Gaming Reviews, News, Tips and More.
Discover
Editions
EspañolDeutschFrançais
More
Log In / Sign Up
Send us a Tip!Subscribe
Extra
About
AdvertisingPrivacyJobsTerms of Use
Explore our other sites
  • kotaku
  • quartz
  • theroot
  • theinventory
© 2025 G/O Media
We may earn a commission from links on this page
Kotaku East

App Vulnerability Could Cause Toilet Terror

By
Brian Ashcraft
We may earn a commission from links on this page.

Smart toilet? Ha, more like scary toilet that can suddenly run amuck and squirt water up your butt.

Suggested Reading

Pointers For Marvel Rivals And Path of Exile 2, What To Play Before AC Shadows Arrives, And More Of The Week's Top Tips
The Internet Reacts To PlayStation Network Being Down
Switch 2 Price Speculation, A First Look At The Next Battlefield, And More Of The Week's Top News
Live Forever in the Universe of 'New World: Aeternum'

Last December, Kotaku reported that Inax, a Japanese toilet brand, was rolling out an Android app called My Satis for the teched out Satis toilet. The app allows people to do basic things like flush (and select how much water they want to use), as well as operate the toilet's bidet and adjust water pressure via Bluetooth. Note the word "Bluetooth". It's important!

Suggested Reading

Pointers For Marvel Rivals And Path of Exile 2, What To Play Before AC Shadows Arrives, And More Of The Week's Top Tips
The Internet Reacts To PlayStation Network Being Down
Switch 2 Price Speculation, A First Look At The Next Battlefield, And More Of The Week's Top News
Live Forever in the Universe of 'New World: Aeternum'
Advertisement

Related Content

Sony Gives Out Free PS Plus Days But Fails To Explain Mysterious PlayStation Network Outage
Valve Bans Forced In-Game Ads From All Steam Titles

Related Content

Sony Gives Out Free PS Plus Days But Fails To Explain Mysterious PlayStation Network Outage
Valve Bans Forced In-Game Ads From All Steam Titles

An iOS version is planned, and, so far, it seems like only the Android app has been released for Japan.

Advertisement

Security company Trustwave Holdings recently reported that the app has a fatal flaw that could cause all sorts of crap to go wrong.

Advertisement

Here are Trustwave's findings:

The "My Satis" Android application has a hard-coded Bluetooth PIN of "0000" as can be seen in the following line of decompiled code from the application:

BluetoothDevice localBluetoothDevice =

BluetoothManager.getInstance().execPairing(paramString, "0000")

What does this mean? According to Trustwave, it means anyone with a My Satis application could control any Satis toilet by simply downloading the app and entering the "0000" pin.

Advertisement

"Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user," Trustwave states.

Toilet lids closing on you! Random flushing! Wet backsides! And the fact that My Satis allows people to control the water pressure, too, means that this could be much, much worse.

Advertisement

What's the world coming to when you can't even rest in the restroom and when hi-tech Japanese toilets aren't safe? Dark times, that's what. No word if Inax is going to flush out these possible problems with a patch. Until then, you might be safer on an analog throne.

Hard-Coded Bluetooth PIN Vulnerability in LIXIL Satis Toilet [Trustwave via Yahoo! Japan]

Advertisement

To contact the author of this post, write to bashcraftATkotaku.com or find him on Twitter @Brian_Ashcraft.

Kotaku East is your slice of Asian internet culture, bringing you the latest talking points from Japan, Korea, China and beyond. Tune in every morning from 4am to 8am.