Keurig's K-Cup coffee DRM cracked


My old joke is “bitter with no sugar.”


In short? Because you’re using the wrong alternative as comparison.
Keurig is huge in institutional settings, where the non-Keurig option is a carafe that’s been sitting on the burner since 6am – and it’s now 2pm. And maybe, if you’re lucky, someone washed the carafe out properly from the night before and you won’t end up with a cup of toxic sludge that’s been re-heated for 18 hours now but fuck it, you’ve been up until 2am last night marking essays and you have 3 minutes to get the coffee or you’ll be late for the class that’s at the other end of the school…


Yeah, but sometimes she screams when I do that.

Wait, what?


My favorite version is



I think what you’re looking for is a Clover coffee machine. Just $11,000, if you can get Starbucks to sell you one.


I remember seeing this thing on Kickstarter last year…



Let’s for the moment assume this would be covered by the DMCA.

Would it matter? This is interoperability, which is explicitly allowed.


Maybe you’d be interested in this movie?


Also, aren’t there materials that shift incoming light so it reflects back at a different wavelength?

Fluorescent ink would do that. But that doesn’t mean that their competitors can’t find or develop a similarly fluorescent ink. It’s not like the coffee machine is going to have a lab-grade spectrofluorometer in it.


I don’t understand how this is DRM, since coffee isn’t digital, unless they’re making some grand metaphysical claim.


I suspect that there are two tricky constraints(aside from cost, which precludes off-the-shelf tamper resistant ICs):

Given that the units are not networked(yet, I assume an ‘internet of things’ security vulnerability, inescapable advertising, and a shitty social network are set for v3), there are two major classes of tags that are rendered largely useless.

There are tags that are extremely difficult to clone; but easy to create(like the ‘glitter dispersed in clear paint’ tamper evident seal. Anybody can make a new one in seconds; but cloning one already created is painstaking at best and nearly impossible at worst).

There are also tags that are functionally impossible to create; but trivial to clone(the most obvious example is something with a digital signature, whether as a file or as a printed representation. Any moron can make a copy; but only someone who possesses the private key could create a different file with the correct signature).

The hard-to-clone tags aren’t too useful to an isolated system because they don’t intrinsically prove their origin. It’s very difficult to damage and then recreate one; but it’s easy to just make a new one, so unless you can query the factory to see if the pattern you are being fed was in fact created there, the attacker can just make their own.

The impossible-to-create tags do intrinsically prove origin(only the holder of the signing key could have created the tag); but they are trivial to clone, so the attacker can simply obtain some number of samples and clone them to their heart’s content. Without being able to communicate with one another or the mothership and ‘strike’ a pod’s serial number when it is used, the harshest technique you can really use is an internal log to reject multiple clones of the same tag being used on the same brewer. This could force the attacker to issue a fairly large number of distinct clones, to keep probability of success sufficiently high; but cannot be elegantly solved.

It gets markedly easier if the devices can communicate; but that Isn’t Good.


Why oh why don’t we have these pods in Norway? All we have are specific pods for specific machines and they’re mostly overpriced rubbish. Also makes selection in stores tiny because they have to stock four different versions of cappucino, latte, black coffee etc. sadface


Ah, but interestingly the US allows you to trademark colors. And unlike copyright, there’s no “circumvention exception” for trademarks, and you can’t claim fair use for using someone else’s trademark on your product. So actually, Keurig might have been very clever in choosing to use a color as DRM.

Then again, the description says it’s infrared, and I’m not sure you can trademark an invisible mark.


There are several ways to hack such schemes.

In case of something trivial like this, create an alternate optical path for the sensor that reflects from a piece of the genuine foil top, with the “proper” ink. A little glue or sugru with small mirrors should do the job easily. No need to bother with modding cups.

If it is something more difficult, you can spoof the sensor itself, generate fake “genuine” response. A cheap microcontroller of Arduino class can handle a lot of such things.

Or you can break into the main firmware, hack the main CPU down to the bootloader, and inject your own modded code where the check always passes. It is usually all hinged on a single conditional jump that can be replaced with either an unconditional one or a NOP instruction.

The ultimate is throwing out the original controller and putting in a new one, keeping just the actuators and drivers and transplanting the brain. That could eventually be even sold as modkits. Given that a coffeemaker firmware is nothing exceedingly complex, that again falls into the domain of Arduino-class chips. And you can have all sorts of additional fun; if you splurge and put in a Raspi-class board, you can watch the coffee pot with an integrated camera, run the coffee cycle over the intranet, have all sorts of timing and scheduling, and (with either a prepositioned cup or a way of remote positioning, LEGO and some servos to the rescue) have an over-the-internet control so you can tell the machine what coffee you want before you get home, and be invited by a smell of a fresh cup.

…for added points, you can build it from scratch and have a coffee mill built in. Or even feed the machine with green beans and roast them per batch to an optimum degree. The disadvantages are a higher complexity than just a controller board replacement, and not showing a corporation that their silly schemes are trivial to bypass (and how would they learn).

How to defeat Keurig 2.0's DRM with scotch tape

I need a machine that automates feeding my civet cat - and steps thereafter.


I kind of think you’re missing the point. If bypassing the DRM requires that the user engage in substantial physical and/or electronic manipulation of the machine, then the number of hacked machines is going to be quite low, which still ruins the market for third party cups. If it’s really just special ink, then the unlicensed cup manufacturers may be able to bypass the DRM without the consumer needing to do anything, which is the only way their business plan is viable.


Couldn’t one just save the top (assuming that is where the special pigment is) and slap it on your knock offs and other stuff. I gather some have information about the contents that is machine readable so you might need a selection of tops to match bottoms.
Of course the special pigment might be where the canister is punctured and so it gets mixed in to the drink to make the canister unusable.


Oh thats easy to get around. Just keep an old pod, extract the tag if you want and stick it to a different pod.


Remember when VHS came from behind and relative obscurity and beat the living daylights out of betamax? This reminds me of that. If all the other companies come together and agree to an open standard, k-cups will disappear overnight.