Android Bluetooth Exploit For Japanese Toilet Brings New Meaning To The Word "Vulnerability"

Android Police

By Jeremiah Rice

Published Aug 4, 2013

Imagine, if you will, that you've just checked in to a hotel in Tokyo for an extended vacation. Weary from the long train and cab rides from the airport, you make use of the bathroom, noting the famously futuristic facilities adorning the electronic toilet. As you take care of business, you hear a laughing, sniggering sound from the other side of the wall - clearly someone in the next room is having a good time. All of a sudden, you are having a very bad time indeed, as a jet of water unexpectedly invades your nether regions. A peal of laughter erupts from the other room, just as the eruption in the toilet ceases.

[EMBED_YT]https://youtu.be/Me-F91Hrg4Y

[/EMBED_YT]

This nightmarish scenario is probably being enacted all over Japan this weekend. Software security firm Trustwave has published some interesting information on the Inax Satis series of Bluetooth-enabled toilets, namely that they all come with the common PIN code of "0000" hardcoded into both the device and its companion app. This allows anyone with the My Satis app and a handy Android device to control any of said toilets at will... including the bidet (cleaning water stream) and blow-dryer functions that are a staple of Japanese bathroom fixtures. Malicious users could close the lid or flush the toilet continuously. It will also allow anyone to access a detailed record of, ahem, deposits. Say what you will about the FBI and NSA, but even they generally draw the line at bathroom habits.

According to the published security advisory, Trustwave contacted the manufacturer three different times over the last two months to try and warn them of the inadvisability of a wide-open toilet authentication system, and received no response. It's pretty hilarious that there are toilets with companion apps in the first place (although not all that surprising that they come from Japan). But leaving the Bluetooth control open for anyone to access speaks of a security mindset that can only be described as "shitty."

[EMBED_APP]https://play.google.com/store/apps/details?id=jp.co.lixil.remotesatis201210[/EMBED_APP]

Source: Trustwave via The Verge, The Atlantic