Story image

Hackers are able to target your e-cigarette... Is nothing sacred?

29 May 2017

Vaping isn’t much safer than smoking - but not in the way you think.

With a few simple tweaks to a vaporizer, a security researcher has demonstrated that the device made to be an alternate to smoking can be modified in such a way as to pass code to your computer.

It’s a story as old as the internet. It begins with the USB port, as do a whole plethora of other security problems. USB ports are used for both charging and the transfer of data, which often means they are the most convenient place to plug in a phone, e-reader, tablet, or any other device that can charge or be topped up with data. In this case, a vaporizer.

In a video demonstrating his work, the security researcher, who goes by FourOctets, plugs an e-cigarette into a computer's USB and the device immediately lights up as if to charge. A few seconds go by and the computer starts to react.

"DO U EVEN VAPE BRO!!!!!," reads a pop up message on the screen. Essentially, the vaporizer issued a custom command to the computer, and the computer obliged happily.

While the researcher has no ill-intent, it is easy to imagine someone more morally bankrupt loading a computer with something less amusing. Think keyloggers, or ransomware.

For the vapers out there worried, it’s not a simple case of just accessing someone’s e-cigarette. It requires quite a bit of hands on work.

"It started as more of a joke than anything," FourOctets says on Twitter.

"This is done with extra hardware and a little bit of code. Another goal usually when doing dumb stuff like this is that stuff is not always what it seems and that random stuff that can plug into a computer can be dangerous," he explains.

"A lot of folks aren't aware that something like this is even possible whether it be with firmware or added hardware and a tiny bit of code found online."

In short, should you be worried that your vape is compromising your PC?

"It's probably pretty unlikely to ever get something like this from the factory that would do this," FourOctets noted.

“But the possibility is there and people need to be mindful of that."

So there you have it. It’s probably not necessary to run to the gas station and pick up your old favourite pack of smokes, and you can probably keep vaping without being hacked. It’s important to realise that your devices are always exposed to risks you would never comprehend, and it’s not a terrible idea to keep your antivirus up to date on your home computer.

Kinetica launches a new active analytics platform
"With the platform now powered by NVIDIA DGX-2, customers can build smart analytical applications that combine historical data analytics and ML-powered analytics."
Avi Networks: Using visibility to build trust
Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.
Zoom’s new Rooms and Meetings features
Zoom has released information about the upcoming releases for its Rooms and Meeting offerings for 2019.
Aussie company set to democratise direct-to-orbit IoT access
Adelaide-based Myriota has released a developer toolkit that has been trialled and tested by a smart waste management platform.
Dynatrace takes pole position in APM Magic Quadrant
It placed highest on Ability to Execute and furthest on Completeness of Vision in the 2019 Quadrant for Application Performance Monitoring (APM).
HCL and Xerox expand strategic partnership
Under the terms of the agreement, HCL will manage portions of Xerox’s shared services, including global administrative and support functions.
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
Avaya expands integration with Google Cloud AI
This includes embedding Google’s machine learning within conversation services for the contact centre, enabling integration of AI capabilities.