If you were hoping to drive someone a wee bit crazy by remote controlling their light bulbs you have probably missed your opportunity as Phillips have patched the vulnerability. This is a good thing as it was a very impressive flaw. Security researchers figured out a vulnerability in the ZigBee system used to control Phillips Hue smart light bulbs and they did not need to be anywhere near the lights to do so. They used a drone from over 1000 feet away to break into the system to cause the lights to flash and even worse, they were able to ensure that the bulb would no longer accept firmware updates which made their modifications permanent. Unpatched systems could be leveraged to turn all the lights off permanently, or to start an unexpected disco light show if you wanted to be creative. You can pop by Slashdot for a bit more information on the way this was carried out.
"Researchers were able to take control of some Philips Hue lights using a drone. Based on an exploit for the ZigBee Light Link Touchlink system, white hat hackers were able to remotely control the Hue lights via drone and cause them to blink S-O-S in Morse code. The drone carried out the attack from more than a thousand feet away."
Here is some more Tech News from around the web:
- NASA Puts its 3D Models Up on GitHub @ Hack a Day
- Google to patch Chrome mobile hole after bank trojan hits 318k users @ The Register
- Microsoft prises open Azure containers, pours in a little Kubernetes @ The Register
- TSMC board approves US$4.91 billion for capacity expansion @ DigiTimes
- Microsoft launches Skype Insiders Programme – but don't tell anyone @ The Inquirer
- Tobii Tracker 4C Review @ OCC
All the more reason for a
All the more reason for a closed non-IoT lighting solution that uses ethernet-over-power. No WiFi, no dialing home. WHERE IS IT!??!
No not even Ethernet over the
No not even Ethernet over the power lines, it should be on ONLY its own non open behind two firewalls dedicated IOT wired network engineered to not be compatible with any outside connections! That IOT over power line signal can go right out of the house/apartment and onto the common electrical grid, no way! The IOT’s dedicated protocol should be user defined with user defined headers and encapsulation algorithms, so only the user’s devices can communicate with the other devices after being configured to accept the user defined networking protocol! Encrypt the headers also along with the encapsulation bits and data. Let the user choose the IOT header and other protocol encoding so no other system can replicate it without massive supercomputer resources(taking many many years).