Slashdot Mirror

← Back to Stories (view on slashdot.org)

All Your Coffee Are Belong To Us

Posted by kdawson on from the pouring-over-it dept.

Wolf nipple chips writes "Craig Wright discovered that the Jura F90 Coffee maker, with its honest-to-God Jura Internet Connection Kit, can be taken over by a remote attacker, who can cause the coffee to be weaker or stronger; change the amount of water per cup; or cause the machine to require service (call this one a DDoC). 'Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.' An Internet-enabled, remote-controlled coffee-machine and XP backdoor — what more could a hacker ask for?"

52 of 354 comments (clear)

  1. First post? by boteeka · · Score: 3, Funny

    Bullshit, those machines are secure as a mainframe.

    1. Re:First post? by Anonymous Coward · · Score: 5, Funny

      Have the RIAA sent it a DMCA takedown notice for sharing files yet?

      PC LOAD COFFEE

    2. Re:First post? by mr_matticus · · Score: 3, Funny

      PC = Percolation Cartridge, I assume?

      If there's not a slider lever in the tray to accept Darjeeling media, I'm afraid it will never take off in the UK, dooming these machines to the same fate as A4-incompatible printers.

    3. Re:First post? by CastrTroy · · Score: 5, Funny

      PC LOAD COFFEE? WTF does that mean?

      Here's some extra text to get past the caps filter.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    4. Re:First post? by funaho · · Score: 5, Funny

      A simpler solution is, when putting your coffee maker on the Internet, to make sure JavaScript is turned off.

      Yes, I made a horrible pun. :)

  2. Bah! by BWJones · · Score: 5, Funny

    Bah! Get your coffee and an old school French press to brew the tastiest coffee. Put your hacking efforts into the roasting, selection and cultivation of your beans and leave the time and resource wasting, lame Windows controlled coffee makers to the junk heap of history.

    --
    Visit Jonesblog and say hello.
    1. Re:Bah! by mr_matticus · · Score: 2, Funny

      Fitting an expresso machine on your stove top might prove a bit difficult.

      An espresso maker, on the other hand, is an option.

    2. Re:Bah! by Anonymous Coward · · Score: 5, Funny

      Keep up with time mate, it's called a Freedom Press

    3. Re:Bah! by Joebert · · Score: 4, Funny

      I wave my private parts in your French press's general direction.

      You know that feeling you get when you know you should tell someone they're about to do something really painfull, but you don't want to say anything because you haven't had a good laugh all week ?
      --
      Wanna fight ? Bend over, stick your head up your ass, and fight for air.
    4. Re:Bah! by cayenne8 · · Score: 4, Funny
      "If you have a party where everyone needs coffee, even having a couple of them won't be enough..."

      Hmm...I don't think I've ever been to a party where coffee was an issue...??

      Usually we're concerned on not running out of beer, wine or liquor...

      "Hey Phil, the Tigers are about to score again, can ya toss me a nice hot latte without too much foam?? Your out? WTF? Ok...I'm outta here, lets to to the local Starbucks, where they know how to treat a sports crowd!!"

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    5. Re:Bah! by arth1 · · Score: 3, Funny

      Sadly, I've found many Americans to be fearful of even mildly strong coffee.

      This is true. Americans brew extremely weak coffee, but to compensate it's usually Central- and South-American coffee high in organic acids, so it's quite sour. So sour that most people mix large amounts of milk/cream and sugar in their coffee. Ask for a "regular" coffee here in New England, and you'll get about one quarter of the cup filled with light cream ("Half and half"), and enough sugar to keep you high for a few hours.

      Worse, Americans serve and drink luke warm coffee. Where Europeans would want both their sauna, dishwater and coffee to be close to the temperature of boiling water, Americans are cowards, and not smart enough to prevent themselves or others from scalding.
      Hot coffee doesn't create 2nd degree burns. Morons armed with hot coffee create 2nd degree burns.

      Is this bashing America? Perhaps so, but I am an American and demand my constitutional right to do so.
  3. Java? by Arakageeta · · Score: 5, Funny

    I wonder how well it runs Java...

    1. Re:Java? by ozmanjusri · · Score: 4, Funny

      Maybe if it was running WinCE.

      --
      "I've got more toys than Teruhisa Kitahara."
    2. Re:Java? by lanswitch · · Score: 5, Funny

      I'm only interested if it can do Cocoa as well.

    3. Re:Java? by GroeFaZ · · Score: 2, Funny

      This adds another dimension of meaning to NetBeans.

      --
      The grass is always greener on the other side of the light cone.
    4. Re:Java? by NeilTheStupidHead · · Score: 3, Funny

      // Possibly a more efficient way of doing this ... cycle count? coffee.add(sugar) coffee.add(milk) Yes it's: coffee.add()
      --
      Lose: misplace or fail || Loose: not bound together
  4. Sex? by pembo13 · · Score: 5, Funny

    Sorry, that's the first thing that came to mind on the question of what more could a hacker want.

    --
    "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
    1. Re:Sex? by jd · · Score: 5, Funny

      I assume the question is limited to things within the realms of reality, rather than science-fiction (the only known environment where geeks get laid). Of course, a totally evil hacker might upload a suitable hot coffee mod.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  5. Setting the scene by BWJones · · Score: 5, Funny

    I mean come on now... what good can an Internet connected coffee maker really do? No security conscious office will ever want a Windows enabled appliance around. Just imagine the scene:

    Special Agent Wilkins: How the Hell did they get in?

    Special Agent Thompson: Sir..... I... uh, think they got in through the coffee maker.

    Special Agent Wilkins: The What?

    Special Agent Thompson: Sir, the coffee maker that we got you for your birthday... the one that you wanted to be able to brew up a cup o joe from your office?

    Special Agent Wilkins: Oh fsck me....

    --
    Visit Jonesblog and say hello.
  6. Aww man by T3Tech · · Score: 3, Funny

    Now I'm seriously concerned about a coffee trojan vulnerability.

    I would hate to find out that my coffee had been maliciously replaced with decaf.

    --
    Of course I didn't RTFA... why would I do that? You really are new here aren't you? Don't let my UID fool you.
  7. What more could a hacker want? by katterjohn · · Score: 4, Funny

    How about the coffee?

    1. Re:What more could a hacker want? by jd · · Score: 4, Funny

      Hmmmmm. I wonder what would happen if someone totally evil patched the code so you had to win at minesweeper to get the coffee?

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    2. Re:What more could a hacker want? by WWWWolf · · Score: 5, Funny

      How about the coffee?

      Ah, the cleverness of the hack in question is not that they can make the coffee maker to produce coffee, no. The evil hax0rs really want the coffee.

      Employee 1: "This has to be the most ridiculous work order I've ever received."
      Employee 2: "What is it?"
      E1: "At precisely 12:02, I'm supposed to take the cup from the coffee percolator and deliver it to this address a few blocks away."
      E2: "What? Are you kidding?"
      E1: "No, it's on our company letterhead. Signed by the CEO. 'Deliver this cup of coffee to our IT subcontractor. This may sound like an unusual order, but millions are at stake here.'"
      E2: "Well, I wonder what those primadonnas come up with next time?"

  8. EVERYBODY PANIC! by rossz · · Score: 4, Funny

    Screw the company web server. Screw the sql database server. They've hacked the coffee machine! AHHHHHHHHH!!!!!!

    --
    -- Will program for bandwidth
  9. Re:hmmm by Anonymous Coward · · Score: 5, Funny

    Yeahhhhhh, i'm gonna have to go ahead & ... disagree with you there, yeahhh. I'm not sure hacking Lumberg's coffee maker is going to have any affect on him, yeahhh, you see, Lumberg doesn't sleep as he is up all night continually drinking from his perpetually-full mug, even as he bangs your girlfriend.

    btw, I'm gonna have to ask you to go ahead and come in on Sunday, too... :-P

  10. HTCPCP by Anonymous Coward · · Score: 5, Funny

    So, does this device conform to the HTCPCP (Hyper Text Coffee Pot Control Protocol) [http://www.faqs.org/rfcs/rfc2324.html] ?

    1. Re:HTCPCP by Pikoro · · Score: 4, Funny

      "Coffee pots heat water using electronic mechanisms, so there is no fire. Thus, no firewalls are necessary, and firewall control policy is irrelevant."

      That is the essence of the problem.

      --
      "Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
  11. Re:Weaken them by jamesh · · Score: 5, Funny

    NO one can survive without caffeine!

    I can. I can stop caffeine any time I want to.
  12. That's why they call it a firewall. by Chris+Snook · · Score: 4, Funny

    If you let the whole world control your heating elements, bad things happen. When was the last time you saw an Itanium box with a public IP?

    --
    There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
    1. Re:That's why they call it a firewall. by DoofusOfDeath · · Score: 3, Funny

      When was the last time you saw an Itanium box with a public IP?

      Are you kidding? When's the last time you saw any Itanium box?

  13. What's for breakfast? by fyoder · · Score: 5, Funny

    Once the coffee maker is compromised and turned into a rogue email server, breakfast choices will be coffee and spam, coffee egg and spam; coffee egg bacon and spam; coffee egg bacon sausage and spam; coffee spam bacon sausage and spam; coffee spam egg spam spam bacon and spam; coffee spam sausage spam spam bacon spam tomato and spam....

    Vikings: Spam spam spam spam...

    --
    Loose lips lose spit.
  14. Don't people learn by Xarin · · Score: 5, Funny

    Don't people ever learn. If you don't install a firewall, anti-virus protection, and anti-spyware software on your coffee maker, you deserve to be hacked. My coffee maker runs Linux and has never been hacked.

  15. Re:hmmm by mapleneckblues · · Score: 2, Funny

    can i have my stapler back please ?

  16. Re:Not a constantly-connected device by Anonymous Coward · · Score: 0, Funny

    I wouldn't mod you up since you took this seriously. What is like to be you? Do you lie awake at night trying to figure out why the chicken crossed the road?

    There once was a coffemaker from Nantucket,
    Whats dick was so long it could suck it
    It said with a grin
    As it wiped off its chin,
    "If my ear were a c#%+ I would f@#* it!

    No wait, coffeemachines don't have penises. Let me compute this. Computer. This is a Class-A compulsory directive. Compute, to the last digit, the value of pi.

  17. Tea by ozbird · · Score: 5, Funny

    Whatever you do, don't ask it for a cup of tea while it's connected to the Internet. "Share and enjoy."

  18. Coffee by dunezone · · Score: 5, Funny

    I, for one, welcome our new coffee brewing overlords.

  19. Did you hear the ones about... by pandrijeczko · · Score: 5, Funny
    Did you hear the one about the Microsoft coffee maker?

    It makes tea then convinces you that you only ever wanted a tea.

    Did you hear the one about the Apple coffee maker?

    It does an amazing Mocha Frappucino with whipped cream, caramel sauce and a chocolate flake in the top but doesn't know how to make a plain black coffee.

    Did you hear the one about the Linux coffee maker?

    v0.1 made a good plain coffee but it took a while doing it, v1.0 makes good plain coffee but there's a patch that allows it to make better tea than the Microsoft coffee maker and v2.0 gives you a cup of plain coffee, a cup of whipped cream, a cup of caramel sauce, a chocolate flake in a wrapper and tells you to make the coffee how you want but for a much lower price than the Apple one.

    Did you hear the one about the Vista coffee maker?

    Nope, neither did I but then who gives a shit.

    --
    Gentoo Linux - another day, another USE flag.
    1. Re:Did you hear the ones about... by mrogers · · Score: 5, Funny

      Did you hear the one about the OpenBSD coffee maker?

      Theo De Raadt makes a perfect cup of espresso and then throws it over your shirt.

  20. What more could a hacker want? by CoolGopher · · Score: 4, Funny

    An Internet-enabled, remote-controlled coffee-machine and XP backdoor -- what more could a hacker ask for?

    Access to the coffee his new bot brews?

  21. wait a minute... by Quadraginta · · Score: 2, Funny

    Doesn't Linus run on coffee while hacking? I'm confused. Which came first, the kernel or the caffeine?

  22. Re:Weaken them by algerath · · Score: 4, Funny

    You know the first step in getting help is admitting that you have a problem.

  23. Where's John Foster Dulles when you need him? by Quadraginta · · Score: 2, Funny

    Sure, but lacking caffeine you'll lack the energy to do anything about it. You'll be assimilated without resistance.

    So unless a patch is found, you'll need to set up dedicated hosts ready to launch a devastating counter-strike on their coffee machines within the first microsecond of detecting incoming ICDMs (Internet Coffee Datagrams, Malevolent), and trust to an uneasy policy of Mutually Assured Decaffeination to keep the peace.

  24. Mornings for me... by ockegheim · · Score: 4, Funny

    ...involve coffee and a hacking cough, so maybe it would suit me.

    Reminds me of the toaster in Red Dwarf.

    My coffee machine was designed in the 1950s, and makes brilliant coffee if you put enough love in.

    --
    I’m old enough to remember 16K of memory being described as “whopping”
  25. Please... by EnglishSteve · · Score: 2, Funny

    Could someone hack into *our* coffee machine and make the coffee taste better?

  26. Re:Weaken them by Upphew · · Score: 4, Funny

    But if I don't have a problem, then I don't need help, so why should I admit anything?

  27. It could actually be dangerous... by ewrong · · Score: 5, Funny

    1: Hack your competitiors coffee machine.
    2: Set it to only serve decaff.
    3: Sit back and watch their productivity go through the floor.

  28. I wonder by Etrigoth · · Score: 5, Funny

    Is this technically a Java exploit ?

    *sorry*

    --
    When we remember we are all mad, the mysteries disappear and life stands explained.
  29. Re:Check with the Internet Engineering Task Force by saforrest · · Score: 3, Funny
    Well, I hope someone is checking whether this thing is truly RFC 2324 compliant.

    I was just going to mention that RFC 2324 considered this problem way back in 1998, in section 7 "Security Considerations":

    7. Security Considerations

    Anyone who gets in between me and my morning coffee should be insecure.

    Unmoderated access to unprotected coffee pots from Internet users might lead to several kinds of "denial of coffee service" attacks. The improper use of filtration devices might admit trojan grounds. Filtration is not a good virus protection method.

  30. but of course by nimbius · · Score: 5, Funny

    just another entry in a long list of devices that, while harmless otherwise, now have the ability to injure you once integrated with Microsoft Windows.

    --
    Good people go to bed earlier.
  31. The toaster on Red Dwarf by wfstanle · · Score: 2, Funny

    This article reminds me of the toaster on Red Dwarf.

    Toaster: "Haw do you like your toast"

    Lister: "I don't want toast, I don't want muffins. I don't want bagels (etc.)"

    Toaster: "Ah I understand! You're a waffles man!."

  32. Keep your Symantec web, I'll take ESET anyday by TravisO · · Score: 2, Funny

    Symantec Web technology??

    Eww no, I don't want my coffee brewing at half speed and then notifying me every time it brews a new cup with "Hey look at me, I did my job, I updated my filter, aren't I a good boy."

    Perhaps ESET makes a coffee pot?

  33. Hey Editors, Proofreed, PLEASE by Chapter80 · · Score: 2, Funny

    All Your Coffee Are Belong To Us
    This makes no sense. "All your coffee are belong..." huh? Come on you Editors!

    For the English speaking crowd, I think just deleating teh word "Are" would help it make more sense.
    --
    Yeah, that's right, I said it.