Fancy Japanese Toilet Vulnerable to Hacks

PDF Print E-mail

The LIXIL Satis is one of the fancier high-tech toilets from Japan, one that "defines toilet innovation" by pairing standard (for the land of the Rising Sun, anyway) automated bidet functionality with Android app control. However the app poses a hazard-- one of the hacking variety!

Fancy toiletAccording to information security company Trustwave Spiderlabs every Satis toilet has the same hard-coded Bluetooth PIN, meaning "any person using the "My Satis" [Android] application can control any Satis toilet."

Thus, potential attackers can take control over the toilet's myriad functions (including flushing, automatic seat, dual-nozzle bidet spray, air-drying) to "cause discomfort or distress to user." Talk about First World Problems!

Trustwave has already contacted LIXIL over such a major flaw, but has received no answer as yet.

Either way, let this be a lesson for our times-- some appliances do not need built-in computers, and the toilet is clearly one of those. Then again, a toilet that pipes music from a smartphone while one is doing their business? No lie, we want one...

Go Trustwave Spiderlabs Security Advisory