Amazon Dash Hacked: Now What Do You Do With 2,000 Boxes of Tide?

by Tim Sloane 0

While it’s not clear if this hack of the Dash Button from Amazon could really be used to prank someone, or worse, the hack identified in this Newsfactor article is indicative of the inquisitive and innovative nature of the human species:

‘ Ted Benson, co-founder and CTO of spreadsheet tool Cloudstitch, hacked Amazon’s $5 Wi-Fi button to track baby data. Benson’s hack never started with malicious intent. He and his wife tried a few baby-tracker apps but they didn’t meet the changing needs of parents with a growing baby. He was looking for a simple button he could stick to the wall and push to record data about poops today and wake-ups tomorrow.

Multi-Purpose Dash
As it turned out, Amazon offered an “easy way” for Benson to write a program that sniffs his Wi-Fi network for evidence the button was pushed, then records the data point, he said.
“Dash buttons are turned off most of the time to preserve the battery inside. They only turn on when you push them,” Benson wrote in “And that means they have to re-connect to your Wi-Fi network every time they are pushed. That’s easy to detect.” He rigged his Dash button to send data to spreadsheet software.

“A lot of people made fun of Dash buttons when Amazon launched them on the day before April Fool’s Day,” Benson said. “But regardless of what you think about Dash as a consumer product, it’s an undeniably compelling prototype of what the Internet of Things is going to look like.” ’

But of course no matter how benign a hack may be, we humans always look for the dark side:

“We turned to Tim Erlin, director of IT security and risk strategy for advanced threat protection firm Tripwire, to get his take on the hack. Erlin told us Benson hasn’t actually altered the behavior of the Dash button.

“He’s simply recording activity on his home network. While he may not be doing so for malicious purposes, others may be able to use that information in ways that are less laudable,” Erlin said. “Human beings are tool users and problem solvers, so it’s no surprise that given a new set of tools, people will ‘solve’ problems in new ways.”

Chris Conacher, security development manager at Tripwire, told us tech savvy consumer will always be looking at ways to “improve” Internet of Things (IoT) products even if these “improvements” void their warranties. This is a double-edged sword for IoT vendors, he said.

“Companies that want to restrict this behavior may be penalized by the market missing out on an opportunity to develop community tie ins to products even it was not the original intent,” Conacher said. “This market will be consumer-driven purchasing at its purest. In the meantime, consumers that want to ‘improve’ IoT devices should beware of the implications of these changes, especially those that affect purchasing capability, otherwise you may find a lot of diapers on your doorstep.””

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Read the full story here