Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

LIFX smart bulb security vulnerability a warning for IoT devices

7/07/2014 by

W1siziisijiwmtqvmtavmjgvmtuvmzqvmjivmjk0l2zpbguixsxbinailcj0ahvtyiisijywmhg0mdbcdtawm2uixv0

CONTEXT Information Security says its researchers have exposed a security vulnerability in the LIFX Internet-enabled Wi-Fi LED light bulb.

Context said that by gaining access to the master bulb, it was able to control all connected light bulbs and expose user network configurations. LIFX has issued a patch, which is now available as a firmware update.

According to Context, this vulnerability highlights security issues with the latest wave of Internet of Things (IoT) devices.

“It is clear that in the dash to get onto the IoT bandwagon, security is not being prioritised as highly as it should be in many connected devices,” said Michael Jordon, Research Director at Context.

“We have also found vulnerabilities in other internet connected devices from home storage systems and printers to baby monitors and children’s toys. IoT security needs to be taken seriously, particularly before businesses start to connect mission critical devices and systems.”

The LIFX bulb was launched in September 2012 with crowd funding through the Kickstarter website. The architecture, based on the 802.15.4 6LoWPAN wireless mesh network, requires only one bulb to be connected to the wifi at a time.

Context researchers, by physically interrogating the master bulb’s embedded microcontrollers, managed to access the firmware, and identify and understand the encryption mechanism in use. By monitoring packets on the mesh network the researchers identified the specific packets which shared the encrypted network configuration among the bulbs.

This article has been extracted from http://www.ferret.com.au, please click on this link to read the article in full http://www.ferret.com.au/articles/news/lifx-smart-bulb-security-vulnerability-a-warning-for-iot-devices-n2515657

Montash is a multi-award winning, global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdevmtcvmtavmzcvmzevmjq2l0nsb3vkighlywx0agnhcmuuanbnil0swyjwiiwidgh1bwiilcizodb4mtawiyjdxq

Cloud computing making its mark in healthcare

2017-01-17 10:00:00 +0000

The cloud computing sector has grown quickly, and businesses in various sectors have been quick to take advantage of its many benefits to improve services. One such market is the healthcare industry, which has been able to improve diagnosing and enhance treatment methodologies as a result of new technologies over the past decade. Cloud technology is helping one area in particular – the healthcare of people living in remote locations who would not ordina...

W1siziisijiwmtcvmdevmtyvmdkvntivmdgvotu5l0nhcmvlci5qcgcixsxbinailcj0ahvtyiisijm4mhgxmdajil1d

What are your career resolutions for 2017?

2017-01-16 09:00:00 +0000

The new year is traditionally a time to make resolutions for personal growth, but how about for your career? Setting goals is important because they provide a map for your career, helping you to organise your time, effort and resources on getting where you want to be. On a broader scale, having obtainable objectives can increase your job satisfaction, boost your self-esteem and improve your overall wellbeing. So, let’s take a look at the resolutions tha...