What a surprise... not. 🙄

Good, anyone with a fully smart home needs hacking. I joined the facebook home automation group in my country as a pretend smart device and trolled the group saying I could see what their kids were up to. Went shockingly well actually...............

This is why we can't have nice things 🙁 We have to make sure the security is up to scratch which takes a lot of time, effort and money and is generally always hack-able at some level anyway and we have to do all of this because of ourselves, because of the portion of society that wishes to be evil and try to access these devices in the first place.

Are regular light bulbs not good enough for people?

RzrTrek:

Are regular light bulbs not good enough for people?

It's nice to be able to vary the brightness of a room with these wifi bulbs without needing to wire in dimmers. Also when I'm away I schedule them to come on in the evening to make it look like I'm home.

How is that a surprise ? When the IoT came with the brilliant idea to connect everything to internet from light bulbs through shutters to toilet seat it had to be painfully obvious to anyone that these devices would be cheap and therefore not secure. The guy was just probably really the first one who tried to do something so big.

Richard Nutman:

It's nice to be able to vary the brightness of a room with these wifi bulbs without needing to wire in dimmers. Also when I'm away I schedule them to come on in the evening to make it look like I'm home.

That's the thing... back in the day there have been solutions for such "problems" that did not require wifi and were perfectly not remotely hackable.

Get a life. Some gals and guys, are getting so dependent on technology that they forget the simple things of living. It is a disease like narcotic drugs and all day-night gaming.

People are too lazy to flip a light switch? Freakin seriously?

I'm all for the convenience of app controllable things like this (even if they are unnecessary, as is most of the stuff in the world), the problem is having it internet controllable, which seems to give minimal benefit at the expense of massive security gaps. Hell i'd even consider having a second layer of wifi in my home for IOT stuff that doesn't even touch the internet. I guess an intranet of things.

Richard Nutman:

It's nice to be able to vary the brightness of a room with these wifi bulbs without needing to wire in dimmers. Also when I'm away I schedule them to come on in the evening to make it look like I'm home.

I'm not completely innocent, but at least mine is a "cheap" non-wifi rgb led bulb (just the thought of owning an rgb product makes me shiver, but I've got an eye-condition), which I can control with a small remote controller. However I do use my switch to turn it on/off, because it never really goes "off" when using the controller (more like stand-by) and makes a wheezing sound, but I will go back to using regular led bulbs when it pops. Also when gaming I prefer to have a light bluish or purple color in the background (seems to make the colors a bit clearer and easier on my eyes), but in general orange/yellow light works for most people.

Just a comment/question... as far as I know, the Ikea Tradfri don't have access to your wifi, they only use ZigBee. For access remotely, you access through a device hub that you have to connect to the router through ethernet. So the "attackable" component would be the hub that's behind the router, which I'd think would be a bit more complicated.

heffeque:

Ikea Tradfri don't have access to your wifi

That is correct, the HUB physically needs to be connected to hardwired LAN, your WIFI is not involved other than an odd 2.4 Ghz wireless frequency signal for communication between the lights and HUB.

I don't always steal my neighbors light bulb But when I do....I hack it!

Despite being a robot developer and tech enthusiast, I really hate "technology for the sake of technology".

Inquisitor:

This is why we can't have nice things 🙁 We have to make sure the security is up to scratch which takes a lot of time, effort and money and is generally always hack-able at some level anyway and we have to do all of this because of ourselves, because of the portion of society that wishes to be evil and try to access these devices in the first place.

Security would be effortless to fix if they didn't base these devices on common wireless network technologies. These smart devices are designed so moronically. There is no good reason whatsoever why a light bulb needs bi-directional communication over common wireless protocols like Wifi. Best-case scenario, these smart devices just create unnecessary signal noise on your network. You could easily get something like a 133MHz uni-directional radio to accomplish the exact same goal. Doing this is far more secure, cheaper, easier to engineer, and will actually have a farther operation range. From there, you would only need 1 central hub connected to your router, at which point security is in the network's hands. In a worst-case scenario for a setup like this, someone gets the same type of radio and figures out the ID of a bulb in your house and turns them off on you. But, the central hub could be built with a receiver, whose only purpose is to detect such interference. So, if for example it senses a signal to turn off your lamps when it thinks they should be on, it will just simply turn them back on within a split second, putting the hacker's efforts to waste. Furthermore, the receiving end could just simply wait 1 full second before committing to a change, which in turn gives the central hub a chance to override a hack before it even takes effect. This stuff is so simple to engineer and it boggles my mind why nobody manages to figure it out. If I actually had any real interest in this kind of stuff, I'd consider making something like this myself.

Richard Nutman:

Also when I'm away I schedule them to come on in the evening to make it look like I'm home.

Y'know... these things have existed for decades: https://www.amazon.com/Century-Indoor-24-Hour-Mechanical-Outlet/dp/B01LPSGBZS/ref=asc_df_B01LPSGBZS/?tag=hyprod-20&linkCode=df0&hvadid=167139094796&hvpos=1o2&hvnetw=g&hvrand=15324779755021248620&hvpone=&hvptwo=&hvqmt=&hvdev=c&hvdvcmdl=&hvlocint=&hvlocphy=9001936&hvtargid=pla-307469470485&psc=1 Trust me, you don't need a "smart" system to automatically change your lights...

I seem to recall they figured out how to do ethernet through your existing wiring in the home, so in theory they could manufacture devices to take advantage of this, making it more secure and reliable at the same time. Of course, some idiot thought wireless bulbs were a better idea.

airbud7:

I don't always steal my neighbors light bulb But when I do....I hack it!

I have a few of these wifi devices and helped dad set up some for when he was interesting in just controlling the lighting via the phone and such (4 - 5 kinda works but above that it gets a bit wonky which toggle and which just get stuck it seems.) I did notice a while back that the devices have little GPS trackers and all kinds of weird stats though so I am curious why the light plugs need GPS location and a quite accurate one at that. (Guess they must be popular so the user can always track down where it is once the person who took it plugs it back and oh look it's over in the neighbors house now. Pfft.) In my case it's more of a fun gimmick, dad and mom well they go on vacation frequently so hopefully the toggles make it seem like they're at home like regular and not going on/off like it's some rave or something for a week because the state got stuck again. (At least it guarantees people keep away because nobody wants to know what old people get up to in their later years. 😛 Sorry parents but eh it serves it purpose at least even if it glitches.) EDIT: It is curious to hear about some of these being exploitable for wifi-access but then again I guess there might be some secure router hardware that might resist better. Unfortunate though but seems to be a common problem, coupled with the classic I guess. Default password. 😀

5G, access doors and everything connected soon, it will be a very very fun period for someone with skills... and also for high-tech thieves

I like my dumb bulbs even more. We need a stupid bulb appreciation day.

lol, funny how many ppl try to tell "me" what we need or dont need. we could all live in caves, which we did for thousands, but we dont. our cars dont need power windows/mirrors/seats/locks/doors, but they do. im not to lazy to flip a switch, but able to control stuff without having to be home is helpful. and i dont care about mechanical timers, as soon as power is out, they dont work properly, and by the time its a digital one/has power backup, i spend identical money, but still no control unless im home. i have smart plugs for things like heaters/humidifiers and weather station, so its nice to be able to switch things on/off, based on conditions in the house, and not have to wait till i or someone else gets home. dont live next to anything where ppl would go, and my three neighbours understanding of tech doesnt go past changing the wifi password to a random 15 letter one, so no problems with any "backdoor" on the software.