Press

About CIL&S
Show information
Industry news
Supported by
How to get to SNIEC

Luxury toilet users warned of hardware flaw Source: BBC       Release Date: 2013-08-15

A luxury toilet controlled by a smartphone app is vulnerable to attack, according to security experts. The toilet, manufactured by Japanese firm Lixil, is controlled via an Android app called My Satis.

But a hardware flaw means any phone with the app could activate any of the toilets, researchers say. The toilet uses bluetooth to receive instructions via the app, but the Pin code for every model is hardwired to be four zeros (0000), meaning that it cannot be reset and can be activated by any phone with the My Satis app, a report by Trustwave's Spiderlabs information security experts reveals.

"Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to the user."

"Although this vulnerability seems largely harmless, what's clear is that companies building household appliances need to have security in mind just as much as computer manufacturers."