• United States



Glitch in Hive smart thermostat sends temperatures soaring to nearly 90 degrees

Feb 29, 20163 mins
Data and Information SecurityInternet of ThingsSecurity

While you don’t want to freeze in the winter, there’s a big difference between being toasty in your home and being roasted alive as your "smart" thermostat cranks up the heat on its own.

You may have seen movies which feature some evil house that is out to get the occupants, but those usually aren’t smart homes. In real life if you use connected devices to make your home “smart,” then you might expect potential security flaws, but you don’t expect those IoT devices to act like they are possessed and to negatively control your house on their own.

While you don’t want to freeze in the winter, there’s a big difference between being toasty in your home and being roasted alive. Yet some British Gas customers who have adopted Hive smart thermostats were at the mercy of the devices which sent temperatures soaring to nearly 90 degrees Fahrenheit (89.6). After the Hive thermostat, which has an app that works as the “remote control,” completely glitched out, some users took to Twitter to express their displeasure.

At first it seemed as if British Gas was unaware of multiple customers experiencing the problem, but Hive later issued a statement acknowledging the issue.

Although it was unclear how many of its 300,000 users were being baked alive in their homes, Hive told The Memo, “We are aware of a temporary glitch affecting a very small number of customers, where a certain sequence of commands in the Hive iOS app can cause the thermostat temperature to rise to 32°C.”

It’s not the first time Hive users have been roasted in their homes. The glitch started back in November, but Hive insisted users had been hacked instead of admitting faulty software was causing the devices to malfunction. This time, Hive said it was “working on a software update” which will be available “soon.”

Although the newest Hive thermostat, introduced in July, has no touchscreen as the designer considers such screens to be a “distraction,” it does have a knob. Hive’s statement included, “Any customers seeing this can very easily and immediately fix it by simply turning the thermostat down using the app, web dashboard or the thermostat itself.”

Since the Hive iOS app claims users could save about $200 per year on heating bills, it’s not hard to empathize with some users’ concerns about a high bill after suffering full blast heat in the winter. To those concerns, Hive replied, “No-one needs to worry about their temperature being too high because the rest of the app works as normal.”

Back in January, some Nest thermostat owners were reportedly freezing as the smart temperature control was struck dumb by a software update. The New York Times reported the flawed update could drain the Nest battery and many users woke up to a very cold house during a time when temperatures were plunging outside. The “fix” for some customers included a nine-step procedure to manually restart the Nest.

If you’re a geek who has been lured by the Internet of insecure things, then you know the sometimes glitchy devices offer plenty of conveniences, including potential spying conveniences for intelligence agencies. Earlier this month, U.S. Director of National Intelligence James Clapper admitted (pdf), “In the future, intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.”

Unlike the Hive thermostat issue, such spying couldn’t be immediately remedied. I’ve yet to see a don’t-spy-on-me button in any smart device app.

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.