Totally cool. I understand that it's a custom prototype/ proof-of-concept project. Network topology is definitely the major factor determining any real security exposure of the appliance on a given network, but it seemed like an undocumented variable that exists outside the scope of this particular project, so I figured it's worth pointing out.
As zanny pointed out (https://news.ycombinator.com/item?id=6030206), since we know the chipset, and can anticipate available features, given that we know the networked device is a Raspberry Pi, and that we have the source code of the project, this provides us with enough information to craft possible payloads to drop onto the system. It's certainly not a huge attack surface, but there might be _just_ enough wiggle room to bust in.
As for the QR Code concept, any chance of some plans for adding a small low-end camera?
Even if the camera is not very good (maybe a $20 USB webcam), and the picture is poor quality (perhaps a ~0.3 megapixel image), as long as the image of the QR Code can be captured, the software that attempts to discover the QR Code and pull the information out of the low-quality image will do the rest. Then, it's just up to the user to print out some QR code stickers. Actually, come to think of it, I bet there are probably some burritos out there with QR codes on the wrappers, pointing to some burrito website, that could be re-purposed to trigger the microwave.
As zanny pointed out (https://news.ycombinator.com/item?id=6030206), since we know the chipset, and can anticipate available features, given that we know the networked device is a Raspberry Pi, and that we have the source code of the project, this provides us with enough information to craft possible payloads to drop onto the system. It's certainly not a huge attack surface, but there might be _just_ enough wiggle room to bust in.
As for the QR Code concept, any chance of some plans for adding a small low-end camera?
Even if the camera is not very good (maybe a $20 USB webcam), and the picture is poor quality (perhaps a ~0.3 megapixel image), as long as the image of the QR Code can be captured, the software that attempts to discover the QR Code and pull the information out of the low-quality image will do the rest. Then, it's just up to the user to print out some QR code stickers. Actually, come to think of it, I bet there are probably some burritos out there with QR codes on the wrappers, pointing to some burrito website, that could be re-purposed to trigger the microwave.