June 26, 2008
Q-CERT employees are in the habit of relaxing from a hard day of incident management by indulging in a mid-afternoon cappuccino. Now it appears that even that simple pleasure may be threatened by software vulnerabilities. Apparently, the popular Jura-Capressa F90 espresso machine, which is designed to be connected to the internet, can be hacked. Malicious individuals may be able to change the settings on the machine, damage it by setting incorrect configurations, and even use it to penetrate the local area network it is connected to.
Researchers have been warning for years now that internet-connected home appliances were not just a tremendous convenience, but also a serious information security problem. It looks like those fears may be starting to materialize.