User Controls

Smart lightbulbs not so smart. Vulnerable to persistent XSS.

  1. #1
    Sophie Pedophile Tech Support
    Toppest of keks, that's what you get with your IoT clusterfuck on security.

    As per usual, Rapid7 has a very nice analysis on the situation.

    https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059
  2. #2
    Hack it to stobe and trigger epilepsy
  3. #3
    Originally posted by SCronaldo_J_Trump Hack it to stobe and trigger ecstacy

  4. #4
    Merlin Houston
    I like the future. Smells like money. Just imagine 2/3 of the world (nogs) don't have internet, it's going to be a shit show worse than grandpa forwarding "muh racist emails".
  5. #5
    0Death Yung Blood
    Hah, imagine a botnet of lightbulbs. Quite a bright idea, don't you think?
    ...
    Jokes aside, this is just crazy stupid how bad IoT security is. Sometimes I don't get why these developers always get it so wrong with the security. What's so special with IoT that always makes the software so insecure anyway?

    Nice find, interesting read.

    Post last edited by 0Death at 2017-01-09T05:31:47.653048+00:00
  6. #6
    aldra JIDF Controlled Opposition
    doesn't even seem worth the whitepaper, really. the only thing I'd even be vaguely concerned about is the weak PSK, meaning that potentially someone nearby could crack it and bridge into your home WLAN but it doesn't look like that's the default configuration anyway. I believe the zigbee attack implies that it's on a network with other 'iot' nodes, but having an 'ecosystem' of devices like that (as technofags are wont to say) opens you up to a whole plethora of security concerns most people don't consider.
Jump to Top