The vulnerabilities surrounding hot tubs has been reported by the BBC, following tests performed by Pen Test Partners Ltd. The ease of hacking was demonstrated on the technology show BBC Click. On the television show it was demonstrated how an attacker, with relative ease, can turn up or down the temperature sensors to make the tubs hotter or colder. A hacker can also control the pumps and lights at relatively close proximity, by using a laptop or smartphone.
The types of tubs that are vulnerable are those which have been designed so that their owners can control them via an app. This system, due to weak security protocols, also enables a would-be hacker to also break-in and control specific tubs based on the GPS location data of the tub.
The tub demonstrated on the television show was one manufactured by the Balboa Water Group. The company has now undertaken to introduce a more robust security system for tub owners, and it plans to issue a patch by the end of February 2019.
Another example of an item of technology that has proved remarkably easy to hack is a type of location-tracking smartwatch worn by thousands of children. This is the MiSafes Kid’s Watcher Plus. In a security test it proved very easy to possible to acquire the personal information used to register the product, such as a photo of the child; their name, gender and date of birth; and the parents’ phone numbers.
A third example of security vulnerability relates to another device aimed at children. Child gadget-maker VTech is issuing a patch after the Storio Max (sometimes marketed as InnoTab Max) was shown to contain a software flaw that enables hackers to remotely take control of the device and snoop on its users.