur
<dullard> Is it Java compatible? </dullard>
Coat, got.
reminds me of..
...the old linux howto
http://tldp.org/HOWTO/Coffee.html
flames because that's what my flat would be in if I tried it myself!
Is that Danish story true (US seizing Danish assets)
http://jp.dk/uknews/article1371510.ece
"Christa Møllgaard-Hansen, owner of Christabella's in the town of Maribo on Lolland, routinely buys women's clothing and shoes from around the world to resell in Denmark. But a recent purchase of six dresses from Pakistan for $205 was considered by the American authorities to be money going to support terrorists."
"Møllgaard-Hansen said she was surprised that such a small sum could be made into such a big issue, but was happy that the amount was not a larger one which could have caused her serious financial problems - unlike drilling engineer Sigurd Solem's experience with the US Treasury Departments’ Office of Foreign Assets Control, where $16,000 of an employee's pay was confiscated by the American agency."
Coffee Machine Overflow Error...?
Surely that would be when you get more than a cup full and it ends up pouring all over your feet?
Espresso
so this is a JAVA exploit then?
Brings new meaning to NetBeans vulnerability.
Way of Life
You don't need to invoke Terrorism to have a threat to our Way of Life. Merely suggesting that there could be a crisis in the delivery of caffeinated beverage should be enough! Coffee machines should be considered to be part of the Critical National Infrastructure.
@ Greg Fleming's IP-enabled toaster
No problems with butter overruns?
Coffee a security threat for centuries
Note the world famous victorian WMD - the Princesse Marie de Orleans Suprise Bombe.
"A luxurious white coffee ice cream is (cunningly) concealed in a meringue casing and served with a (rogue) peach purée"
WTF?
You made it up? And it's in the headline? Sensationalist much?
@ade
You owe me a new keyboard. :-(
One without coffee & sn0t in it.
Even worse threat
...than buffer overflow:
Filter Overflow Attack!
Re: Windows of course...
"From the linked article 'Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.'
Paris, as even she wouldn't put XP on a coffee machine"
Maybe they chose XP because it's the smilie that most clearly describes the coffee it makes...?
Stick to Turkish then
Didn't I see that Jordanian cleric Abu Qatada's terms of bail include the curious restriction that he should not communicate with Osama bin Laden? If he enjoys an occasional cup like the rest of us he'd perhaps be well advised to stick to drinking Turkish coffee made on a gas stove.
Ah, the TWO horsemen of the Infocalypse
Only paedos and Terr'ists? I guess that's just 'coz it's a simple embedded device. Were it a full-featured user device then we'd get Drugs and Organised Crime too, and then you'd have to register before using one.
Hey, that wouldn't be so bad. ASIO could monitor your caffeine consumption and see if your cardiac problems are due to excess consumption? If so Medicare won't have to pay. Taxpayers would be thrilled! And what about children drinking coffee?
Skull-n-crossbones because in the future only hackers 'n pirates will use unlicensed coffee machines.
Perhaps...
...filters would be appropriate then.
OK, alright, I'm going.
RMartin, Ash and Brian
http://en.wikipedia.org/wiki/Humour
"Sense of humour" - GROW ONE!
As to a lot of the other posts: Sheer brilliance. ade, you bloody-near killed me. and to the initial post: if I thought for a moment that there was a clear and present danger of our machines being remotely switched over to decaf, I'd start my own little "Waronterr'r"
Thankfully the espresso machine here in our IT dept is a stand-alone model and the only overruns it's likely to experience are if someone's caffeine-withdrawal-induced jitters cause them to punch the button too many times...
You can mess with my PC but...
You can mess with my PC but please not the coffee machine.
The future is not looking bright.
Communications
Surely this could be used by terrorists as a comms device. Simply connect to the internet:
Columbian Espresso - Send more money
Espressochoc - Attack now
Expect the door to be kicked down, and heavily armed officers will be removing your coffee machine.
@Jon Tocker
Surely that would be.....
A WAR ON THE DECAF!
Taxi for pctechxp!
Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0)
Haha, reminds me of the RFC :
"... This document describes HTCPCP, a protocol for controlling,
monitoring, and diagnosing coffee pots.
1. Rationale and Scope
There is coffee all over the world. Increasingly, in a world in which
computing is ubiquitous, the computists want to make coffee. Coffee
brewing is an art, but the distributed intelligence of the web-
connected world transcends art. Thus, there is a strong, dark, rich
requirement for a protocol designed espressoly for the brewing of
coffee. Coffee is brewed using coffee pots. Networked coffee pots
require a control protocol if they are to be controlled. "
lolz. Death by Nescafe.
ftp://ftp.isi.edu/in-notes/rfc2324.txt
This topic is closed for new posts.
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- The BI Inflexion Point
Information is a right, not a privilege - Risk and Resilience
The application availability gamble - Register Research on: Agile development - is it right for you
Reaping the benefits of modern software practice - The Register Guide to managing spam
A primer on the implications for enterprise IT - The Register Guide to email security
A primer on the challenges of securing email and approaches to resolving them - High Performance for All
Responding to the needs of compute-intensive workloads
