In an advisory issued August 1, information security firm Trustwave reported a potential security vulnerability in Satis automatic toilets manufactured by Inax.
While any security vulnerability is cause for concern, the threat of a hacker accessing the automatic features of the Inax Satis automatic toilet is slight and damage potential minimal.
How Could A Toilet Be Hacked And What Can They Do With It?
The issue arising from the security vulnerability found in the Inax Satis automatic toilet stems directly from the mobile application communication protocols. In a secure and properly working restroom equipped with Inax Satis automatic toilets, users are able to access the functions of the Satis through a mobile phone application called "My Satis."
This application allows users to lift and lower the toilet lid, activate the flushing cycle, activate the bidet, control the drying function that uses hot air from below, and browse detailed usage statistics from the Inax Satis. The security vulnerability in the application communication protocols appears in the form of a hardcoded Bluetooth PIN number of "0000."
Any person who happens to download and install the "My Satis" application on their mobile device will have immediate access to all Satis automatic toilet functions.
Is This Really An Issue?
The issues behind the concern over a security vulnerability found in an automatic toilet are twofold. First, anyone with access and knowledge of the vulnerability has the ability to harass Satis users along with the opportunity to create rising utility costs through constantly running toilets. These are minor issues and focused on a local area that can also be policed locally.
The second, and most infuriating, issue is the lazy and thoughtless actions of the mobile application programmer and everyone else involved with testing and quality control of the Inax Satis automatic toilet. In a world that is bombarded by virus threats, personal information thefts, and inappropriate governmental spying programs the last thing a consumer should have to worry about is a security vulnerability hidden in a toilet.
Lazy programming and design caused this problem and it is the root cause of most of the major security breaches which threaten privacy.