Turning the Belkin WeMo Into a Deathtrap 146
Okian Warrior writes "As a followup to yesterday's article detailing 50 Million Potentially Vulnerable To UPnP Flaws, this video shows getting root access on a Belkin WeMo remote controlled wifi outlet. As the discussion notes, remotely turning someone's lamp on or off is not a big deal, but controlling a [dry] coffeepot or space heater might be dangerous. The attached discussion also points out that rapidly cycling something with a large inrush current (such as a motor) could damage the unit and possibly cause a fire." In the style of Bruce Schneier's movie-plot threat scenarios, what's the most nefarious use you can anticipate such remote outlet control being used for?
If you're putting a space heater on a remote... (Score:4, Insightful)
Please, please, learn some common sense.
Never have a heater like that unattended, it's just not safe.
Worst thing: Synchronize them! (Score:3, Insightful)
1. Root these devices, and synchronize their clocks
2. Turn them all off
3. Monitor the power network for a temporary increase in voltage (since load was suddenly shed)
4. Just as the voltage gets back to normal, turn all the devices on.
5. Watch the power network for a temporary decrease in voltage (since load was suddenly added)
6. Just as the voltage gets back to normal, turn all the devices off.
7. Once you have found the resonant frequency of corrections to the electrical grid, tell all the devices to cycle at that frequency.
8. If there is enough load handled by these devices, the system may oscillate so heavily that voltage is far outside of normal, causing overheating or fires (either too high voltage for resistive loads or too low voltage for inductive loads), excessive vibration, design parameter excursions, etc.