back to article Al-Qaeda targets net-connected coffee machine

An Aussie risk advisory services manager has issued a chilling security alert concerning the Jura F90 net-connected coffee machine, warning caffeine-heads that the hi-tech brewing device could open their Windows PC to exploitation by internet paedophiles and al-Qaeda*, CNET reports. The Jura F90 Craig Wright, who works for " …


This topic is closed for new posts.
  1. Anonymous Coward

    quite some potential here

    I can see how Al-Qaeda could disrupt the entire industry if they reprogram the coffeemaker to decaf.

    goggles cause i wont go near a jura without them

  2. Anonymous Coward
    Anonymous Coward

    There's still safe ways to get caffeine even now.

    It's called Irn Bru

  3. Anonymous Coward
    Paris Hilton

    Windows of course...

    From the linked article "Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user."

    Paris, as even she wouldn't put XP on a coffee machine

  4. Adrian Jones

    Internet or LAN?

    I can understand accessing it over your LAN, but the internet?

    I also can't see anything in their instructions as to whether there's a sensor to stop it pouring when there isn't a cup under the nozzle.

    Otherwise Al-Qaeda could be hacking into it and pouring lovely rich dark espresso all over your floor.

    Now *that* would be a crime against humanity!

  5. Jamie

    What next, Suicide Espresso

    What could they go, make the machine order coffee from a specific region thus atrifically inflating price and letting them gain word dominance based on your caffine addiction.


  6. Steve

    Re: tagline

    Given the temperature of the coffee, this would surely be a "scalding" buffer overflow rather than "chilling".

  7. Anonymous Coward

    The trouble is?

    That most people may not pay a great deal of attention to security until the networked and automated office coffee maker has been hacked?

  8. Anonymous Coward

    AT LAST!!!

    Networked coffee. YEAH!!!!

  9. Dan Wood

    42 days...

    ...for that evil collaborating coffee machine!

    it probably spends evennings and weekends reading 'training manuals' and child porn!

  10. Anonymous Coward
    Anonymous Coward

    Meh ... big deal

    My toaster's had its own IP address for years.

  11. RMartin

    Odd article

    Its a bit odd how many luddites a technology publication manages to have on its payroll. Relax, its just a security advisory! If El Reg had a bit more imagination then it could have explored the implications of the growing number of internet-enabled consumer devices. Many of these will be based on low-cost firmware models that will probably be difficult/impossible to patch leading to long-term vulnerability windows.

  12. Ash
    Dead Vulture

    How come when I visit

    ... I'm redirected here?

    El Reg: Dredging the barrel that feeds IT.

  13. Thalan

    buffer overflow

    A buffer overflow on this type of asset should be especially dangerous.

  14. Anonymous Coward

    Title?? I don't need no stinking title

    "allows users to select "coffee specialities" via their PCs"

    I was hoping that the net connected machine could put the weather forecast in the choccy toppings, or something equally imaginative... turns out they've just made a fancy remote control!

    Now, how to convert a printer to print chocolate???

    IGMC in a minute:

    The last thing we need in a modern office is a coffee machine that's susceptible to [buffer] overflow

  15. Alistair Wall

    not the first

    It is not the first networked coffee maker:

  16. Vladimir Plouzhnikov

    The real question is

    Can this machine be used to illegally file-share copyrigthed songs and movies?

    We all know that copyright infringement is the worst crime against humanity and this may open the coffee drinkers to, at the very least, a massive C&D assault by RI and MP Ass'es of America.

  17. Liam Johnson

    Coffee selection

    So you can select the coffee type via a browser, but you still have to walk over to the machine, put your cup under, press "go", wait for the coffee and then walk back? Why?

  18. ade

    Hur Hur

    <dullard> Is it Java compatible? </dullard>

    Coat, got.

  19. Chris Richards

    reminds me of..

    ...the old linux howto

    flames because that's what my flat would be in if I tried it myself!

  20. Anonymous Coward
    Anonymous Coward

    Is that Danish story true (US seizing Danish assets)

    "Christa Møllgaard-Hansen, owner of Christabella's in the town of Maribo on Lolland, routinely buys women's clothing and shoes from around the world to resell in Denmark. But a recent purchase of six dresses from Pakistan for $205 was considered by the American authorities to be money going to support terrorists."

    "Møllgaard-Hansen said she was surprised that such a small sum could be made into such a big issue, but was happy that the amount was not a larger one which could have caused her serious financial problems - unlike drilling engineer Sigurd Solem's experience with the US Treasury Departments’ Office of Foreign Assets Control, where $16,000 of an employee's pay was confiscated by the American agency."

  21. Graham Marsden

    Coffee Machine Overflow Error...?

    Surely that would be when you get more than a cup full and it ends up pouring all over your feet?

  22. JP Strauss


    so this is a JAVA exploit then?

    Brings new meaning to NetBeans vulnerability.

  23. Anonymous Coward
    Anonymous Coward

    Way of Life

    You don't need to invoke Terrorism to have a threat to our Way of Life. Merely suggesting that there could be a crisis in the delivery of caffeinated beverage should be enough! Coffee machines should be considered to be part of the Critical National Infrastructure.

  24. Eddie Edwards

    @ Greg Fleming's IP-enabled toaster

    No problems with butter overruns?

  25. Nicky

    Coffee a security threat for centuries

    Note the world famous victorian WMD - the Princesse Marie de Orleans Suprise Bombe.

    "A luxurious white coffee ice cream is (cunningly) concealed in a meringue casing and served with a (rogue) peach purée"

  26. Brian
    Dead Vulture


    You made it up? And it's in the headline? Sensationalist much?

  27. Anonymous Coward
    Anonymous Coward


    You owe me a new keyboard. :-(

    One without coffee & sn0t in it.

  28. E

    Even worse threat

    ...than buffer overflow:

    Filter Overflow Attack!

  29. Mike Moyle

    Re: Windows of course...

    "From the linked article 'Best yet, the software allows a remote attacker to gain access to the Windows XP system it is running on at the level of the user.'

    Paris, as even she wouldn't put XP on a coffee machine"

    Maybe they chose XP because it's the smilie that most clearly describes the coffee it makes...?

  30. David Pollard

    Stick to Turkish then

    Didn't I see that Jordanian cleric Abu Qatada's terms of bail include the curious restriction that he should not communicate with Osama bin Laden? If he enjoys an occasional cup like the rest of us he'd perhaps be well advised to stick to drinking Turkish coffee made on a gas stove.

  31. DV Henkel-Wallace

    Ah, the TWO horsemen of the Infocalypse

    Only paedos and Terr'ists? I guess that's just 'coz it's a simple embedded device. Were it a full-featured user device then we'd get Drugs and Organised Crime too, and then you'd have to register before using one.

    Hey, that wouldn't be so bad. ASIO could monitor your caffeine consumption and see if your cardiac problems are due to excess consumption? If so Medicare won't have to pay. Taxpayers would be thrilled! And what about children drinking coffee?

    Skull-n-crossbones because in the future only hackers 'n pirates will use unlicensed coffee machines.

  32. Morten Ranulf Clausen


    ...filters would be appropriate then.

    OK, alright, I'm going.

  33. Jon Tocker

    RMartin, Ash and Brian

    "Sense of humour" - GROW ONE!

    As to a lot of the other posts: Sheer brilliance. ade, you bloody-near killed me. and to the initial post: if I thought for a moment that there was a clear and present danger of our machines being remotely switched over to decaf, I'd start my own little "Waronterr'r"

    Thankfully the espresso machine here in our IT dept is a stand-alone model and the only overruns it's likely to experience are if someone's caffeine-withdrawal-induced jitters cause them to punch the button too many times...

  34. David
    Gates Horns

    You can mess with my PC but...

    You can mess with my PC but please not the coffee machine.

    The future is not looking bright.

  35. Anonymous Coward


    Surely this could be used by terrorists as a comms device. Simply connect to the internet:

    Columbian Espresso - Send more money

    Espressochoc - Attack now

    Expect the door to be kicked down, and heavily armed officers will be removing your coffee machine.

  36. pctechxp

    @Jon Tocker

    Surely that would be.....


    Taxi for pctechxp!

  37. souleh

    Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0)

    Haha, reminds me of the RFC :

    "... This document describes HTCPCP, a protocol for controlling,

    monitoring, and diagnosing coffee pots.

    1. Rationale and Scope

    There is coffee all over the world. Increasingly, in a world in which

    computing is ubiquitous, the computists want to make coffee. Coffee

    brewing is an art, but the distributed intelligence of the web-

    connected world transcends art. Thus, there is a strong, dark, rich

    requirement for a protocol designed espressoly for the brewing of

    coffee. Coffee is brewed using coffee pots. Networked coffee pots

    require a control protocol if they are to be controlled. "

    lolz. Death by Nescafe.

This topic is closed for new posts.

Other stories you might like