Luxury Smart Toilet Vulnerable to Back Door Attack

By Gary Cutlack on at

The Satis so-called "smart toilet" can be controlled by an Android app, with users of the £4,000 loo able to operate its lighting, flush and bidet controls from a phone. Problem is, the Bluetooth access PIN is set to "0000" by default, meaning random strangers could seize control of your toilet and exploit your very own back door for their amusement.

The vulnerability was made public by an amusingly serious Trustwave advisory notice, which warns users of flaws in posh poo disposal system like so:

An attacker could simply download the "My Satis" application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner.

Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to users.

Not many things could be worse than an unexpected soapy water blast when you're going about your business. You'd never be able to relax again. [Trustwave via Mashable]