Keil Hubert: Asinine Fear Mongering

The tech world is buzzing over a new ‘smart toilet’ that’s vulnerable to hacking. Business Technology’s resident U.S. blogger Keil Hubert politely suggests that we flush all the unfounded calls to panic over a silly toilet design flaw.


Here we go again. It’s summer time, which means that we all get treated to another sensational story of how ‘Ev!L h@x0r$’ are going to compromise something that we all own that will, once hacked, kill us all!!!!!! Aieeeeee!

Except that they’re not, and it’s all a load of b******s. More on that in a second.

The horror-du-jour for August is the new ‘smart’ loo from Lixil. According to an entirely too-long list of sources, the new Lixil Satis smart toilet comes complete with a smart phone app that allows its owner to control ‘… all of the toilet’s functions, including the flusher, bidet, and hot-air blower — and it also lets you track your bowel movements.’ [1] Sounds very enticing … You can adjust the pressure, temperature and direction of your bidet nozzle from an Android phone? How enticing! Everyone will want that! That’s why you chose an Android phone over an iPhone in the first place, right?

No one would consider this to be an inappropriate time or place to update your social media profiles.

No one would consider this to be an inappropriate time or place to update your social media profiles.

Which is, of course, where the implied horror comes in.  As is inevitable with any piece of kit that you can buy, someone, somewhere has figured out how to hack the cyber-loo. It’s not very difficult. In fact, it’s barely even a ‘hack’ by professional standards. The Satis currently ships with a hard-coded passcode for syncing your phone to your throne. If you know its default code, you can pair your phone to someone else’s throne. As the boffins at Trustwave’s SpiderLabs so dryly put it:

‘As such, any person using the “My Satis” application can control any Satis toilet. An attacker could simply download the “My Satis” application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner. 

‘Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user.’

Discomfort? Let’s go for bowel-loosening terror! With a good set of Bluetooth speakers strategically planted in the room, a good prankster could trigger the Satis to open and close its lid in time to the playing of a demonic voice over the planted speakers. Heck, you don’t even need heavy metal to frighten someone with a talking toilet … I’m fairly certain that anyone’s voice bellowing out of an animated toilet would be terrifying first thing in the morning. [2]

On the other hand, this is what everyone looks like to me before I've had my third cup of coffee.

On the other hand, this is what everyone looks like to me before I’ve had my third cup of coffee.

Come to think of it, that might even be billed as a feature … Imagine hearing this on BBC Radio 2 during your morning commute:

‘Any loo can be made comfortable to help you to relax, but only Satis by Lixil will literally scare the poo out of you. You’re welcome.’ [3]

To be clear, this ‘loo hack’ story is fine fodder for making jokes, but it’s not exactly the kind of dastardly cyberwar attack vector that would serve as a good season’s story arc on Spooks or Homeland. This is really just garden-variety prank material. Unless the Satis gets itself upgraded with an AI and gains self-awareness, it’s really nothing more than an inconvenient design flaw that frat boys the world over will leverage for some cheap entertainment.

So why are we having our time wasted over a cheap party trick? Because it combines something we can’t possibly avoid (eliminating waste) with something we’ve been all been thoroughly conditioned by mass media to fear (malevolent anonymous computer hackers). Is it possible that the Russian Mafia or the People’s Liberation Army or the Legion of Doom might take advantage of this exploit to attack high-profile targets when they’re in a vulnerable state? Eh … yes … it’s possible … In approximately the same way that it’s possible to tell what someone is eating for lunch by listening to them chew it. Just because it’s possible doesn’t mean that it’s in any way worth attempting. In both examples, the only way to carry out the so-called ‘attack’ requires you to be close enough to your victim to just reach over and grab them by the neck. There’s no real point in it. Too much effort for too little payoff. That kind of cost-benefit setup is really only attractive to practical jokers.

Still, the fear mongers in industry roll out a ‘new’ hacking scare every summer in order to frighten people into demanding protective action from their elected caste. When I say ‘action,’ I don’t mean something practical like renewing the subscription on their home anti-virus software – I mean pouring massive piles of tax revenue into high tech defence contractors. That’s how this game is played:

Step 1. Discover a new thing in the general consumer world that can be ‘hacked.’

Step 2. Release a sensational news story about how ‘foreign hackers’ are about to use this newfound vulnerability to kill us all, defile our womenfolk, and plunge the earth into a new dark age.

Step 3. Testify before the Very Old People at the parliament/legislature/congress that shiny devices that they can’t understand will kill them unless the testifiers get stacks of cash to build new ‘defensive’ systems to hold back the aforementioned foreign hackers.

Step 4. Go spend all that cash! [4]

Step 5. When the supposed hack you testified about never actually instigates the downfall of society, publish press releases claiming that it was your shiny product that defended all of humanity from a mass reversion to cannibalism. You’re welcome.

Step 6. Go looking for a newer ‘new thing’ that can be hacked. Enjoy infinitely! It’s all groovy!

It would be much simpler and more polite to just rob us individually on a set schedule.

It would be much simpler and more polite to just rob us individually on a set schedule.

By this tried-and-true methodology, private sector companies can keep their margins healthy thanks to regular infusions of government cash. Law enforcement and military agencies can pad their bottom line with new tech employees and overarching programs that promise much and achieve … Well, the results are always ‘classified.’ Meanwhile, all of those ‘defensive’ cyber employees take their pay packets home every month and keep the economy stumbling along through their purchases of real, tangible things like rent and groceries. Meanwhile, the world keeps turning, completely oblivious to the ‘threat’ implied by a three thousand quid chamber pot.

Here’s the thing … there are real cyber threats out there. Many of them. Some are scary. Some are annoying. Some have serious ramifications for government and industry. There are legitimate, unarguable reasons for businesses to invest heavily in cybersecurity training, staff and tools. Most of these reasons involve loss of trade secrets, loss of money, loss of control over production systems, and similar risks. These are things that directly affect the organization’s bottom line. That is, the actual bottom line, by which I mean ‘economic survival’ – and nothing prurient.

Unfortunately, the real reasons that we need comprehensive cybersecurity controls are, to be blunt, boring. Confusing, too. If you’re not a hardcore nerd, a lot of the stuff that the baddies are doing to us are confusing. Oftentimes, real hacker exploits are technical and complicated to the point that normal people can’t quite wrap their heads around the problem. That’s all right; that’s what we get paid to do: us IT people have to translate our risk profile and mitigation strategy into terms that regular folks can understand and agree with.

Oftentimes, the real problems are just too hard to explain. The defences we install aren’t perfect. People make mistakes. The real world is dirty and unsatisfying. That’s what motivates some perfectly earnest advocates to go the Hollywood route and invent a scary-but-fake threat that plays like a summer action movie trailer: Hackers! Networks! Toilets! Only one hero can save us! Flee for your liiiiiiiives! Aieeeeee!


We can save time, effort and money by printing all security product adverts directly on bog roll.

That technique gets attention … and it gets funding. It’s disingenuous, though. Frightening people over trivial non-threats exhausts their capacity to properly assess and respond to real threats. It’s akin to telling people that giant monsters are about to crush their houses underfoot … so they stop locking their doors, because what’s the point? Then, when the ‘giant monster’ never shows up, they get burgled right through their unsecured front doors. Scaremongering isn’t a service; it’s a disservice. It needs to stop.

The next time that a vendor starts a sales pitch whinging about an imminent ‘Electronic Pearl Harbour,’ whereby evil foreign hackers are going to kill us all! Aieeee! …  Chuck the bloke down the fire stairs. Then go run the latest security patches on your office kit. Do something productive.

Leave the scary toilets stories in the theatre, where they belong.

[1] As said by Sebastian Anthony over on

[2] We should experiment with this … maybe run a controlled experiment with Lilly Allen, Coldplay, the new Dio line-up and, as a control measure, Willie Nelson.

[3] In the interest of disclosure, there are actually a great many toilets graded as ‘utterly terrifying’ by  America’s favourite android.

[4] Usually on cool animated videos that ‘explain’ what your as-yet-theoretical product might conceivably do someday. That, and a cool new corporate headquarters, the newest Jaguar, a gourmet chef, etc.

Tags: , , , , , , , , , , , , ,