You’d surprise why somebody would wish a Bluetooth-enabled hair straightener of all issues however one does exist. Glamoriser, an organization primarily based in the UK, sells what it claims to be the “world’s first Bluetooth hair straightener.” Customers can hyperlink the machine to an app with the intention to set warmth and magnificence settings. It may also be used to modify off the straighteners inside Bluetooth vary remotely. Seems, it’s fairly straightforward to hack as effectively.
That’s the factor about making each machine “sensible.” As soon as it turns into a linked machine, the door is open simply sufficient for hackers to try to pressure their means by. Pen Take a look at Companions safety researchers had been capable of do exactly that with the Bluetooth hair straightener. They might simply ship malicious Bluetooth instructions inside vary and thus remotely management somebody’s straighteners.
The researchers confirmed how they may ship a malicious command to set the temperature to both the higher or decrease restrict of the machine which is 122°F and 455°F respectively. Since there’s no authentication choice for the straighteners, this permits an attacker to remotely change and override the temperature and the length for which the machine is to remain on.
They level out that if a malicious command is distributed to the machine and it’s saved on the most temperature for 20 minutes, it might pose a severe hearth hazard. The one upside right here is that for the reason that straighteners solely permit one concurrent connection, a hacker will solely have the ability to goal the machine so long as the proprietor hasn’t linked their telephone to it.
Filed in. Learn extra about Hacking. Supply: pentestpartners