So a new IP endpoint landed on my home network today, an 'Anova sous-vide'. Now i thought i had enough wifi radiation in the house to cook an egg, but apparently I now own a wifi-enabled egg cooker too.
So the way this thing works, you plug a stick into the wall outlet, and an app on your phone sets the temperature. Hmmm. What could go wrong?
Being the slightly suspicious tin-foil hat type, I decided to do a quick capture on the router as this came online. The chip is a 'HF-LPB100' from gridconnect/high-flying.
The first thing it does is connect to some (no longer available) NTP server in china (which it keeps hammering away at, see this thread @ nanog of how I'm now contributing to this problem.
The second thing it does is connect to AWS and start yammering away in a non-encrypted protocol. I'm not sure what it is (MQTT maybe?). Its got a lot to say, this sous-vide alone would break most people's data caps. Energy star for Internet it is not.
So i then break out nmap. Below. Port 80 is open, try a browser. Can we guess the password? admin/admin works (duh, of course it does). Great.
Now, this thing is useless without the app, and the app requires it to be on the same wifi segment as your phone, and your phone needs to be on the same wifi segment as your chromecast, you can see how its hard to make firewalls that work. What a wicked world wide web we weave (W7, I'm going to trademark that!).