The company's biggest security hole lived in the breakroom

Re: Not just an issue for secure networks...

And how long after they turned their backs was it rewired again?

I've been in places where this would happen while the door would still be busy closing on the facilities team :)

Re: Not just an issue for secure networks...

I retired from the EECS department of a large university that had a football team, a law school, a police force and (before my time) thermonuclear weapons.

At the end of my career, the most important machines in the building were the super-automatic espresso machines. The care and feeding of these machines was critical to the day-to-day operation of the building. When these machines went down, faculty, students and staff would work from home, or work in nearby coffee shops. Like all things fancy, they had to go back to the shop regularly for cleaning or repair. (Never buy a car or a coffee machine that requires parts be shipped from overseas.)

Your importance was easily measured by how many of these machines you could access if your usual machine was broken. For example, the chairman (there has never been a chairwoman or chairperson) had one in their office, but getting regular access required being the right faculty or being in good with the staff.

Mercifully, they were not connected to the network, though we toyed with the idea so that we could map which ones were up, or had been recently cleaned and were said to make better coffee.

Re: I dont doubt the story...

It's got a default root password, so someone just SSHs in and uses it to attack everything else on the network.

It doesn't matter how secure your windows are if you leave the keys in the front door.

Re: I dont doubt the story...

... a gap between having a networked coffee machine with a default password and the same being programmed to become a trojan.

No.

The gap is inside the head of whoever thought it was a good idea to install one of those in the first place.

Basic common sense tells me that you just don't do that, it must be assumed that it is not in any way secure.

If it needs to be networked, it is a no-go from the start.

.

Re: I dont doubt the story...

I remember reading a - mildly self disparaging - blog about a guy who had gone all in on the smart home, one of the memorable entries was "ate dinner in the dark while the lightbulbs downloaded a firmware update".

Re: I dont doubt the story...

Yep. I ditched every single one of my wifi smart bulbs after having the completely rebuild the configuration for the house (and re-add each. individual. bulb. seperately.) for the fourth time in under a year, because the app got an update, and trashed the database it had on the local tablet, or lost sync with the server it was talking to for the configuration.

Went Hubitat and Zigbee bulbs, and am looking at migrating to Home Assistant this year, mainly to have a local on-prem voice assistant so I can get rid of the 'nicely designed but otherwise eWaste' amazon devices.

Re: I dont doubt the story...

Friend of mine lost internet access. His wife complained that there was no light.

So he used the Luddite way, and switched the power on at the light switch on the wall.

All of the smart bulbs reverted back to factory state and he had a hell of a time to reset and reconfigure these.

He binned them and got dumb bulbs instead.

Re: I dont doubt the story...

Hi there downvoter! Have you invented a coffee machine that doesn't need cleaning and doesn't need its grounds bin emptying?

Re: I dont doubt the story...

Yes, however at the wages they pay the machine minder, the machine minder could probably double their earning s by running a side business selling coffee beans, sugar, milk powder…

Re: I dont doubt the story...

What's that? Buy technology and "maintain" it? You must be mistaken...

Re: I dont doubt the story...

Depends on what you mean by regular, the last update my business printers got was in Feb 2024.

Personally. If the OEM is regularly updating the firmware on well established range of printers/MFPs, something is wrong.

Re: I dont doubt the story...

The in-flight video of them having to enter a pin to unlock the flight iPad was interesting.

Hope they haven't set an SMS for the 2FA

Re: I do doubt the story

I can almost guarantee you it was WiFi connected. The scenario is as follows.

Company installer arrives at office, sets up in break room, ince coffee machine is set up he tells the nearest person that he needs to connect the machine to the WiFi, they person gives him the corporate WiFi SSID and password, NOT the guest one because they don't know it!

Believe me, I've seen this same thing over and over, and then we block these devices until someone screams and we tell them it can't be on the corporate WiFi, call the vendor out and have them connect to guest!

Re: Exactly why!

Buy a 24" model from a retailer with a decent returns policy, and take it home to test it. You can get one for less than $100. If it works like you want -- keep it, but if you want a larger model, return it and swap it for a larger model.

I have a Samsung 50" smart tv that I use as a monitor only (I don't play games so i don't need high refresh rate) connected to two laptops via HDMI and it works fine. My only issue is the nag message every time I power it on when it asks me to accept the T&Cs...