Like something right out of the Jetsons Family’s array of labor-saving devices, the Jura F90 Bean to Cup Coffee Machine, a real-world appliance that goes for $2,000 on Amazon, comes with a touchscreen panel, from where drinkers can specify the volume, strength and temperature of their coffee. However, the Pandora’s box in the deal is the coffeemaker’s Internet connectivity.
CNET reports how consumers face the risk of a hacker influencing the outcome of their morning (and also how good their coffee is going to turn out). By hooking up the coffeemaker to a PC and connecting the PC to the Internet, coffee connoisseurs can remotely concoct the perfect cup of coffee. However, this level of convenience does not come without hazards. An Australian risks manager discovered that along with the capacity to make custom-made latte, his coffeemaker comes with a vulnerable application that can allow a remote user to take over his PC (and maybe even nuke his coffee a tad too hot). The bug allows a remote buffer overflow to execute arbitrary commands.
The issue still boils down to the need for good coding practice as one of the foundations of security. For we have seen quite a lot of other Internet-connected devices and appliances that had suffered the same troubles in the past: from printers, to cardiac devices and navigational tools.
As of this writing, no patches exist for this discovery. Users are advised to update their software as soon as updates are released. Non-coffee fans should not rest easy, though. Hackers may just be brewing some other bitter formula.