Internet Hot Water

The Tip

This issue is just a light-hearted follow-up to the pre-holiday season’s, “Internet Skinny Dipping”. I thought it was ironic to get this article in my news feed upon our return to work.


The Detail

Apparently amongst the newest entires to the “Internet of Things” (IoT) is a smart-app enabled hot tub. You may ask, “why would I need my hot tub to be smart”. I know I did. The fact is though, whether we need it or not, so many things are becoming net-connected that we need to be aware of the potential pitfalls. Hackers have already launched Denial of Service attacks against major web services using small armies of compromised appliances. Bad security habits can make it easy for a hacker to lock/unlock/start most modern vehicles, or mess with the heating and lighting in your smart-house.

The following story is a tale of how we should never assume that the developers of these technologies are doing even the basic due diligence in the security realm. It actually reads like a lesson in how not to do IoT security. Although it might seem just humorous that some casual neighbourhood hacker might mess with the temperature of your hot tub, it gets a little more scarier and a lot creepier when the tub also sends information to the hacker that the jets are in use, meaning someone is in the tub.

Enjoy the following read, and we’ll get back to regular tips next week.

IoT weaknesses leave hot tub owners in deep water