Company spokes-shill: “We do not understand what all the fuss is about. Our products are so delightful and wonderful that we cannot conceive that anyone would ever discard one. So what’s the problem?”
nobody. needs. wifi. lightbulbs.
Commander Adama says, “See? This is why we don’t network computers on Galactica!”
Yep, that Internet of Shit is the worst, right? Especially those weird offbrands that offer basically no security?
That of course is why you peddle the Revogi Smart Bluetooth LED Bulb, in your own online store! Because you want to take a stand (while lining your pockets)!
Philips Hue lightbulbs, which are among the most popular variety of “smart lights”, use a Zigbee mesh network, not WiFi, and communicate with your network via a dedicated WiFi -> Zigbee hub, so they would not share this vulnerability.
This. Hub-based bulbs solve this problem - you just need to wipe the hub setting when you’re done.
Great. Now when I get a super cool idea and a bulb lights up above my head, everyone will be able to hack in and steal it.
Do those wifi bulbs need Internet, or could you use a Pi, Arduino, ESP8266, etc as a hot spot, with no Internet, to control it?
Eh, I reckon the typical dumpster will contain sticky notes that also reveal wifi passwords stored in the clear.
At first I thought that was some kind of industrial widget powered by magic smoke, but after some Googling I still can’t figure out exactly what it does. What’s the blue thing in the “CIK”? And what’s supposed to go in the “Fill” port? I would think all those greebles would represent points of failure.
Exactly.
I’m still in the
Way Back mode of Wonder
where I’m amazed
I will Never. Miss. A. Call.
They are for hardware encryption modules. https://en.wikipedia.org/wiki/Fill_device
It’s essentially hardware VPN implementation, intended to connect to an untrusted network and establish a secure tunnel to protect traffic from the classified device or devices plugged into it by encrypting their traffic before allowing it to pass. Closest commercial equivalent would likely be a branch office router that supports handling an IPSec tunnel for a number of devices that aren’t themselves VPN aware to be transparently connected to the main office.
The blue bit is one end of a ‘crypto ignition key’(inserted into it’s keyhole in this shot, so you are seeing just one edge); a cute little hardware key storage module.
The fill port is a (covered) U-229 connector for connecting one of a number of fill devices.
When supplied with appropriate crypto keys via the CIK slot or the U-229 connector it establishes an encrypted tunnel to its designated endpoint and encrypts all the traffic from devices on its secure port before passing it along.
The mechanical bits are points of failure in a sense; partially just for historical reasons, partially by design. The U-229 is big ugly and not terribly refined mostly because it’s an old connector(70s at least) with backward compatibility demands to meet.
The CIK is deliberately removable for much the same reason that there’s a big “zeroize” button: loss of a fully keyed device is considered much worse than potential downtime so the device is built to make removing or erasing all the keys swift and easy rather than stashing them on internal flash that you need to connect to the console port and log in to some admin interface to manipulate.
You don’t usually see those sorts of design tradeoffs(annoying keying system rather than just a little PIN pad for feeble shared secrets; design that practically encourages you to wipe the unit) outside of this genre, which is why I mentioned it.
The consumer junk obviously just doesn’t care at all and can neither be filled safely nor emptied reliably; while nicer commercial stuff offers some attention to those features; but rarely includes a ‘bring down the network good and hard’ button for hasty wipes.
If you’re on a modern WiFi mesh you’re open to the PMKID vuln. Most installations haven’t gotten the memo to disable 802.11r (fast roaming).
If you’re on a commercial WiFi network, I strongly encourage you to use secure protocols like TLS/HTTPS and have your certificates up to date. Because right now a third party can snoop on you in a matter of minutes. Even a non-roaming WPA2-AES is susceptible to an offline brute force crack of the keys. Offline meaning the attacker can kick off Amazon EC2 to run Reaver or whatever.
maybe stick a cover on that so a stray elbow doesn’t wipe a db?
Raise your hand if you remember warchalking.
When hackers can far too easily take over your router, are we really significantly worried about someone getting physical access to a digital bulb that probably has a 20 or more year life, then cracking into it, scrapping up your wifi password, and then having to find your network?
Do all of us seriously work for the Pentagon?
We all probably have our own tree branches on the dark web, with logins from years back.
In the meantime, I have my bulbs that turn off when I yell at them. It will never stop being a kick.
Our wiki overlords provide a Soviet example that did that. I’m not sure if there’s a specific NSA or NIST ‘button you shouldn’t press must be this pressable’ standard at play; or whether it’s just an idiosyncrasy of that General Dynamics product line that has its origins in the fact that the engineer doing the prototype had a drill and a button but no flip covers in stock on the day the tech demo needed to happen or something of similar historical contingency.
Frakkin’ Cylons!
This topic was automatically closed after 5 days. New replies are no longer allowed.