AGA iTotal Control Oven Hack
Have you ever wanted to start cooking even before you returned home from the office or while you were out running errands? Well, that has been made possible with the development of the AGA iTotal Control oven.
This oven “allows AGA owners to control their cookers from wherever they are, using a standard mobile phone, smartphone, PC, laptop, iPad or tablet. Those AGA iTotal Control owners who don’t have a smartphone, tablet or laptop can still take advantage of this technical revolution – simply by sending a text message to the AGA. You just tell the cooker via an SMS text message which oven you want activated and it will respond by letting you know it has been switched on or off. The AGA can also be controlled via the web, so even if you have no phone signal you can use a wireless network to ensure the cooker is doing exactly what you want it to.”
However, AGA iTotal Control developers did not take into account that the oven can be easily hacked or controlled by an unauthorized third party. Rather than using an SMS-based remote-control system, AGA should have used a secure Wi-Fi-enabled module, according to UK IT security consultants Pen Test Partners (PTP), which criticized the appliance manufacturer’s “bizarre unauthenticated text messaging process.” Also, the official mobile app and AGA’s website use unencrypted HTTP, with no option for HTTPS, which leaves customer information open to eavesdropping on the Internet. For what it’s worth, the app talks to the website’s backend via an API, which sends the text messages to registered ovens.
Please be careful when purchasing appliances that have smart technology capabilities. We understand that it’s convenient to use but, is it worth the risk of being hacked? Always conduct your research before investing in these products. If you or someone you know is currently experiencing issues related to this topic then contact us for a free consultation. Our electronic discovery attorney, Steven Teppler, has years of experience in technology based litigation practice and frequently co-counsels with other attorneys on electronic discovery issues.