Last year, we talked about Satis, a new luxury toilet (only in Japan!) that can be controlled by a smartphone app. Well, considering how smartphone apps are not well known for their security capabilities and does not have a particularly strong and secure background, it is not surprising to hear that the Satis luxury toilet which boasts of automatic flushing functionality, a bidet spray, as well as music and fragrance release capabilities, is vulnerable to hacks – at least, its smartphone app is. I guess this is more of a traditional “hack” per se, but rather, an oversight on Lixil’s part when churning out the Satis.
Considering how you would have forked out somewhere in the region of $5,686 for this bad boy to be installed in your bathroom, the last thing you would have expected would be to have your toilet hacked. Once access to the smartphone app (it runs on Android and is called My Satis) is gained, it could be used to activate any of the toilets, which might give rise to some folks thinking that it is another case of The Conjuring in the making.
Since the toilet relies on Bluetooth connectivity to receive instructions via the app, the weakness lies in the PIN code – every model has been hardwired to be four zeros (0000), which means it cannot be reset and can be activated by any phone with the My Satis app. All one mischievous person needs to do is download the My Satis app and start wreaking havoc to the actual owner.