Smart Ovens Are Doing Dumb Checks For Internet Connectivity

If you’ve ever worked in IT support, you’ll be familiar with users calling in to check if the Internet is up every few hours or so. Often a quick refresh of the browser is enough to see if a machine is actually online. Alternatively, a simple ping or browsing to a known-working website will tell you what you need to know. The one I use is, incidentally.

When it comes to engineers coding firmware for smart devices, you would assume they have more straightforward and rigorous ways of determining connectivity. In the case of certain smart ovens, it turns out they’re making the same dumb checks as everyone else.

“Just Go To Google, Dude”

As reported by The Register, software architect Stephan van Rooij was recently astounded by the behavior of his new AEG home devices. Van Rooij had purchased the AEG Built In Combination Microwave and AEG Oven, which both hilariously feature Wi-Fi in devices that traditionally have no need for connectivity. He had no need for their Wi-Fi features, and purchased them unaware they were even available.

Upon hooking up the devices to his home network, Van Rooij found some curious behaviour. The devices were regularly querying various popular websites to determine whether an internet connection was available or not. The AEG devices were routinely checking every five minutes. As a further surprise though, the devices would also send repeat queries to and on the same timetable. If you’re unfamiliar with these websites, they are popular search engines in China and Russia respectively. Van Rooij was able to capture this activity as he had a Pi-Hole setup blocking ads on his home network.

While a quick ping is a perfectly cromulent way of testing your connectivity, it’s a little lazy for manufacturers to rely on such a check. It’s fundamentally a dereliction of responsibility to expect Google to handle your connectivity checks for you. Companies like Microsoft, Google, and Apple maintain their own endpoints for checking internet connectivity. They don’t simply ping some random website that has been deemed popular enough to never go offline. Worse, the appliances already have a cloud API for talking to AEG’s servers. Van Rooij contends that the company should run its own connectivity check through this method, rather than sending data to search firms overseas.

It’s unlikely Baidu and Google would go offline at the same time, or change their domain names.

The odd pings are not the only issue that Van Rooij draws with the oven’s cloud connectivity, either. The whole purpose of the internet connectivity is to provide the devices with some form of remote control, via an app. On the surface of it, this appears highly useful. For example, it could be used to set the oven to begin pre-heating while you’re driving home from the grocery store. It could also provide phone notifications when a timer is up and your meal is done cooking.

However, the oven’s overbearing security measures are set up in a way that makes the remote control feature largely useless. Van Rooij explains that every time the oven door is closed, the user is asked whether they would like to enable remote control. A button must be pressed to enable remote control every time the oven is closed. There is no way to permanently enable remote control. Thus, if one forgets to press the button, there is simply no way to remotely activate the oven at all, as the app will refuse to turn the oven on. On the surface of it, this may seem like a wise security measure. However, as Van Rooij points out, even if a malicious actor could turn your oven on remotely, there shouldn’t be any real consequences beyond some wasted energy. If it’s dangerous to run the oven too long, a simple timeout feature would be enough protection. He also points out that a PIN entry through the app would be enough security to prevent children accidentally turning on the oven from their parents phone, if that’s a real concern the company has.

Overall, the story paints a familiar picture: poorly thought-out “smart” features that work poorly and are implemented with odd shortcuts. We’ve written more stories about IoT security issues than you can shake a stick at. There’s obviously some value in having an oven you can turn on over the Internet. Whether it’s enough to justify the curious internet traffic and the janky user experience is another question entirely.

85 thoughts on “Smart Ovens Are Doing Dumb Checks For Internet Connectivity

  1. Traffic to Russian and china servers from their home address would cause some people in the UK and the USA a lot of problems and to have this traffic from a smart device which could possibly have a microphone embedded would really cause some head scratching.
    The HUWAI issue comes to light in this instance and for it to happen without the user knowing gives it a worrisome overtone

    1. It’s kind of scary to see that it’s possible to buy a $3 smart lightbulb with a rather powerful 24/7 Internet-connected ESP-32 processor inside. A less than honorable manufacturer (or bad actor group) could do all sorts of nefarious things with a vast sea of IoT devices. The average consumer probably does’t know or care about that and is more than happy to install a privacy invading, credential stealing companion mobile phone app to accompany that IoT device.

      1. Yup, they’d why I stick with zigbee, or go to the trouble of finding ones that I can replace the firmware on. For a while, seemed like everything was esp8266, then things started locking down. Was worried that the good times were over. But recently, many of the other common chips are getting open firmware, as well: most recently I replaced it on a beken uC in a smart plug.

        1. The ESP32 is an incredibly simple chip that gets millions of eyes on its behavior per year. They could not hide something in the firmware without it being detected within a few months. They also can’t really conceivably afford to hide anything on their chips.

    2. Riddle me this: Could such an appliance sit back and log internet traffic, then rebroadcast it back to the developer? Could such a device, on command, be used to DDOS a site? Could such a device be used to check internet traffic if a certain EMP-bearing balloon payload was detonated over a country? Just pondering… ;).

    3. I think you’re being pessimistic: the UK’s GCHQ aren’t /total/ idiots (unlike a government mandated QUANGO that demanded that Wikipedia be blocked, but that’s another story).

      I’ve looked at this sort of thing in the past, and been dismayed on finding that in order to find Linux’s default router I had to do some fairly esoteric parsing of an entry in the /proc tree. But in theory, if an oven etc. upgrades its kernel it will test that any apps that refer to that sort of thing still work…

  2. >there shouldn’t be any real consequences beyond some wasted energy

    Except filling the house with toxic gases from melting teflon, children or pets burning themselves on the hot glass…

    1. Children and pets always learn after the first time not to touch the hot end. I still remember my 1st lesson to not touch the soldering iron when i was 7-8. Never made that mistake again.

          1. A child cannot get a Darwin award. They have not learnt enough to be reasonably expected to make better decisions.
            In these cases there should be a Darwin award category for people should know better but whose stupidity causes the death of others. The kind of people who KNOW that children might be able to access dangerous items or situations but wave off the risk because pain and injury will be the teacher that they are too lazy and irresponsible to be.

    2. Dont be stupid. You obviously don’t have much experience with ovens. They are appliances that are purpose built to be left on at high temperatures for long periods of time. It’s called cooking. Also I had to stop myself from laughing at “filling the house with toxic gases from melting teflon”. Don’t take an IQ test, you’ll just be disappointed.

      1. I think Dude was confusing “turn the oven on” with “turn the cooktop on.”

        I wouldn’t want to be able to turn the cooktop on remotely as I could not be sure if the cat had jumped up there or someone laid their keys there when they came home from work, etc. But I’d feel safer (maybe not “safe” but still “safe-ER”) with the assumption that someone hadn’t left the door open and the cat took a nap on the rack.

  3. You’ve misunderstood the purpose of the wifi. It’s not there to sell more products or to help the consumer. It’s a convenient way for the manufacturer to exfiltrate diagnostic information and patterns of use. Adding a $2 wireless transmitter (and encouraging the end user to put it on their wireless network in exchange for some minor feature) is a no-brainer when you end up with a fleet of devices that conduct market research on your behalf.

    1. The question is why the hell anyone would ever let an oven have the password to their wifi setup in the first place? Unless these evil smart devices bruteforce their way on to a wifi connection then there isn’t a risk for anyone sensible enough not to let the device on to the wifi.

      1. Because it’s a “smart oven”. If you’ve bought one, you need to connect it to a network connection in order to see what it does.

        If you’re underwhelmed at the functionality gained, well, most people won’t then go to the bother of disconneting it from the WiFi, so the manufacturers get their data link anyway.

        1. Well said. I know everyone with background in network security will not allow something to connect to internet or their home network without knowing exactly what it does but for the layman it is like “hey let’s see what can it do”. Then you are pretty underwhelmed but you don’t even consider going t through the hassle of disconnecting it. And yes what can a “smart” oven do? Preheat? An oven rarely takes more than several minutes to preheat any way

      2. I typically don’t connect these devices, as I don’t see the need, but I think given the proliferation of these devices, most people using them should stick them on a guest network (or dedicated IoT network if you’ve got slinky UniFi etc devices).

        Managed well, your network should be set up in such a way that these things don’t pose a risk (ignoring microphones etc). I’d say also, for anything such as NAS devices etc on a home network, treat them as if they’re open to the internet, and make sure all passwords, SSH access etc are locked down as if it were a VPS you’d hired somewhere remote.

        1. The average householder no longer knows the meaning of the word “guest”, since his home is too small to accommodate any of his social network “friends”. And as for “guest network”…

  4. ” For example, it could be used to set the oven to begin pre-heating while you’re driving home from the grocery store. ”

    Sounds like a bad idea from a safety and security standpoint.

      1. No, I think at this point now its so cheap and easy most things probably should have some connectivity potential – just not in the ‘smart’ IOT fashion. Things like ovens and Freezers should have nothing more than a simple and probably local only telemetry message transmission. From which your personal home hub can create the ‘I’m broken’ ‘Temperature out of bounds’ ‘oven at temperature’ ‘cooker on for 3 hours, did your forget to turn it off?’ type notifications for delivery to the device(s) of your choice. Actually useful for monitoring your own energy use, will lower things like food spoilage for the door that isn’t quite sealed but closed enough the door reads closed so it won’t complain, and just generally finding which of your own devices are in need of maintenance. Can even be set up deliberately can be used as a very targeted family only alert that Gran has not been eating or whatever.

        Putting them properly online for remote control is like having a button on the remote to open the DVD/blu-ray drive, just made even more stupid – what is the point, you can only actually change the disc when you are physically at the machine anyway!

        1. Your fridge is already reliable enough that it will run for 20 years, whereas the wifi chip will occasionally drop out of connection and the majority of faults you get is the fact that your monitoring system isn’t working.

          1. Who said anything about using regular Wi-Fi, and missing an update matters not at all – your home hub won’t care or even bother to tell you until some threshold of time between updates is missed.

            And your fridge might work perfectly for 20 years (though I’d think that a bit optimistic for current generations) but it won’t keep temperature right when the door seal isn’t sealing right or worse ‘the kids’ left the door open… It probably has a little beeping alarm for the door, maybe it will trigger on a poor door seal too but that doesn’t do you any good at all if you are not nearby. So it being able to trigger alerts to the devices of choice means its much much less likely food will spoil or energy will be wasted because its working to cool your whole room.

          2. Note I’m not saying you need the connectivity, and I certainly don’t think the Internet in IOT makes any sense, at all really, can’t think of a single device that really makes sense to be directly on the internet itself…

            But it will undoubtedly be useful for useful for some, and unlike putting it on the internet its not a network security nightmare bound to spawn a few billion more botnet devices and provide backdoors into your home network..

          3. > but it won’t keep temperature right when the door seal isn’t sealing right or worse

            Thing is, I don’t need a “smart hub” to tell me that. I already have a regular glass thermometer hanging inside my fridge that I use to check whether the thermostat is set appropriately.

            If there are no people around to check the fridge for extended periods of time, it’s because we’re on holiday and the fridge will be empty of food and turned off.

          4. But if the door isn’t sealing correctly or the door is actually open you are not actually there/awake for those few hours. So when finally going to check that glass thermometer next time and find the temperature is wrong, or worse the thermometer will read correctly till next week as running at 100% flat out trying to create enough cool with a bad seal kills it and your power bill…

            Plus you are I assume human and most humans are very very good at not checking every sensor that never reports anything of interest very often, not checking the tyre pressure before every journey etc. So it could be running badly for weeks before its bad enough to unmissable or you happen to notice..

          5. I had a circuit breaker trip while I was away from my house for 6 weeks.
            The entire contents of my freezer rotted, liquified and oozed out onto the floor of my kitchen. It got past the floating floor and into the floor boards.
            Insurance has a specific clause to exclude extra damages caused by spoiled food. That they have that clause should tell you something about the frequency and consequence of this failure mode.

            If there was a status update from the fridge (or better yet the battery backed temperature alarm) my neighbour would have been able to stick his head in see the fridge wasn’t running as well as the rest of the kitchen appliances, flip the breaker and worst case we would have just needed to bin the contents of the freezer on our return. Rather than the fridge, the floor and there is still a residual stink that sneaks up on you now a year later.

            So yeah. Fridges might be plenty reliable, but the consequences of failure are also much higher and smell much much much worse than you think.

    1. Don’t be silly. You’re thinking of yourself, there are huge incentives for manufacturers to bundle cameras and microphones and wifi and GHz CPUs into lightbulbs and door chimes. All that data can be used to improve their products and be sold on the open market to improve their bottom line.

      Stop being so selfish. /s

  5. I honestly fail to see why a toaster would need to be connected to the internet.
    Granted, “it’s the new thing to sell” but I’m old school. The “smart phone”, don’t need it.
    I just need something to make and receive calls. The phone I have has a video editor.
    Now why on earth would I want to edit video on a phone?
    I think a lot of the technology today is unnecessary, a solution looking for a problem that doesn’t exist.
    Something like a life alert pendant for the elderly, that’s a good use of technology and wireless.
    I wonder what’s next, an internet connected toilet?

    1. >> I wonder what’s next, an internet connected toilet?

      That’s so four years ago…

      >> I just need something to make and receive calls.
      Proud owner of an Alcatel Go-Flip here. Don’t need no “smart” phone.

        1. A device is supposed to do what the user wants it to do. You are correct in saying I don’t need it to. Don’t close down other opportunities. Davinci resolve now runs on iPads. That’s professional grade editing on a mobile consumer device. Not far off a phone. You don’t need to need it, others might.

          1. I think smartphones have a bit of a branding problem in that they are called “phones”. They’re pocket computers. We, the nerds, won – everyone has a pocket computer! They just happen to roll the telephone feature in to the pocket computer.

            (If this merger never happened and telephones were still independent devices, you bet your ass I’d have the hottest kickass PDA or whatever other device would have mutated into a pocket computer.)

      1. I recently bought a Nokia 2720 flip and I love it. It has 4G so it can be used as a modem or hotspot for a “real” computer if needed, otherwise it just quietly works as a phone. Battery life is great. Unfortunately the predictive text STILL isn’t as good as the Nokias of the early 2000s.

    2. For many people these days their phone is their primary computing device.

      Not everyone has a full sized computer do do things like video editing on.

      While I can’t imagine the inconvenience of trying to do everything on a phone I do think it’s pretty cool that that’s something you can attempt in the first place.

    3. It’s IoT run amok. I don’t need a fridge to tell me out of milk or eggs (and I am VERY certain I don’t need it to order them for me). I don’t need a toilet to tell me I am out of wipes or test my waste for colon cancer. I don’t need a toaster to order bread for me. Is anyone else getting the picture here?

    1. You’d think that’d be simple enough but……

      “Wi-Fi and Voice Enabled: Preheat, monitor and adjust time and temperature of your oven from wherever you are using your smartphone (Available on Android or IOS devices. A Wi-Fi connection and a Samsung account are required)”

      But it can’t set the time by itself after a power-outage *sigh*

      1. So you need a smartphone, an app AND a samsung account? Thanks for sharing, I have another brand to add to my “do not buy” list. The list is pretty long now, I’m saving a fortune!

    2. Well a RTC chip would have prevented such headache for good as long as the small backup battery is good (it is used since 1990’s in computers), but it’s few cents manufacturers are willing to scalp for profits._

  6. These smart devices get a low level of effort from the manufacturers because the hardware is cheap and nobody outside of hackers and tinkerers will ever bother to look more closely. And the level of expertise required even to write firmware to a poor level such as this is still leaps and bounds above the skills of the average user. It looks awful to you, but awful or not it’s still completely foreign to the layman.

    Software development does not happen in a vacuum; any number of external factors such as deadlines, cost pressures, customer needs, changing priorities, or company restructuring can interrupt the process and change the outcome for products in development. Businesses need not align with common sense or best practices in all cases, as depending on the case not all users will consider such infractions to be deal breakers.

    And really, have you ever gone back and looked at your own code and scripts from years ago? If you were paid less than you are being paid now, wouldn’t you agree that your employer was at least getting their money’s worth? Hindsight is always 20/20.

  7. An internet connected heat pump is nice. I can have it set to be 65 in winter or 75 in summer when I’m away for a while, then before I head home I can set it to my ideal temp of 71 when I’m an hour out and by the time I’m home it’s warmed up or cooled down.

  8. My idea of a smart WiFi connected oven is a £5 relay module and an ESP32. I very rarely change the oven’s settings so that’s all I need to warm the oven up from the comfort of the office. Maybe also a photoresistor to see if the light’s gone out when it’s at temperature.

  9. This reminds me of NetworkManagers connectivity checking only that’s a full-blown http request so it can detect captive portals by them returning a real (unexpected) page.

  10. I actually use when I need to make sure my PC is online. Other websites (mostly reddit) tend to hang for me, but Hackaday loads right up. Not as fast as the OLD website design, but still pretty darn quick.

  11. When I need to check if the computer is connected to the internet I usually try icanhazip.

    I think that many of these devices (oven, etc) should not need to connect to internet to have remote controls, etc. What I would do is to expose a IMIDI/E port and document the available controls. You can then connect it to whatever is desirable (e.g. a IR receiver, or a computer), if you want to remote control or receive data from it. If you do not use these features, then you can simply leave it unconnected. This way is also more secure, and should not need as complicated software that it needs to implement internet connection.

  12. Why are appliance manufacturers not using tech like Zigbee more regularly?

    It seems like taking all the wifi, internet connection, sync, firmware logic out of the device, and just making it report status and take the odd command on a handful of registers (thinking like MODBUS…) would make a lot more sense in many cases. Although presumably not allow anywhere near as much data harvesting.

  13. > Traffic to Russian and china servers from their home address would cause some people in the UK and the USA a lot of problems

    You forgot an important word, “certain”.

    Querying a search engine periodically/constantly with the exact same query is noise that will be filtered out. It’s not going to get you put on a secret no fly list or any other conspiracy you can think up. This sort of exaggerated blind conspiratorial thinking only causes problems.

    Is pinging these sites dumb? Most likely.

    Is it a problem? Unlikely.

    Why does it do it? Because the product is international and only certain sites might be accessible in certain regimes.

    1. > Querying a search engine periodically/constantly with the exact same query is noise that will be filtered out. It’s not going to get you put on a secret no fly list or any other conspiracy you can think up. This sort of exaggerated blind conspiratorial thinking only causes problems.

      Router logs can and absolutely do get seized for all sorts of investigations, not just covert spy stuff. And the prosecution can twist a daily ping of Yandex into “you accessed a Russian site every day!!!1!” In my (civilised, “democratic” western) country it is in fact mandatory for ISPs to log metadata for all users. Collecting this data wouldn’t be mandatory if it were never used.

      I hope you never have to fight a false or nuisance lawsuit, because this sort of “evidence” is what your accuser loves. It’s easy to collect and takes a lot of time and resources for the defence to debunk.

      It’s irresponsible to tell people that securing their network is “blind conspiratorial thinking.” That’s like saying “you don’t need strong passwords because your data is unimportant.”

  14. Reason behind enabling remote control every time is safety. This is also required by oven standards (UL/IEC/EN). I would not want to turn on my oven, without knowing if somebody put something in it.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.