Tattling Kettles Help Researchers Crack WiFi Networks In London

New submitter campuscodi writes: Security researchers at Pen Test Partners have found a security vulnerability in the iKettle Wi-Fi Electric Kettle that allows attackers to crack the password of the WiFi network to which the kettle is connected. Researchers say that using this simple trick and information about iKettles, they drove around London, cracked home WiFi networks, and created a map of insecure WiFi networks across the city. The same researchers cracked a Samsung smart-fridge this summer to disclose Gmail passwords. If you have 6 minutes, there's a YouTube video you can watch.

Re:Ok first...

[ShanghaiBill]

Seriously, is this a need?

Most products are about filling a desire rather than a need. My wife is a tea connoisseur, spending hundreds of $s on gourmet blends. I could see her buying a device like this, so she could precisely control the timing and temperature. She would certainly buy it if it came with a Python API so she could write her own tea brewing apps.

Re:Ok first...

[TechyImmigrant]

Talk about solving First World problems - geesh.

I live in the first world. I have first world problems. I have no shame in solving them.

Re:Welcome to Io(insecure)T.

[TechyImmigrant]

Security is only expensive relative to the prices for components that kettle manufacturers dream of.

Relative to your wallet, the cost of the silicon area for some public key and symmetric crypto along with a good RNG is a fraction of a cent up front and a few cents at the end of the producer-consumer chain. This I know because it's my job to design this stuff.

You'd probably be happy to pay a few cents extra per product for all devices to employ good crypto hardware, but somewhere along the chain is some idiot saying security is expensive.