Must.Have.More.Coffee
I know it's Monday morning, but 12 cups? (see video)
Zimperium researcher Simone Margaritelli has hacked his coffee machine finding a way to brew coffee using the command line. Margaritelli (@evilsocket) says he reverse engineered the app used to control the Smarter AM coffee machine. It means hackers can choose to ignore apps when they need a coffee and instead stumble over to …
The history of the internet is lost on you. The world's first 'webcam' was rigged up at MIT to see the level of coffee in a filter machine.
https://en.wikipedia.org/wiki/Trojan_Room_coffee_pot
Right, I'm off now to use my Aeropress. I might give it a quick check for security flaws whilst I'm at it, but I'm fairly relaxed about it!
> The world's first 'webcam' was rigged up at MIT to see the level of coffee in a filter machine.
You linked to the page which in the *first sentance* says Cambridge University. Which is named for Cambridge England.
A certain location in New England is also named for the city, and there is apparently also a seat of learning there. But the coffee pot and webcam existed in the original.
Thanks for the correction, guys!
(I had read the wiki page in the past having heard of the coffee pot long ago, but I didn't read it today. As could be inferred from my post, it was written before I had drunk any coffee. That situation has now been corrected.)
This post has been deleted by its author
I do wonder why the IETF bother coming up with all these standards, when manufacturers just seem to ignore them...
You assume that the standard has been ignored, but I have seen no evidence that this "researcher" has even set the evil bit correctly.
And he hasn't used avian carriers either.
https://www.ietf.org/rfc/rfc1149.txt
(I know the numbers of two different RFCs by heart. One is 7112, a deeply boring blither about IPv6 fragmentation as it applies to extension headers. The other is Avian Carriers.)
Give the explosion of caffeine options since I were a lad I'm surprised he didn't do this via the standard Unix build automation tool. Then he could do things like
make coffee
or
make cappuccino
or
make Venti-Iced-Skinny-Hazelnut-Macchiato-Sugar-Free-Syrup-Extra-Shot-Light-Ice-No-Whip
if he so wanted
Given that most of these StarSucks-originating fluid recipes have less resemblance to coffee than what gets pumped out of a washing machine during its rinse cycle, it's just as well that there are separate $make targets, and not some weird branching within $make coffee based on an environment variable.
.. that will leak, but coffee, unless that machine detects if there is actually a cup or can present.
He may be better, of course, but I know that I'm prone to fairly "duh" type mistakes before my first cup, and if I ended late it's not guaranteed I prepped the machine :).
That said, I am a fan of the let's-make-a-complete-jug-in-one-go machines, if for no other reason that they're quieter when they make coffee. If post weekend even Alka Seltzers are too loud, I don't want a noisy coffee machine either. And you can get a second cup RIGHT NOW without having to wait.
No, the first can is mine. Go away.
that will leak, but coffee, unless that machine detects if there is actually a cup or can present.
Teasmades are actually fairly resistant against failure in setting up the machine, discounting actually flipping the right switches the right way. But it senses the pot and the kettle being in their respective positions; if not it won't power up the kettle.
I haven't seen a coffee maker that used such a safety measure.
Something like this is a potential killer. About the only exercise I get is walking to the kitchen to make/fetch another coffee. Without that I'll die. (well, I'll die anyway, but sooner than need be) And as a bonus I can run the washing machine/dishwasher/dryer while I wait for the kettle to boil and the coffee to brew (my cafetiere is internet connected using the special AirGap (TM) technology)
"making coffee is hardly a big deal"
It's a very big deal in this house.
Which is why we try to keep it as simple as possible.
Complete with backup systems:
If the coffee machine fails, there's the kettle plus a cafetière (aka French Press).
If there's no electricity, there's the gas cooker plus aforementioned cafetière.
(Yes, we have a spare cafetière)
"His hacking did not uncover serious security bugs [...]"
"[...] but it would let fellow hackers on the same network as the coffee machine to mess with its firmware without requiring authentication, [...]"
That's literally the same sentence (plus the "access to port 2081 is completely unauthenticated")!
Have security standards changed over the weekend so that "free access on local network" is not a "serious issue" anymore?
"His hacking did not uncover serious security bugs but it would let fellow hackers on the same network as the coffee machine to mess with its firmware without requiring authentication"
Personally i'd consider the ability to push new firmware to a device without authentication to be an extremely serious security bug... Your new firmware could do *anything(
> Since I work from home, most of the times ...
The guy wrote a command line app so he can spend more time bash[groan]-ing out code.
However, he still has to get up from his chair, walk over to the machine and collect his freshly brewed coffee.
A more sensible approach would simply be to put the machine near his desk.
Don't worry, you're probably not missing out just because you don't have two knobs.
Ask a Kangaroo whether this is true......or maybe someone whose 'slept' with a kangaroo....
...ok, I've had too much coffee...I've my cloakroom ticket right here, Miss, no need to fetch the bouncers, and no, those aren't zoo staff chasing me.
I hacked my convection oven to roast a chicken tonight. I followed every instruction on the packet to the letter. My intervention though was actually opening the oven door to put the chicken in. This was not mentioned on the instructions. Do I get a Nobel award or at least a first class masters for innovation?
Hacking the Iotthe modern way.
Downvotes=approval
My oven is not an Iot thingy, but the packaging is right on
The story just causes a pang in my chest. People go "Ho Ho that's Amusing" but it painfully underscores to me all the things the GUI mindset prevent from existing..
coffee make # yeah, but the app can do that so what's the point of a CLI?
sleep 3600 ; coffee make && mailx -s "Yo, coffee!" user </dev/null # Well, okay, that's more useful, but the App probly has that too
echo "coffee querylevel beans | grep -v full && sms linda 'Low on coffee. Can you pick some up on the way home?'" | at 4pm # Okay, look, that's in the next release.. but nobody wants it anyway!
smsrcv linda | grep -i "Buy your own *ing coffee" && amazon --autobuy coffee # Wait, what?
Imagination. Small bricks. 10 minutes. Huge possibilities. Permission denied.