Researchers Hack Philips Hue Smart Bulbs Using a Drone

schwit1 quotes a report from PCWorld: "Researchers were able to take control of some Philips Hue lights using a drone. Based on an exploit for the ZigBee Light Link Touchlink system, white hat hackers were able to remotely control the Hue lights via drone and cause them to blink S-O-S in Morse code. The drone carried out the attack from more than a thousand feet away. Using the exploit, the researchers were able to bypass any prohibitions against remote access of the networked light bulbs, and then install malicious firmware. At that point the researchers were able to block further wireless updates, which apparently made the infection irreversible. 'There is no other method of reprogramming these [infected] devices without full disassemble (which is not feasible). Any old stock would also need to be recalled, as any devices with vulnerable firmware can be infected as soon as power is applied,' according to the researchers. The researchers notified Philips of the vulnerability. The company then delivered a patch for it in October." It wasn't long ago that claiming "Drones are controlling my lightbulbs!" would have gotten you locked up for your own protection.

GNAA - GAY NIGGER ASSOCIATION OF AMERICA - GNAA

G_N_A_A (G.A.Y N1GGER ASSOCIATION OF AMERICA) is the first organization which
gathers G.A.Y N1GGERS from all over America and abroad for one common goal - being G.A.Y N1GGERS.

Are you G.A.Y ?
Are you a N1GGER ?
Are you a G.A.Y N1GGER ?

If you answered "Yes" to any of the above questions, then G_N_A_A (G.A.Y N1GGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join G_N_A_A (G.A.Y N1GGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time G_N_A_A member.
G_N_A_A (G.A.Y N1GGER ASSOCIATION OF AMERICA) is the fastest-growing G.A.Y N1GGER community with THOUSANDS of members all over United States of America. You, too, can be a part of G_N_A_A if you join today!

Why not? It's quick and easy - only 3 simple steps!

First, you have to obtain a copy of G.A.Y N1GGERS FROM OUTER SPACE THE MOVIE and watch it.

You can watch G.A.Y N1GGERS FROM OUTER SPACE on Youtube.

Second, you need to succeed in posting a G_N_A_A "first post" on slashdot.org , a popular "news for trolls" website

Third, you need to join the official G_N_A_A irc channel #G_N_A_A on EFNet, and apply for membership.
Talk to one of the ops or any of the other members in the channel to sign up today!

If you are having trouble locating #G_N_A_A, the official G.A.Y N1GGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is EFNet, and you can connect to irc.secsup.org or irc.easynews.com as one of the EFNet servers.
If you do not have an IRC client handy, you are free to use the G_N_A_A Java IRC client by clicking here.

If you have mod points and would like to support G_N_A_A, please moderate this post up.

This post brought to you by Penisbird , a proud member of the G_N_A_A

G_____________________________________naann_______ ________G
N_____________________________nnnaa__nanaaa_______ ________A
A____________________aanana__nannaa_nna_an________ ________Y
A_____________annna_nnnnnan_aan_aa__na__aa________ ________*
G____________nnaana_nnn__nn_aa__nn__na_anaann_MERI CA______N
N___________ana__nn_an___an_aa_anaaannnanaa_______ ________I
A___________aa__ana_nn___nn_nnnnaa___ana__________ ________G
A__________nna__an__na___nn__nnn___SSOCIATION_of__ ________G
G__________ana_naa__an___nnn______________________ ________E
N__________ananan___nn___aan_IGGER________________ ________R
A__________nnna____naa____________________________ ________S
A________nnaa_____anan____________________________ ________*
G________anaannana________________________________ ________A
N________ananaannn_AY_____________________________ ________S
A________ana____nn_________IRC-EFNET-#G_N_A_A________ ________S
A_______nn_____na_________________________________ ________O
*_______aaaan_____________________________________ ________C
Gary Niger gary_niger@G_N_A_A.us G_N_A_A Corporate Headquarters 143 Rolloffle Avenue Tarzana, California 91356
Enid Al-Punjabi enid_al_punjabi@G_N_A_A.us G_N_A_A World Headquarters No.33 Kyutei Bld. 2F, Shinjuku 2-11-7, Shinjuku-ku, Tokyo, Japan ????????2??11-6
Copyright (c) 2003-2015 G.A.Y N1GGER Association of America

Ich Bindawalross (London) - G_N_A_A (NYSE:

eventually, someone gets hurt

[turkeydance]

then someone gets sued. then some lawyers make bonus.

Networked light bulbs are useless and stupid

Not everything needs to be on the damn fucking internet.....unplug motherfuckers...

Re:Networked light bulbs are useless and stupid

The engineering is so much simpler if every light bulb connects to and gets instructions from the Philips central server, which your appy smartphone can also contact to control them. Trying to do proper peer-to-peer is hard apparently... seems more likely that coders with any aptitude aren't going to be enthused about making light bulb control systems, so I guess they're left with the dregs who implement whatever is simplest without any thought about security or the unhappy path. Welcome to the IoT.

Re:Networked light bulbs are useless and stupid

[alvinrod]

These particular bulbs are capable of changing color, so there needs to be someway of controlling them that doesn't necessitate replacing the light fixture itself or running more cabling all over the place. That means they need to use some kind of wireless technology and it's easiest just to use something standard that's well documented and already has legal approval.

I suppose you could argue that the technology itself is pointless, but that could probably be said about plenty of things you consider necessary or vital as well, so there's not much point in going down that route since it's largely personal opinion or arbitrary. I suppose that this should be a lesson to hardware manufacturers that they need to consider security, or at least have some kind of physical hardware reset.

Re:Networked light bulbs are useless and stupid

[aaarrrgggh]

Well... I have a few Hue bulbs, and while the IP is properly fire walled from the Internet, the issue here is zigbee, which you can't exactly firewall as an end user. The same issues were true for X10, Insteon, and every other power line and wireless system. Sure, you aren't going to be able to hack my DMX, well... unless you have physical access...

Re:Networked light bulbs are useless and stupid

Old fashioned dimmers required a dimmer switch. Making a dimmer switch that could use some sort of powerline comms to send 3 integers (RGB) from switch to bulb to control hue and brightness would be utterly trivial. No new cabling required, just install a new dimmer switch and the bulb and you're done.

Re:Networked light bulbs are useless and stupid

[Khyber]

This. I work in lighting, specifically LED. Making an analog RGB control is dead fucking simple and we've got wiring that already exists to handle such a thing.

Re:Networked light bulbs are useless and stupid

[geekmux]

These particular bulbs are capable of changing color, so there needs to be...

...some justification as to why we "need" color changing light bulbs, other than data mining from the app controlling it?

Yes, I agree.

Re:Networked light bulbs are useless and stupid

[djrobxx]

Old fashioned dimmers required a dimmer switch. Making a dimmer switch that could use some sort of powerline comms to send 3 integers (RGB) from switch to bulb to control hue and brightness would be utterly trivial. No new cabling required, just install a new dimmer switch and the bulb and you're done.

Have you ever used X10 / Insteon? PLC sounds good until you try to use it. Half the house is on different phases so you have trouble getting everything on the network. Then you also get issues with power strips consuming the signals, things generating interference, etc.

I'm really not a big fan of wireless either, but in practice Z-wave works a lot better.

Re:Networked light bulbs are useless and stupid

[JaredOfEuropa]

Hue uses a hub, which you can isolate from the internet if you want to. The hub is paired directly with the app or with other home automation hubs. And that is the way to keep such setups moderately safe.

Re:Networked light bulbs are useless and stupid

[JaredOfEuropa]

The bulbs themselves are not on the Internet directly, but on a Zigbee network, connecting to a Hue hub. The hub may or may not be connected to the internet (it doesn't need to be).

What I understand from the article is that the attack doesn't use the internet or exploit the WLAN, but subverts the Zigbee network. You need to be fairly close to hook into that, hence the use of a drone. Wardriving would work just as well. I'm not sure how vulnerable Zigbee networks are in general, but it must be pretty weak; I've messed with software designed to "steal" bulbs off a network (in order to add non-Hue bulbs to a Hue network)

The competing Z-wave standard will have similar issues: it is fairly easy for a device to trick itself into the network, and Z-Wave also supports wireless firmware updates (though very few actual devices implement it). At least the newer Z-Wave chips support encrypted links that make this stuff a lot harder... I guess the designers who came up with the first iteration thought that obscurity and the need for proximity were enough of a deterrent.

Re:Networked light bulbs are useless and stupid

[JaredOfEuropa]

You'd still need to run that wiring. The great thing about Hue is that it's a drop-in replacement for regular bulbs, no further installation is required.

Re:Networked light bulbs are useless and stupid

Google powerline adaptor. This is more what I was thinking of in the above post. You would need to replace the switch with a dimmer switch that could communicate over the existing power cable going from the dimmer to the bulb. All the dimmer switch needs to do is send 3 integers to the bulb (and presumably switch the power on/off like any other dimmer switch). This is fully backwards/forwards compatible.

Alternatives (off the top of my head): RS485 piggyback on power line from dimmer to bulb (simple filters plus cheap hardware) or some sort of tone-based Comms system (trickier but still not exactly rocket science). RS485 would be my favoured option (cheap hardware, easy to implement, minimum layers of abstraction). Tone-based is probably a bit old-tech, and powerline adaptors seem like overkill.

wireless automation is bad.

[Gravis+Zero]

I'm a big fan of automation but wireless automation, especially the IoT blight is a horrible idea. If your primary defense is obscurity then accepting a broadcast from anywhere is a recipe for disaster. Wired automation is intrinsically safer because it requires physical access though I do not believe that should be it's only defense.

Re: wireless automation is bad.

[Zero__Kelvin]

No. Wired is not more secure in any measurable way, and once one has proximity it is likely to be *far less* secure because so many people believe this myth. Why would I encrypt? It isn't wireless! (God invented the VPN for a reason)

Re: wireless automation is bad.

[Khyber]

"No. Wired is not more secure in any measurable way,"

Bullshit, son. It's a little thing called PHYSICAL ACCESS REQUIRED.

Re: wireless automation is bad.

[Zero__Kelvin]

You clearly have no idea what I said. You should look up words you don't understand before responding. The point is that physical access is usually not that much harder to get that access from within range. Typically the use case is some in the building connecting wirelessly and some doing wired. Your security landscape model falsely focuses on external actors (exclusively at that from what I can tell) when internal attack vectors are the most commonly exploited.

Re: wireless automation is bad.

[Kjella]

The point is that physical access is usually not that much harder to get that access from within range.

Many offices are like that yes, where the access badge is just to keep random peeps from loitering for things to steal and anyone with semi-legitimate reason has access. Not every place is like that though, but disregarding that if you're talking about colored LEDs I'm mostly thinking home applications. And it's a lot harder to get access to my apartment than to get within range of my wifi. But who am I kidding, we'll probably hook it up to the IoT so it can be managed from the cloud. That puts the whole world "in range"...

Re: wireless automation is bad.

[Zero__Kelvin]

No, it absolutely does NOT mean that there is access to everything just because it is connected to the internet. Perhaps you've heard of online banking?

Re: wireless automation is bad.

[stealth_finger]

The point is that physical access is usually not that much harder to get that access from within range. Typically the use case is some in the building connecting wirelessly and some doing wired. .

That's his point. Physical access you have to be at one place, which usually has people in it. Your guy can sit anywhere and get in, he could literally be on the other side of the world and still access your shit. Security isn't all about encryption and 128 bit random passwords. Range is a big factor.

Re: wireless automation is bad.

[Khyber]

"You clearly have no idea what I said"

You clearly don't work in a facility where EVERYTHING NEEDS TO BE LOCKED DOWN. By the way, guess what most offices have over their AC unit controls? A LOCK BOX. Guess what's dead simple to put on an automated system and lock down with a similar lock box? A non-wireless LED lighting system.

Again, physical access requirements are far more secure than anything you're claiming.

Re: wireless automation is bad.

[Zero__Kelvin]

It's great that you have a niche security landscape. You should run off to a forum where others are dealing with your corner case and try to have an intelligent discussion the appropriate context!

Solution is obvious

don't turn them on.

Trust the major players, not bargains.

[BrowserCapsGuy]

Being heavily invested in home automation including Phillips Hue, it's been my experience that you can trust only the major IoT players when it comes to pushing frequent security updates, something Hue does well. So does Ring.

I wish non-techie people knew about routers that can isolate the IoT stuff to its own network, or that buying cheap IoT stuff is no bargain in the long term.

Re:Trust the major players, not bargains.

Yeah, duh, you can only trust major companies like....Phillips? You are really bright.

Re:Trust the major players, not bargains.

[the_Bionic_lemming]

Subtle.

Philips, bright.... ... _ _ _ ...

Delivered a patch?

[smooth+wombat]

Who needs to patch a lightbulb?

Analog for the win!

$15 per bulb and they STILL suck

[JustAnotherOldGuy]

$15 per bulb and they STILL suck.

I like the part where they can make the infection "irreversible". Nice touch.

Guess what brand of bulb I won't be buying, even though it's supposedly patched?

Re:$15 per bulb and they STILL suck

[wvmarle]

I suppose that "irreversible" bit will work for any device that does not have a factory reset and allows for remote installation of firmware, thereby removing the factory default firmware and the ability to receive updates. It's quite simple to make it irreversible (easier than making it reversible) as all you do is not adding code to accept firmware updates.

Statement from ZigBee

[almeida]

ZigBee issued a press release today about this. They say the attack exploited a bug in one vendor's implementation of the protocol, not a weakness in the protocol itself.

Re:Statement from ZigBee

[stealth_finger]

So, basically they were holding it wrong?

Re:Statement from ZigBee

[geekmux]

So, basically they were holding it wrong?

Well, technically no. They were screwing it in wrong.

On a related note, I wonder how many engineers does it take to change light bulb?

But was it 3D printed?

Was the drone 3D printed? That is the really important question here. How else would those researchers get enough followers to accomplish their goal of exposing the evil security company?

Litigation

[MrKaos]

I'm sure the next thing is these guys get sued under some DMCA provision or clause, instead of getting appreciation for the effort the researchers put into exposing the vulnerability so the vendor can evolve their product.

I know it sounds cynical, but can you remember a time where a vendor of these products actually thanked those who hacked it for letting them know the problem?

Re:Litigation

[hyades1]

What's scary is that sooner or later, the hackers are going to start believing that going to a company with their findings is "all downside". The next step, of course, would be to sell their efforts to the highest bidder. And that, in turn, would probably lead to methods of anonymous transfer of wealth that might give average people access to some of the same tools as those routinely used by top banks, corporations and multi-billionaires.

It would be an interesting world.

Oh oh.

[MouseTheLuckyDog]

Now I will need a candle at night to read, because somebody might --you know tinker with my lights-- and force me to turn them off.

Re:Oh oh.

Until a drone flies by and blows your candle out.

YODA GREASED UP ASS RAMM. FELCH AND SNOODLE YODA

How to Shove a Yoda Doll up your ass! The 9 Step Greased Up Yoda Doll Shoving process. Go Linux! Tsarkon Reports

9 steps to greasing your anus for Yoda Doll Insertion!
v 4.98.0
$YodaBSD: src/release/doc/en_US.ISO8859-1/yodanotes/9stepprocess.sgml,v 4.98.0 2016/10/30 13:30:20 tsarkon Exp $

1. Defecate. Preferably after eating senna, ex lax, prunes, cabbage, pickled eggs, and Vietnamese chili garlic sauce. To better enhance the pleasure of this whole process, defecation should be performed in the Return of the Jedi wastebasket for added pleasure.
2. Wipe ass with witch hazel, which soothes horrific burns. (Rob "CmdrTaco" Malda certifies that his lips, raw like beaten flank steak from nearly continuous analingus with dogs, are greatly soothed by witch hazel which makes it perfect for the anus after diarrhea.)
3. Prime anus with anal ease. (Now Cherry Flavored for those butthole lick-o-phillic amongst you - very popular with 99% of the Slashdotting public!)
4. Slather richly a considerable amount of Vaseline and/or other anal lubricants into your rectum at least until the bend and also take your Yoda Doll , Yoda Shampoo bottle or Yoda soap-on-a-rope and liberally apply the lubricants to the Yoda Doll/Yoda Shampoo/Yoda Soap-on-a-rope. You may need your gay squire/lover to help with this since your fat corpulent ass cannot do a self-reach-around.
5. Put a n1gger do-rag on Yoda's head so the ears don't stick out like daggers!
6. Make sure to have a mechanism by which to fish Yoda out of your rectum, the soap on the rope is especially useful because the retrieval mechanism is built in.
7. Pucker and relax your balloon knot. Doing Kegel exercises several times actuating the sphincter muscle and relaxing it will help prepare your ass for what is to come.
8. Slowly rest yourself onto your Yoda figurine. Be careful, he's probably bigger than the dicks normally being rammed up your ass!
9. Gyrate gleefully in your computer chair while your fat sexless geek nerd loser fat shit self enjoys the prostate massage you'll be getting. Think about snoodling with the Sarlaac pit. Read Slashdot. Masturbate to anime. Email one of the Slashdot editors hoping they will honor you with a reply. Join several more dating services - this time, you don't select the (desired - speaks English) and (desired - literate). You figure you might get a chance then. Order some fucking crap from Think Geek. Suck and gag on a Dr. Who sonic screwdriver like it was the Doctor's dick in your mouth. Get Linux to boot on a Black and Decker Toaster Oven. Wish you could afford a new computer. Argue that cheap-ass discount bin hardware works 'just as well' as the quality and premium hardware because you can't afford the real stuff. Make claims about how Linux rules. Compile a kernel on your 486SX. Claim to hate Windows but use it for World of Warcraft. Admire Ghyslain's courage in making that wonderful Star Wars movie. Officially convert to the Jedi religion. Talk about how cool Mega Tokyo is. Try and make sure you do your regular 50 story submissions to Slashdot, all of which get rejected because people who aren't fatter than CowboyNeal

What's the role of the drone?

[wvmarle]

Both TFS and TFA are really light on technical details - can anyone shed some light on where the drone comes in play? And also the vulnerability itself - a default password or something more obscure?

Another question would be of course why would those lights even have the ability to install new software in the first place. Is it really that hard to do software right, that no updates are needed for something as simple as a lamp?

Re:What's the role of the drone?

[cdrudge]

Another question would be of course why would those lights even have the ability to install new software in the first place. Is it really that hard to do software right, that no updates are needed for something as simple as a lamp?

Well, based on the fact that we're here talking about it, yeah, I'd say that there may circumstances where an update is needed because a flaw was found. Or would you rather just toss the bulb and go buy another updated one for $50?

Re:What's the role of the drone?

[wvmarle]

I'd rather have the manufacturer do a decent job in building their software, so that updates aren't necessary. If they think the update option should be there, there should also be a factory reset option to recover from any problems with that.

Re:What's the role of the drone?

[locopuyo]

They article didn't give any details, but it sounds they hacked the hub the lights connect to, not the lights themselves. They probably had to be on the same wifi network, hence the drone. So if the wifi network was secure this couldn't have happened, but the hub must have some sort of default password or way to take control if you simply have wifi access which isn't good security.

Re:What's the role of the drone?

[aug24]

They sent new firmware to the bulb over the ZigBee network, using the symmetric key baked into every bulb (which they first had to obtain) to sign it. Obtaining the key is hard-ish, but they didn't say how they did it.

obat sinusi

[MiaIlhamiaty]

Thanks For share. Today I learned a lot from your website,, If you have a problem we come with a recommendation for us, please visit my website Obat Sinusitis

Sudden revelation

[fph+il+quozientatore]

Oooh, now I understand what happened in Stranger Things.

Oh Noes!

[Anne+Thwacks]

It wasn't long ago that claiming "Trump is president!" would have gotten you locked up for your own protection

FTFY

Re:Oh Noes!

[ebvwfbw]

I remember when Reagan being President was laughed at. He's just an actor they said.
More recently I remember when they said Obama was a joke. He couldn't even get into the 2000 DNC convention. Besides, he's black! He doesn't stand a chance. I remember saying - watch this guy, I bet he's going to nail it and here we are.

So here we go again.

curso NR 10

[Instituto+SC]

Curso NR 10 online curso NR 10 curso NR 10 online

BLANK ATM CARD

**********HACK TODAY AND GET FREE MONEY FOR CHRISTMAS************

We are hackers, We just succeeded with a new invention. We've got hacked ATM cards for sale. These hacked ATM cards have been programmed to work on any ATM machine. The cards have been topped up with $100,000 With a daily withdrawal of $3000 per day ( depending on how it is programmed ). The cards have got some special features which includes;
*Deactivating the CCTV cameras when inserted in the ATM machine,
* It comes with a 4 digit pin just like every other ATM card,
* It can be topped up when the money in it has been exhausted,
*It is untraceable and undetected.
The cards were successfully programmed with the hard-work of our hackers in USA. And they are cloned using a writer (MSR 606).
If you need to get the cards, order one today and it will be shipped to your location. Contact us on to get one..
SIMPLEHACKERS2@GMAIL.COM
***********Serious buyers only**********