My Local Weather Observations
by The Knight Owl
I discovered a little "weather bug" in my AcuRite Acu-Link Internet Bridge (Model 09150TRX) the other day when I was trying to work out some network related issues.
I saw an unfamiliar IP address in my network map and realized it was my AcuLink Internet Bridge. The bridge uploads weather data from my personal weather station to the Weather Underground station.
Normally, you don't access the bridge directly, so I wondered what IP would happen if I did.
I typed the bridge's IP address into my web browser, and a "status page" came up that showed all sorts of neat stuff, like firmware version, MAC address, battery level signal strength, and more.
But what really caught my eye was the only hyperlinked text on the page (at the top). So, I clicked on it.
When I clicked on that link, I was sent to a domain name that is no longer registered to AcuLink, and is now under someone else's control! I was forwarded to an easily recognizable spam filled (and sometimes malware infected) simulated search engine result page.
I tried to phone it in, but the lady that answered the phone just couldn't understand What I was saying. It seemed like she didn't want to either. I asked her if there was somebody else I could talk to, and she said no, she was the only one. "You mean, you wrote that code?" I asked.
She just didn't understand it, and people fear what they don't understand. And because of her fear, who knows if - or when - that "weather bug" will be fixed, or what kind of impact it may have on the company. Can they even tell? What if they do their own domain name resolution?
My limited understanding from the quick research that I did seems to indicate that AcuLink has the ability to PUSH a firmware update, so maybe they can PUSH a web page update too? They can fix the problem with the bridge, by updating the bridge's hyperlink. But the domain name will still be out of their control, and so will any other hyperlink with that domain name (if used elsewhere).
It's a very low security risk because most people won't be going out to their Internet bridges via a web browser, but it makes me wonder what the real possibilities with these Internet-ready objects might be.
It also serves as a friendly little reminder to remain vigilant to our environment and the ever changing conditions around it.