Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

Many air conditioner manufacturers nowadays provide units that can connect to Wi-Fi and be controlled with an app. The use case is understandable - turning on your A/C and cooling down the house while you’re on your way home sounds like a dream. However, using the manufacturer’s app is often not as convenient as using more mature home automation software, that might be integrated with voice assistants from Google and Amazon.

So, it shouldn’t be a surprise that when one of us moved into an apartment with a smart A/C controller, hacking it to work with Home Assistant, an open-source home automation software, was prioritized highly. Little did we know that going down this rabbit hole, we would find some glaring security vulnerabilities that exposed the controllers’ users to complete takeover from the internet, amongst other issues. Hacking Electra Smart air conditioners for fun and profit