Tuesday, March 21, 2017

Hacked "Amazon Dash" Hardware Ends Coffee Cravings

Coffee Cravings
A White Hat hacker recently has come up with a novel solution for ending caffeinated cravings in a pinch by adapting an Amazon Dash button to order a cheeky cappuccino with a single button press.

Like many high-street coffee chains, Starbucks already has an iOS and Android app that makes pre-ordering hot beverages a two-or-three tap affair from a smartphone, but Georgia Institute of Technology student and computer engineer Ryan Pickren has decided to cut the process down to a single input.

Pickren's one-click coffee project is based on hacked Amazon Dash hardware. The inter of things (IoT) devices gives tech-saavy buyers the opportunity to turn a simple button press into a speedy transaction through public third-party APIs using Amazon Web Services.

Unfortunately for Pickren, tackling the Starbucks app involved a little more technical work as the Seattle company has not made its API documentation public. To get past the app's protection against reverse engineered techniques with SSL certificate pinning, Pickren used a rooted Android emulator and rewrote a few path rules to find the API settings he needed.

A few extracted cryptographic keys, lines of Python code later and configuration workarounds later and the 'Starbucks Button' was good to go. The chocolate sprinkling on top of the whole endeavour came via Amazon's Simple Notification Service for similar types of Amazon Lambda experiments: a text message from Starbucks to confirm the order.

This incredibly lazy method of ordering a Grande Caramel Frappuccino is not without its drawbacks, however. For starters, users will need all of the software and know-how Pickren runs through on his blog. But more importantly, users still need to get off the sofa to actually pick it up from a local shop.

Yet no matter how impractical the Starbucks Button is, tech bloggers all over the world can't help but admire the dedication shown in the pursuit of 'instant' coffee.

No comments:

Post a Comment