This Power Strip is a Fire Starter

A few weeks ago I needed a power strip in my home office. The outlet in question is located behind a filing cabinet so it would need a low profile plug. I jumped on Amazon to buy a surge suppressor strip. That’s when I noticed strips with rotating plugs. I’ve always had some apprehensions about plugs like that, though I could never quite put my finger on why. Looking at the reviews on this particular plug, I found some scary issues. Photos of melted plugs, melted outlets, and cries of “fire hazard”. So I did what any crazy hacker would do – bought two power strips. One with a fixed right angle plug to use in my office, and one with a rotating plug to tear down.

Failed plug – from Amazon reviews

Surge suppressors, power strips, outlet strips, they have many names. Underwriter’s Laboratories (UL) calls them “Relocatable power taps”. They all have several outlets, most have a circuit breaker of some sort inside, and some have circuits for surge suppression. These are some of the most common devices to find in the modern home. Many of our houses were designed and built before surround sound, cable boxes, computers, modems, cell phone chargers, tablet chargers, and all our other modern conveniences. There weren’t as many electrical loads, so the houses didn’t have many outlets. Power strips solve this problem.

After a couple of days, I had my strips in hand. I expected the plug to rotate once – maybe 270 degrees. That would indicate there were wires connecting the rotating head to rest of the plug. Not so – this plug would spin round and round all day long.

Continue reading “This Power Strip is a Fire Starter”

Turning the Belkin WeMo into a deathtrap

The Belkin WeMo is a small, WiFi connected outlet controlled by a mobile device that adds Internet control to a desk lamp, coffee maker, or, if you’re feeling daring, your home server. It’s an interesting device, but of course there are a few security implications of having your electric kettle connected to the Internet. [Daniel] was able to get root on his Belkin WeMo and with full control of his Internet-connected outlet was able to turn it into a deathtrap.

[Daniel] says his exploit could be developed into a virus that will scan for WeMo devices. Once these Internet-connected devices are found, it’s easy to turn these devices on and off really fast; something not too dangerous for a desk lamp, but potentially lethal if it’s plugged into a space heater.

In the video after the break, you can see [Daniel] exploiting the WeMo with a flaw in its UPnP implementation. There’s footage of his terminal hacking and of his desk lamp being turned on and off really fast, something that could be very dangerous for higher current devices.

Continue reading “Turning the Belkin WeMo into a deathtrap”