Android Exploit of the Week. Hell, evah...
According to an advisory published by the Trustwave SpiderLabs, the “My Satis” Android application that is used to control Japanese smart toilets has a hard-coded Bluetooth PIN. The code can be used to control any, yes, any Satis
smart toilet. Worse, the PIN is 0000.
In enemy hands this code could have disastrous fall-out.
“An attacker could simply download the ‘My Satis’ application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner. Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user,” experts noted.
The real scandal? The issue has been known since June. Nothing has been done by the developers to fix this exploit.
One also has to wonder why NSA-leaker Snowden has not warned flushers of this issue? What kind of game is he playing?
No, today is not April 1st, and this is a very pressing issue.
Get My Satis in the Play Store
Full story here