Smart Devices Could Expose WiFi Passwords, or Worse
Are smart devices a security risk? Security firm Rapid 7 seems to think so. According to the researchers, a range of Internet-connected light bulbs had at least nine security flaws. While the potential consequences are hardly life or death, it could be a blow to the concept of smart devices in the home.
Osram's Lightify range of light bulbs lets users control lighting via a smartphone or tablet app. The idea is partly to allow more precise controls, such as dimming a bulb or even changing its color, and partly to allow users to remotely access the lights. For example, if a home owner is unexpectedly delayed and will now be coming home after dusk, they can switch on the lights so the house doesn't appear unattended.
Security firm Rapid 7 has examined the technology behind the system and says that it found nine vulnerabilities. Rapid 7 then contacted Osram to warn that it would unveil its findings, and says that five of the nine flaws have already been patched. (Source: rapid7.com)
Hackers Could Remotely Control Lighting
One of the flaws (which has now been patched) deals with how users could login to the smart light bulb account control via a web browser. The bug meant hackers could gain unauthorized access to the account and take control of the lighting.
Another problem - still unfixed - deals with the way the lighting system uses encrypted Internet data to connect with the user's device. This means that it is possible for a hacker to intercept data on the network in an unencrypted form, and potentially decrypt WiFi passwords.
WiFi Passwords Potentially Exposed
The biggest problem, which has also been patched, dealt with the iPad app for controlling the lighting system. The app had been set up to store the user's WiFi network password and SSID in plain text. That meant anyone could read this information and then gain unauthorized access to the home owner's entire network.
As a result, this could have far more serious consequences than just accessing the lighting system; once the network has been exposed, bandwidth could be stolen, other computers on the network could be accessed, and/or sensitive could be read or possibly deleted, for example.
Osram says it will patch all remaining bugs by next month where possible, but says that some of the problems are to do with underlying wireless technology that is not in its "area of influence." (Source: zdnet.com)
What's Your Opinion?
Can you see any point in 'smart' light bulbs? Are manufacturers doing enough to maintain security on such devices? Do security concerns outweigh the convenience of Internet-connected home gadgets for you?
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Expect more smart devices to go Rogue
This won't be the last we hear of smart devices having major security flaws. The fact is that a smart device is no different than any other computer or peripheral - it contains software written by human beings, and human beings are prone to error. Mix that with innovative companies trying to be the first on the market with the latest and greatest tech gadget, and you have a mashup of devices that are going to have fairly hefty bugs that could also pose severe security risks.