Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trane Takes 2 Years To Remove Hard-Coded Root Passwords From IoT Thermostat (softpedia.com)

Posted by timothy on from the well-it-was-hard-coded dept.

An anonymous reader writes: It took 22 months for Trane to patch three security bugs in its ComfortLink II XL950 smart Wi-Fi thermostat product, the ComfortLink II XL950, a modern IoT device along the lines of Google Nest, which offers a simple way to manage your apartment's or building's internal temperature. Researchers contacted Trane about their three issues in April 2014, the company fixed the RCE flaws in April 2015 and recently released a firmware update at the end of January to fix the last issue. During all this time, the company barely answered emails and continued to sell an exposed product.

75 comments

  1. Cool, interesting. by Anonymous Coward · · Score: -1

    Thanks for the post, I'll check it out!

  2. IOT isn't as easy as it sounds. by blueshift_1 · · Score: 1

    This has always been a severe issue with specific hardware produced by companies that aren't technology focused (and even some that are). These little debugging/service backdoors worked when there wasn't a vast resource of easy information sharing - and the device wasn't able to be accessed from anywhere. One day these product engineers will figure that out - maybe.

    1. Re:IOT isn't as easy as it sounds. by karlnyberg · · Score: 0

      It's hard to stop a Trane....

      (couldn't resist...)

      --
      -- Karl --
    2. Re:IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      Trane? You have to send a pull request...

    3. Re:IOT isn't as easy as it sounds. by supremebob · · Score: 2

      That said, I bet that security hole would have been fixed a hell of a lot quicker if it was publically announced to the world instead of trying to report it through Trane's security inept support channels.

    4. Re:IOT isn't as easy as it sounds. by Gr8Apes · · Score: 1

      If only they made it LAN only, it would already be infinitely more secure than most of these companies are capable of making a true internet accessible IoT device. It's that simple. Besides, I don't want or need an account with some service to run something on my own network.

      --
      The cesspool just got a check and balance.
    5. Re:IOT isn't as easy as it sounds. by Brett+Buck · · Score: 2

      Trane is certainly "focused on technology". Just not computer geek technology. Do you know how to design and manufacture a long-lived air conditioning or heat pump compressor? And successfully and profitable for decades?

            Technology existed before the internet, you know.

    6. Re:IOT isn't as easy as it sounds. by Joe_Dragon · · Score: 2

      Back when the weather channel was cool and LOT8's was longer then 60sec.

    7. Re: IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      I may not know how to do those things, but I don't add them to my IT product badly, and fuck over my users either. So no, they don't know tech. Blinding adding it means they don't know it.

    8. Re:IOT isn't as easy as it sounds. by Thud457 · · Score: 3, Interesting

      No. But I'm pretty sure I could spec out cheap crap compressors from China while riding my brand name into the dirt.

      --

      the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

    9. Re:IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      No. But I'm pretty sure I could spec out cheap crap compressors from China while riding my brand name into the dirt.

      Have you considered a career in venture capital or private equity? ;)

    10. Re:IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 3, Informative

      "Do you know how to design and manufacture a long-lived air conditioning or heat pump compressor?"
      No, but neither does Trane (or Ingersol-Rand for that matter, who owns Trane.) They use another company's compressor now.
      Heck, they took the original compressor design they once used from GE, when they bought the division from them years ago. As a matter of fact, the only thing that Trane "owns" in their design is the coils and the cabinets. I believe the coils are actually made by Alcoa.
      "Trane" is just a brand name. It's really not any better or worse than most of the other manufacturers out there. You just pay more "'cause it's a Trane!"

      -ACAC (air conditioning anonymous coward)

    11. Re:IOT isn't as easy as it sounds. by swb · · Score: 2

      Isn't the punchline to this "No, and based on my ownership experience, neither does Trane."

    12. Re:IOT isn't as easy as it sounds. by evolutionary · · Score: 1

      True, but then you couldn't control it from the airport with your smartphone. You could argue security issues, but that would result in too many people not feeling the joy of controlling their home from anywhere in the world. Of course they forget others could too...that's besides the point, at least to those seduced by the "cool" factor. (I blame Apple...too use friendly for our own good..)

      --
      "Imagination is more important than knowledge" - Einstein
    13. Re:IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      No, but neither does Trane (or Ingersol-Rand for that matter, who owns Trane.) They use another company's compressor now.
      Heck, they took the original compressor design they once used from GE, when they bought the division from them years ago.

      I'm pretty sure that Trane *used* to design their own compressors, given that my dad (a mechanical engineer) used to do *that exact thing* for them.

      They used to have some pretty nifty MechE demos every year for the local students.

      You may be right about the compressors nowadays, though. OTOH as recently as 10 years ago at least some of their consumer air conditioners still had pretty high reliability, regardless of the source of their components. I have one such unit attached to my house and it just runs and runs and runs.

    14. Re:IOT isn't as easy as it sounds. by omnichad · · Score: 1

      For centrally managed services, that doesn't require an inbound password. That can be done by the device making outbound connections to the central server.

    15. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      Even harder to start one.

    16. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 3, Interesting

      Over engineered crap. It definitely is worse than most other manufacturers. I learned this when the inducer motor went on my furnace. They sold a furnace with an ECM inducer motor (for efficiency sake?), then stopped making them. So now in order to replace the inducer motor you need a new circuit board, a standard less efficient than what was advertised PSC motor, and someone to completely rewire the furnace with the new wiring harness. Then you need to pay someone labour and parts markup to install the $1400 in parts which they wont sell to you because you're not "Trained in Trane".

      Fuck you Trane. I hope you get hit by a Train.

    17. Re:IOT isn't as easy as it sounds. by rmdingler · · Score: 1
      That's not your inducer moter... it is your blower motor, reponsible for moving air with a squirrel cage through the ductwork in your home.

      The inducer motor is to force or draw combustion gases through the heat exchanger and out the roof vent. ECM motors are frequently unreliable, and expensive to replace, but you can replace one with a PSC motor and relays without changing out the circuit board.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    18. Re: IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      VPN home and control everything from there. No cloud-based services. I just installed Domoticz at home so I'm trying this method.

    19. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      No. It's he inducer motor. If it was the blower motor I could just get a new motor and install it myself. Trust me, I've learned a lot about this furnace since I was suckered into buying it.

    20. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      Also.. Everything except the actual motor is made out of plastic. You cannot remove the impeller from the shaft of the motor without breaking it. Once it's broken it cannot be repaired to work reliably at 3000RPM. Even if you could replace it with an equivalent PSC motor and relays, the circuit board communicates with the inducer motor which is no longer there so it will never light the burner even though the pressure switch is closed.

    21. Re:IOT isn't as easy as it sounds. by rmdingler · · Score: 1
      We've had a metric ton of problems with the ECM blower motors. Many of the first renditions came with the old boards modified, so that there was still a place to install a PSC motor when the very expensive oem motor failed prematurely. In some cases, you were forced to purchase the motor and control module as one unit.

      The general movement toward increasingly more efficient equipment forces manufacturers to modify proven technology to eke out higher efficiency plateaus, but the savings enjoyed from an upgrade (80% to 90% AFUE furnace) is often offset by more expensive and less available replacement parts.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    22. Re:IOT isn't as easy as it sounds. by Gr8Apes · · Score: 1

      (I blame Apple...too use friendly for our own good..)

      I'd blame the ISPs that make it so darn difficult to connect directly to your own machines. As for everything else, it truly can be simple, but the manufacturers see $s and want you to pay them more, forever.

      --
      The cesspool just got a check and balance.
    23. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      Even on boards without those terminals, you could if you wanted use relays to switch speeds powered by the EAC terminal which is powered any time the fan is on. Except the circuit board is so "smart", that it cant tell how fast the blower motor is spinning anymore and assumes it has failed.

    24. Re: IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      whats so tough? and how is an isp going to negate the need to port forward in your router?

    25. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      I'm sure there's a cool factor that means something to somebody. But when you live in a climate that is -40 degrees (celsius and fahrenheit) at times, having your thermostat email you when the furnace has failed is definitely more than cool, it can save you thousands of dollars.

    26. Re: IOT isn't as easy as it sounds. by corychristison · · Score: 1

      I think he means lack of non-static IP addresses (especially in North America).

    27. Re: IOT isn't as easy as it sounds. by corychristison · · Score: 1

      Sure, but it definitely doesn't need inbound network access. It shouldn't beed UPnP as the theromostat should simply be polling requests from the central servers.

      It could even be used to send a message to your email (outbound connection).

      Why these devices require inbound connections at all simply doesn't make sense to me.

    28. Re: IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      Ingersoll Rand is doing a fine job stopping Trane.

    29. Re:IOT isn't as easy as it sounds. by AmiMoJo · · Score: 1

      It's basically an impossible situation for security researchers. If they report it only to the manufacturer it can take years to be fixed. If they report it with a note that they will go public in a month they get sued or arrested. If they just report it publicly they are accused of being irresponsible.

      When I find an security flaw, if the company has a bug bounty programme or formal submission process I report it to them with a note that I'll post it publicly in a month unless they ask me to do otherwise. If they don't have any kind of formal vulnerability reporting scheme in place I send them and anonymous email with details, and then make it public with a throwaway account on a suitable forum or whatever seems appropriate.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    30. Re:IOT isn't as easy as it sounds. by Anonymous Coward · · Score: 0

      Focused on _NOISY_ technology. how on earth do they manage to make their product that loud?

    31. Re:IOT isn't as easy as it sounds. by jbengt · · Score: 1

      First, you're talking about their residential lines. Nobody makes small, off-the-shelf refrigeration systems in the US anymore. Everybody makes them in Asia. (I think there's one manufacturer making them in Africa.)
      Trane's commercial lines are considered middle-of-the-road: Not the high quality equipment that costs too much for the typical cheap budget, and not the piece of crap that will get the submittal rejected by the specifying engineer.
      You are right, though, about branding, though by no means is that limited to Trane. Everyone keeps getting bought and sold and outsourcing their components - to the point that naming different models from different manufacturers in the spec can give you a choice of buying the exact same item with different labels.

    32. Re:IOT isn't as easy as it sounds. by bozzy · · Score: 1

      Fuck you Trane. I hope you get hit by a Train.

      And forced to listen to the band Train...

      --
      playmoney.me - The free alternative to paper board game play money
    33. Re:IOT isn't as easy as it sounds. by jbengt · · Score: 1

      The trend is for single phase motors to go ECM for any application where the speed needs to be adjustable or variable. This is a fact of life for all types and brands of equipment. 10 years ago, we had a job where dozens of ECM motors had to be replaced not long after being installed. The manufacturers seem to have caught on and now use motors that can handle the electronic switching better, so there's very few early failures anymore.
      The other trend in appliances is to add digital electronics that fail easily and require wholesale board replacement when they fail. I guess the warranty expenses are worth it to the manufacturers compared to making (buying from an outsourced supplier) something better.
      So, while I feel your pain, it is not Trane leading the way here, they're following the market trends.

    34. Re: IOT isn't as easy as it sounds. by Gr8Apes · · Score: 1

      Not only lack of non-static IPs, but worse than that, ISPs that actively engage in port blocking because "servers" aren't allowed on their networks. That's dropped off some thanks to games and other PTP applications, but many still filter a set of ports and as of a few years ago will block or degrade large externally originated sources.

      --
      The cesspool just got a check and balance.
    35. Re:IOT isn't as easy as it sounds. by Curtman · · Score: 1

      The problem isn't the switch to ECM. It's that they didn't make replacements for when they broke. So repairing a broken ECM inducer motor requires me to replace almost every electronic component in the furnace along with the associated labour costs to do it, even though I'm fully capable of doing it myself. They will not sell them to me.

  3. Thats my thermo by Anonymous Coward · · Score: 0

    Sounds like I get to have some fun tonight!

  4. I don't understand technology anymore by Anonymous Coward · · Score: 0

    It's a thermostat. It controls current into a resistor nailed to your wall. What the hell do you need an OS in there for??

    1. Re:I don't understand technology anymore by Anonymous Coward · · Score: 0

      That's sort of like asking why you need a computer controlling an internal combustion engine. You don't need it, but it does enable a number of advanced features that might become highly desirable in the future.

    2. Re:I don't understand technology anymore by stabiesoft · · Score: 1

      I imagine it does some of the same stuff my new lennox one does. Health checks etc. Mine for example validates temp outside before kicking in the compressor to avoid destroying it. Also checks static pressures in air flow to check filter flow rate. Keeps track of any error codes thrown by other units (furnace, A/C, etc). And I imagine the trane is also like the lennox. Don't give it your wifi password and it will not go on the interwebs. I like the extra stuff my Tstat can do, but do not want it on the WAN/LAN, so I just don't set it up.

    3. Re:I don't understand technology anymore by Curtman · · Score: 3, Informative

      No its not. "Legacy" thermostats were essentially a few relays and some operator controls. 24VAC is fed to the thermostat terminal "R" from the furnace or air handler. When it wants the fan to run, it switches 24V to its terminal "G", when it wants heat it puts 24V on terminal "W", Cooling is terminal "Y".

      These new "communicating" thermostats are a CANBUS network similar but much more poorly documented than the OBD one in your car. However it does things like send you an email when the furnace is failing, or when the temperature in your house has fallen to where you might have to worry about freezing pipes etc. It can tell you that it failed to ignite several times so you might want to book service before it fails completely.

      I wish there was some online presence for people hacking these things. Inside my Lennox iComfort thermostat I found an SD card containing an OS called "MQX RTOS", and a i.MX287 processor.

    4. Re:I don't understand technology anymore by Anonymous Coward · · Score: 0

      You don't need it, but it does enable a number of advanced features that might become highly desirable in the future.

      Such as making it necessary to take it to the dealership to get it diagnosed and repaired.

    5. Re:I don't understand technology anymore by Anonymous Coward · · Score: 0

      and all those tasks could be done by solid state simple circuit hardware for a fraction of the price and a forever lifespan.

    6. Re:I don't understand technology anymore by CharlieG · · Score: 1

      Unless (like my den) someone decided to save a few bucks (basically the price of the transformer and a relay) and installed a high voltage thermostat, and then you have 110 volts right on the stat. You'd think...
      Has caused me enough issues that I think come this spring, I'll do it (Dad would be laughing - he was an HVAC mechanic, and would do it 'whenever' - and of course, I don't have a spare relay...)

      --
      -- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
    7. Re:I don't understand technology anymore by Frederic54 · · Score: 1

      Oh nice, I worked with Precise/MQX and its RTCS stack, I implemented SNMP v2c for our products running this OS.

      --
      "Science will win because it works." - Stephen Hawking
    8. Re:I don't understand technology anymore by Anonymous Coward · · Score: 0

      I work in automotive software. MQX is an RTOS with a tight relationship with Freescale NXP (might be owned by NXP). As for CAN inside of thermostats, I've never heard of it. What would it communicate with? Controllers in the furnace and air conditioners? Obviously the internet stuff is running over WiFi, not CAN.

    9. Re:I don't understand technology anymore by Curtman · · Score: 1

      Every manufacturer seems to be doing it now at least in the higher end models. Lennox has iComfort, Trane has this POS from the topic, Carrier has Infinity. The thermostats are connected to the furnace with 4 wires. R = 24v, C = Common, "i+", and "i-". There's those same terminals at the Air Conditioner. The gas valve has Tx and Rx blinky lights, the blower motor too. The thermostat reads the outdoor temp from the air conditioner's thermistor through the bus, all sorts of sensors in the furnace are readable in the thermostat, CFM of the blower, pressure in the ductwork, supply and return temperatures, etc..

    10. Re:I don't understand technology anymore by Curtman · · Score: 1

      This patent is the best reference I've found so far. It's all proprietary though, Lennox thermostats won't work on a Carrier furnace or air conditioner, etc. And the software seems to be really terrible on all of them.

  5. Important Stuff (For the discussion) by Anonymous Coward · · Score: 0

    * Please try to keep posts on topic.
    * Try to reply to other people's comments instead of starting new threads.
    * Read other people's messages before posting your own to avoid simply duplicating what has already been said.
    * Use a clear subject that describes what your message is about.
    * Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
    * If you want replies to your comments sent to you, consider logging in or creating an account.

  6. Needs more Appernet of Apps! by Anonymous Coward · · Score: 0

    Modern app appers know that ONLY apps can app apps, which is why Trane's LUDDITE Internet of Things is insecure! If Trane used the Appernet of APPS, it would be 100% appy!

    Apps!

  7. They have your money... by MonkeyBob · · Score: -1

    ... why do they care?

    Repeat sales? How many thermostat controllers do you need?

    --
    // TODO: Add comments
    1. Re:They have your money... by Gr8Apes · · Score: 1

      How many thermostat controllers do you need?

      Apparently more than I thought I would, as I'm looking at buying my 6th and 7th ones, and possibly another 3.

      --
      The cesspool just got a check and balance.
    2. Re:They have your money... by MonkeyBob · · Score: -1

      What sort of mansion do you live in???

      --
      // TODO: Add comments
    3. Re:They have your money... by Gr8Apes · · Score: 1

      Mansion? Who said they were all for one house? I've replaced a lot of these over the years, I'm pretty sure the number is higher than what I stated, I just recall changing out at least 5. As for the last 3, I would use them for single room zone controls. I've been looking at the duct work, and believe that I can actually use them to control the heat better and only cool/heat the areas I wish.

      --
      The cesspool just got a check and balance.
  8. Rending of garments to commence! by Brett+Buck · · Score: -1, Troll

    Oh My GOD! A possibly exploitable-if-you-know-or-bother-to-look-for-it bug in a device that will change the room temperature! On something that doesn't really need to be connected to the internet in the first place, and would slightly inconvenience you if it were pwn'ed! Bring back the guillotine because this is worse than 9/11!

          If you are super-paranoid, just pull the ethernet cable, then you can live your life without the existential dread of coming home to a 78 degree house.

    1. Re:Rending of garments to commence! by Gr8Apes · · Score: 3, Insightful

      I would be more concerned about the sub 32 degree house

      --
      The cesspool just got a check and balance.
    2. Re:Rending of garments to commence! by Anonymous Coward · · Score: 0

      It isn't the prospect of having a somewhat warm house that is bothering people -- if you live anywhere that dips below freezing, a hacker turning off the heat completely could cause the pipes in your house to burst, causing huge amounts of damage. That is not something that will "slightly inconvenience you"...

    3. Re:Rending of garments to commence! by Anonymous Coward · · Score: 0

      I'd be more concerned about the nuclear warheads pointed at the house when it gets used as a staging ground for an attack on some other nation's army.

    4. Re:Rending of garments to commence! by Anonymous Coward · · Score: 0

      Oh My GOD! A possibly exploitable-if-you-know-or-bother-to-look-for-it bug in a device that will change the room temperature!

      There are multiple ways to damage structures and or equipment by screwing with thermostats especially fancy models controlling expensive equipment or more than just a basic furnace.

      - Intentional rapid cycling of compressors
      - Running compressors below lockout temperature
      - Deep freeze - frozen pipes - water damage
      - Condensation and mold growth within structure
      - Condensation and rusting within ducting
      - Operating 90% efficiency heaters below temperature where condensate forms in the interface of secondary exchanger (Normally >50 f)

      I love technology but I love the KISS principal more.

      If there is little reason to connect something to the Internet then don't do it. If a component is unnecessarily complex then due diligence may be wise to consider all costs of ownership including relative risk of failure.

      For most people IoT simply does not deliver the goods for what it costs.

    5. Re:Rending of garments to commence! by rmdingler · · Score: 1
      With the focus of late on the latest, greatest, and ever more complicated, your potential points of failure increase.

      Now, something short of a power outage is enough to freeze your water pipes... say a wifi outage or low voltage interruption to the Nest.

      Buy some insurance. Wire in an Accustat as a backup that kicks heat on at 10 degrees Celsius.

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    6. Re:Rending of garments to commence! by Gr8Apes · · Score: 1

      Or, don't use a Nest to begin with. Why on earth does Google need to know the temperature settings in my house at any given time?

      --
      The cesspool just got a check and balance.
    7. Re:Rending of garments to commence! by jbengt · · Score: 1

      Most of those points wouldn't be controlled by the thermostat (I would hope), but by the internal controls in the equipment. Even if they were accessible thru the thermostat, you shouldn't be able to change things like the anti-short cycle timer or the compressor low ambient lock-out.

  9. Well if they hadn't admitted they were women by Anonymous Coward · · Score: 0

    Trane would've had it fixed in 2013. At least given the "research" in the previous article.

  10. The flip side to "its hard to stop a Trane" by laurencetux · · Score: 1

    its also hard to get a train GOING.

    Im sure the actual patch writing time was minimal but

    15 different managers had to be consulted/bribed to sign off on the code
    there were 50 different meetings to sort out what the bugs were exactly
    somebody had to be assigned the task of writing the code (and this was a busy person)
    the code had to be audited for serious bugs like nonPC variables
    then it had to be tested
    and packaged for deployment

    do i need to go on??

    1. Re:The flip side to "its hard to stop a Trane" by Anonymous Coward · · Score: 1

      I worked there in IT. It's not "Hard to Stop a TRANE", especially once Ingersoll Rand got involved. With the great majority of IT outsourced it's amazing they can get anything done at all !

  11. Sounds like it's time for a certification by Anonymous Coward · · Score: 1

    At what point is a professional body going to be setup so that we can get a certification like "Ain't Totally F'd Up" for any device that connects to the interwebs?!?

    Surely someone has some kind of idea of how to do interweb connected things anti-ass-backwards (and stop calling me Shirley).

  12. Would you like to play a game.. by evolutionary · · Score: 3, Interesting

    Okay, this is just too hilarious. It's like the movie "War Games" when the computer engineer left his dead son's name as a password before he disappeared. This sort of thing tends to happen when a non-engineer want to ensure absolute control in a quick dirty way. Of course anyone with any foresight (AKA IT/Engineering professionals or even Philosophers/Historians I expect) would have pointed out how easy a back door this would be. We already have tons of historical precedence. And then take two years to undo it? Probably a 3rd party pointed out they could be sued for negligence and said "get this fixed...now". The usual reactive crap when sales/iron grip overrides good judgement for short terms savings. Of course why anyone would want a device like this in their home giving people a potential back door for any hacker to get in through the Internet and play poltergist is slightly puzzling. People need to learn that "Convenience comes at the price of Security". Kind of sounds like: "With Great Power comes great responsibility". Of course nobody seems to learn from either phrase. And here's another one: "Those who forget their history are doomed to repeat it"...whoops...too late...

    --
    "Imagination is more important than knowledge" - Einstein
  13. Oh yeh by djent · · Score: 1

    "there's nothing like a Trane" unless it's a nest. Damn good thing.

  14. Chew chew by Impy+the+Impiuos+Imp · · Score: 2

    > It took 22 months

    "Nothing Starts a Trane(tm)"

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  15. Thats a special kind of pathetic by Revek · · Score: 1

    Seriously? what kind of noob idiots are they?

  16. lol thermostat by Anonymous Coward · · Score: 0

    That's how I initially misread the headline.

  17. Demonstration Is the Only Way by Anonymous Coward · · Score: 0

    I'm very well aware of all of the possible risks of a backdoored thermostat. I'm looking at one on my wall right now, but frankly, I don't care either. I've got a better shot at winning the PowerBall than of someone impacting me in any way via that thermostat.

    A thermostat has a backdoor. So fucking what? That's what consumers say, that's what the manufacturer says, that's what casual observers say. So fucking what? I don't care if there is some insanely small and HIGHLY unlikely chance that someone might change the setpoint on my thermostat.

    It's not their fault that they aren't network security professionals and can't see the broader risk. Since you aren't showing them the risk, they look at you like you're a conspiracy lunatic. Which, in fairness to them, you really are.

    The only way you can effectively get people with no understanding to appreciate such a risk is to let them suffer from it, at least a little bit. Trane didn't and still doesn't give a rat's ass about it. They suffered no risk. In their mind, there was never any risk at all. They need a demonstration that shows the risk to them.

    Someone needs to turn up the heat on all the Trane thermostats and run up everyone's electric bills. When Trane gets slapped with a class action law suit for their lax security, they'll care.

    Use a Trane thermostat as a jumping off point to compromise home networks and steal people's banking information. Don't just point it out as the extra ordinarily unlikely possibility that it is. Do it.

    There will likely be someone in this thread that presents some insane CSI scenario of elderly people being killed by evil anonymous hackers turning off their heat in the nursing homes during the dead of winter. Possible? Yes, technically possible. Likely? I'm pretty sure I'll have a flying car long before that that happens, so no, not likely.

    Nobody cares if their thermostat gets rooted! Get over the sky is falling attitude.

  18. Well, it's still better than the Nest by Anonymous Coward · · Score: 0

    Sure, the passwords allow random strangers to set your temperature. But it doesn't suffer from the hardware flaw the Nest does. That hardware flaw being that the Nest is advertised as not requiring a grounding wire, and thus instead randomly turning your furnace or air conditioner on to power an internal battery. You can take the Trane thermostat offline and worry not about hacking. The Nest, though, is going to fuck up no matter what you do!

  19. Finally by Anonymous Coward · · Score: 0

    Now, I understand why it's always too hot in my office...