You’d marvel why somebody would want a Bluetooth-enabled hair straightener of all issues however one does exist. Glamoriser, an organization based mostly in the UK, sells what it claims to be the “world’s first Bluetooth hair straightener.” Customers can hyperlink the gadget to an app in an effort to set warmth and elegance settings. It will also be used to modify off the straighteners inside Bluetooth vary remotely. Seems, it’s fairly straightforward to hack as effectively.
That’s the factor about making each gadget “sensible.” As soon as it turns into a linked gadget, the door is open simply sufficient for hackers to attempt to drive their approach by way of. Pen Take a look at Companions safety researchers have been capable of do exactly that with the Bluetooth hair straightener. They may simply ship malicious Bluetooth instructions inside vary and thus remotely management somebody’s straighteners.
The researchers confirmed how they might ship a malicious command to set the temperature to both the higher or decrease restrict of the gadget which is 122°F and 455°F respectively. Since there’s no authentication possibility for the straighteners, this permits an attacker to remotely change and override the temperature and the period for which the gadget is to remain on.
They level out that if a malicious command is shipped to the gadget and it’s stored on the most temperature for 20 minutes, it may pose a critical hearth hazard. The one upside right here is that because the straighteners solely enable one concurrent connection, a hacker will solely have the ability to goal the gadget so long as the proprietor hasn’t linked their telephone to it.
Filed in. Learn extra about Hacking. Supply: pentestpartners