Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keurig 2.0 Genuine K-Cup Spoofing Vulnerability

Posted by ryuzaki0 on from the if-only-this-worked-for-ink-jet-cartridges dept.

An anonymous reader writes A security researcher has released a humorous vulnerability description for the Keurig 2.0 coffee maker, which includes DRM designed to only brew Keurig brand coffe pods (K-Cups): "Keurig 2.0 Coffee Maker contains a vulnerability in which the authenticity of coffee pods, known as K-Cups, uses weak verification methods, which are subject to a spoofing attack through re-use of a previously verified K-Cup." The vulnerability description even includes mitigating controls, such as keeping the Keurig in a locked cabinet when not in use. Also at Hackaday.

9 of 270 comments (clear)

  1. But does it report artificially low ink levels? by pla · · Score: 5, Insightful

    Why in the hell would anybody buy a coffee maker that uses DRM to prevent using "non-genuine" coffee?

    1. Re:But does it report artificially low ink levels? by gstoddart · · Score: 4, Insightful

      There are many other brands of brewers that make single serving coffee and none of them force you to use any particular brand of cup.

      So, on the off beat chance you don't know this ...

      Most of those single serving cups are, in fact, the k-cup form factor. The patents for those expired several years ago, and everybody could make compatible stuff. Because, really, it's a little plastic tub with coffee in it and it isn't rocket science. You can buy them anywhere, and find lots of makers which support them.

      Now ... this is the new hotness. The K-cup 2.0, with DRM.

      So, all of those brands of brewers and cups you could buy? You still can. Nothing about those has changed. Your older Keurig machine? Nothing has changed with that either.

      But, if you end up buying a newer Keurig machine ... suddenly you get DRM, specifically because it's the razor blade business model, and Keurig has decided you must buy from them.

      --
      Lost at C:>. Found at C.
  2. Re:Someone has by Z00L00K · · Score: 4, Insightful

    Considering the impact on the environment of pods that just ends up in the garbage there's now two reasons not to buy them.

    OK, the coffee they make isn't bad, but what's wrong with an ordinary espresso machine?

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  3. Re:Holy Fuck! by slashmydots · · Score: 3, Insightful

    Not as much as the cost of those RFID tags or whatever they had to add to their cups. The expense was obviously passed directly onto the customer.
    They spent money on RFID tags and charged the consumer more to ensure that the customer pays them more money by not buying off-brand stuff. Now that's how you show customer appreciation.

  4. Re:Someone has by peragrin · · Score: 2, Insightful

    Waste.

    Keurigs one selling point is that only coffee that is wanted gets made(baring people who toss it after it gets cold). I can't tell you the number of pots of coffee I made that I have thrown out. Probably around 30%. The k cups allow only coffee that is desired to be made at the cost of extra plastic waste. Bonus you can get increased variations of coffee. ao different people can get the different flavors they want including hot chocolates and teas for those who don't drink coffee.

    You can't do that with just any coffee maker easily.

    --
    i thought once I was found, but it was only a dream.
  5. Re:Someone has by nitehawk214 · · Score: 3, Insightful

    But I think it is the other waste factor that people are more concerned about, trash generated per cup of coffee.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust
  6. Re:Holy Fuck! by nitehawk214 · · Score: 4, Insightful

    Obviously the solution is to put a tax on all normal coffee and send the money directly to Keurig.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust
  7. A more elegant hack by Anonymous Coward · · Score: 4, Insightful

    The way demonstrated in the video is a pretty ugly way to fix the problem, you have to constantly put your fake lid on top of the cup you make. Towards the back left side of the piece that lowers down there's some kind of small optical sensor that looks for the keurig border that's only on keurig cups -- if you peel the label off one you can cut out a small piece of just the border and tape it directly under the sensor -- you just have to make sure it's lined up the way it expects and you'll never have to futz with an extra lid again. Some quick scissor work and a piece of scotch tape and it's been going strong for probably around 2 months now.

  8. Re:Someone has by Zontar+The+Mindless · · Score: 5, Insightful

    I use a French press, beans, and a grinder. Zero waste other than the grounds (and if I had a yard, I could compost them). The grinder's a hand-cranked model, so the only power used is to heat the water.

    I've been making coffee this way for years, but never thought about the fact that it's also very conservative of resources until now.

    And I despise the capsule-style makers on general principles; as for Keurig--if I won't accept DRM for my music and video, I sure am as fuck not going to accept it for my coffee.

    --
    Il n'y a pas de Planet B.