Buy iPass

iPass Blog

What’s the Tempest over the iKettle?

By Dennis Jones

Security firm demonstrates how smart kettle could compromise user’s security

ikettle - cool new connected device

The talking tea kettle takes over the home, sounds like a futuristic nightmare straight out of H.G. Wells. But it’s not that far from what’s happening in very contemporary London. The iKettle, dubbed the world’s first Wi-Fi kettle, is now in hot water over allegations that it’s easy prey for hackers, who could use it to gain access to private Wi-Fi networks.

Like most smart devices, the iKettle, manufactured by the British company Smarter, tries to make life more convenient for users like you by connecting your household items to the Internet. The iKettle cuts down the time it takes to prepare tea or coffee by automating the boiling process. The iKettle’s base connects to your home Wi-Fi, and from there, you can control the device on your smartphone. Gone are sleepy mornings spent trudging to the stove and back, because now you can brew your coffee from bed. Precious time saved!

Well, not so fast. In reality, the iKettle could actually act as a wireless bridge for hackers, according to a security consulting firm in the UK, Pen Test Partners. Pen Test is alleging that Smarter has failed to address a security glitch that first appeared in an earlier version of the iKettle.

Pen Test demonstrates how hackers could easily gain access to a user’s network key through the iKettle. After taking control of the Wi-Fi router, the hacker could change the user’s DNS settings to re-route Internet traffic to the hacker.

This newest (alleged) data breach, albeit slightly comical, points to a larger issue with the connected home. The retrofitting of homes with smart apps and devices is now a massive consumer electronics trend; however, many consumers don’t know how to become cybersecure after their purchases. This is troubling, because new smart devices may be collecting tons of your personal data or come with undisclosed vulnerabilities.

If you want to stay always on, and who doesn’t, here are two easy ways you can arm yourself against privacy and security risks:

  1. Always change your Wi-Fi router password when you buy a new product that connects to the Internet;
  2. Definitely change your Wi-Fi network key from the default setting.

…now boil away!