Unsurprisingly, “smart beds” are pretty easy to hack

Pls share this post

Listen to this article

Smart beds (yes, they are a thing) can be hacked and used to gain access to a user’s entire home network, experts have warned.

As such, they are a (fairly big) security risk, as hackers could then deploy malware, steal sensitive data, and even learn when no one is home.

The discovery was recently made by one Dillan Mills, a computer engineer and web designer, who described how he tried to gain local network access to his Sleep Number bed in order not to strain the company’s servers with some of his plugins.

A security liability

The hunt for local access led him to discover that the bed’s hub communicates with the Sleep Number servers by opening an SSH tunnel and providing a reverse tunnel back to the hub. While the tunnel was most likely designed for maintenance purposes, he surmises, “the idea that unknown users can directly connect to my internal home network is a scary thought,” he concluded.

READ ALSO  Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good

“I will probably be disconnecting the hub from the external internet once I am satisfied with my internal network control script. It also makes me wonder how many other internet-connected appliances include a similar backdoor into the home network like this one has.”

Ultimately, Mills found a way to root the device and gain local network control over the bed. That means users can disconnect the gadget from their local Wi-Fi network and maintain the device via Bluetooth only, which will definitely improve its security posture.

Smart home devices give the promise of an improved quality of life. Beds, for example, can maintain mattress temperature to the sleeper’s liking, and track things like sleep patterns, breathing, and heart rate, to allow the users to better organize their sleeping schedule. However, they are a huge security liability, as every new smart home device added to the network potentially opens up a new door for hackers to move in.

Missed out on the $500,000 Cheyenne supercomputer deal? Supermicro has an Intel server offer that you can't refuse — eight Gaudi 2 AI accelerators, 76 cores, 1TB of RAM and 100GbE for just $90,000

Via Tom’s Hardware

More from TechRadar Pro


Pls share this post
Previous article
Report: Samsung’s Galaxy S25 series might ditch the Plus model
Next articleUnderstanding collective defense as a route to better cybersecurity