Every once in a while a piece of software will catch my attention and I can’t help but to push out a post about it.
Everyone who’s used a public rest facility has come across many of the same dirty truths. Stainless steal and chrome will never appear clean enough. Motion sensor toilets always flush at the wrong time. The motion sinks don’t dispense water, or when they do, produce water that’s intolerable to wash your hands in and then never shut off. Hot air blowers always leave your hands just clammy enough to be inconvenient if you even bother to use it.
And then Inax Satis series of Bluetooth-enabled toilets was released allowing the user to control the seat movement, the flush, the bidet, and I suppose if you wanted to, create a record of your goings all from your mobile device. There’s an odd kind of convenience to it all that boarders on the strange, but then again, the technology hails from Japan.
Of course, just when you thought the problems of bathroom cleanliness were resolved there comes a new danger to your derriere. The unsecured Bluetooth technology opens the door to a whole new restroom experience where the shit will hit more than just the fan if you’re not careful.
The Satis Andoid App not only allows you to control your toilet experience but your industrious neighbors can get in on the fun as well thanks to an unsecured Bluetooth password as the default connection.
How unsecure is this password? SplashData doesn’t have the 0-0-0-0 pre-defined password in it’s list of must used passwords but it’s hard to imagine that’s not an easy one to crack if it’s the universal default for the system.
Hacking typically takes some level of software expertise but this work around was left wide open by the manufacturer. And, you were concerned your self-created bank pin code or email password might expose you… through universal access unsuspecting bathroom visitors might experience constant flushing, the cool stream of the bidet in their nether regions at unexpected times, phantom seat movement and a record of their bowel movements available for full-on internet distribution and more depending on how creative (nefarious) the other party involved is.
There really isn’t much excuse for this kind of situation. It’s up to both the manufacturer to be more explicit in the need to promote secure connections and the end-users to be proactive in protecting themselves from backspash. As technology continues to evolve, one can image that in the future as the novelty of mobile applications begins to invade even more intimate aspects of our lives hackers will produce even more ways to surprise us beyond just hijacking an unsecured bathroom bluetooth. Satis is the early lesson to be learned in protecting your assets or you’ll be forced to clean up an aweful lot of unwanted shit.
I’m not a security expert although I’m mostly aware of how I use technology. I can’t say I would have necessarily thought much about the unsecure nature in advance which means there’s probably a lot of swirlies occurring as the word gets out about manipulating the toilets which have distribution not only in public restrooms but in more perceived private experiences like hotel bathrooms and in apartment buildings. This reminds me to be nicer to my neighbors now … the Wifi war was more than enough fun between us.