‘Smart’ Lightbulbs Reveal Wi-Fi Passwords

Mikael Thalen
by
July 8th, 2014
Updated 07/08/2014 at 4:03 pm

Researchers have found a way to reveal Wi-Fi passwords by hacking mobile phone controlled LED “smart” lights.

Image: Smart Light (Youtube).

Image: Smart Light (Youtube).

The LIFX lightbulb, yet another addition to the “Internet of things,” allows a user to remotely change a network-connected bulb’s color and strength from a computer or cell phone.

White-hat hackers with the UK-based security firm Context released their findings this week after successfully obtaining Wi-Fi credentials from 30 meters away.

“Armed with knowledge of the encryption algorithm, key, initialization vector and an understanding of the mesh network protocol we could then inject packets into the mesh network, capture the WiFi details and decrypt the credentials, all without any prior authentication or alerting of our presence,” Context said.

The discovery highlights the inherent danger in having countless home appliances connected to the Internet – as experts predict as many as 50 such devices in the average home by 2022 . Other lights such as the Phillips Hue were successfully hacked last year as well.

“Weaknesses in a popular brand of light system controlled by computers and smartphones can be exploited by attackers to cause blackouts that are remedied only by removing the wireless device that receives the commands…” noted Ars Technica.

While LIFX has reportedly fixed their vulnerability, Phillips disagreed that theirs was an issue.

“George Yianni, head of technology for connected lighting at Philips, told Ars the Hue lighting system was intentionally designed to grant access to any device connected to a user’s home network,” Ars Technica said.

While everyday consumers are still learning of these technologies, the roll-out has long been in the works. In 2010, Yahoo News reported on the emergence of “flickering ceiling lights” that transmit data to computers.

“The LVX system puts clusters of its light-emitting diodes, or LEDs, in a standard-sized light fixture,” the report states. “The LEDs transmit coded messages — as a series of 1s and 0s in computer speak — to special modems attached to computers.”

A 2014 New York Times report revealed how similar LED technologies have already been implemented at the Newark Airport.

“Using an array of sensors and eight video cameras around the terminal, the light fixtures are part of a new wireless network that collects and feeds data into software that can spot long lines, recognize license plates and even identify suspicious activity, sending alerts to the appropriate staff.”

Former CIA chief David Petraeus praised the flood of Internet-connected devices in 2012 at a summit for the CIA’s venture capital firm In-Q-Tel, noting the increased ability to spy on Americans.

“Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing,” Petraeus said.

Given the NSA’s noted goal of collecting all digital information in existence, a future with back-doored dishwashers, thermostats and refrigerators will likely prove to be a dark one.

Share Button

Tags: , ,

Category: Privacy, US

Mikael Thalen

About the Author ()

Mikael is the lead features writer at Storyleak.com. His articles have been featured on sites such as the Drudge Report, Infowars and Natural News. During his time at Examiner.com, he was frequently ranked the number one political writer.

Comments (35)

Trackback URL | Comments RSS Feed

  1. Rumple Skilskin says:

    “Our country is now taking so steady a course as to show by what road it will pass to destruction, to wit: by consolidation of power first, and then corruption, its necessary consequence.” Thomas Jefferson

    • TheNewsMadd says:

      That quote should mean something to everyone on here

    • TheNewsMadd says:

      I will also reply this:
      "What country ever existed a century and a half without a rebellion? And what country can preserve it's liberties if their rulers are not warned from time to time that their people preserve the spirit of resistance? Let them take arms. The remedy is to set them right as to facts, pardon and pacify them. What signify a few lives lost in a century or two? The tree of liberty must be refreshed from time to time with the blood of patriots and tyrant"

      Thomas Jefferson

  2. Rumple Skilskin says:

    Jun 23, 2013 DARPA Talks About Hacking Cars

    https://www.youtube.com/watch?v=6OfcgJ-pl7Q

    August 2, 2013 Car hacking code released at Defcon: Car computer hacking hit the gas on the first morning of Defcon 21, as hackers revealed how they took over two of the most popular cars in America.

    http://news.cnet.com/8301-1009_3-57596847-83/car-

    Dec 21, 2013 Creator of Creepy DARPA Robots Questioned On Military Funding Google Purchase

    http://www.youtube.com/watch?v=7G_SitA01AQ

  3. TheNewsMadd says:

    Be careful of your Wi-Fi people

    • Roger says:

      If it can be sent from the right machines, it can be hacked by the wrong ones.

      • Alinsky Hero USA says:

        All I know is that's it's easy to hack the Starbucks wifi in Reno.

        • Roger says:

          All I know is that people such as yourself make me glad I would never own a bulb of this sort.

          • smith says:

            As light bulbs are symbolic of bright ideas, I suspect you use candles for light.

          • Roger says:

            As that is about all you can imagine I'm not surprised.

            I prefer LED bulbs for most applications with Halogen bulbs for places that need more lumens.

            See, you are a troll stuck in the 'stupid' and I live above the bridge with real ideas.

            That's the difference between us.

  4. Rumple Skilskin says:

    Jun 23, 2013 DARPA Talks About Hacking Cars

    https://www.youtube.com/watch?v=6OfcgJ-pl7Q

    August 2, 2013 Car hacking code released at Defcon: Car computer hacking hit the gas on the first morning of Defcon 21, as hackers revealed how they took over two of the most popular cars in America. by Seth Rosenblatt

    http://news.cnet.com/8301-1009_3-57596847-83/car-

  5. Roger says:

    In the statist nightmare they have smart meters on our electrical meters.
    They keep calling them cute names and pretend we need them and then outlaw any alternatives so we are stuck in this vulnerable position where the state can treat us as slaves.

    No thanks. Our founding fathers would be protesting the busses of illegal aliens in Murietta, marching towards the cattle enclosed at the Bundy Ranch and resisting this fascist regime.

    Thanks to this site for pointing out another vulnerability.

  6. Joe Joker says:

    Thank you for sharing how to hack. Now im going to go hack everyone's Wi-Fi, says a creep!

  7. julia says:

    wow thanks for sharing the information, there is always something to learn by culture or information. excellent article greetings

  8. Robin Sags says:

    Pretty Interesting Article.

  9. Vlc says:

    Nice post. I would like to visit again to your website.

  10. Sam says:

    This is actually pretty amazing. And this should be a huge concern. Hacking into LED bulbs, into a smart phone, which in turn will hack into accounts. No wonder some are worried to use Apple Pay or the iWatch.

  11. filmer says:

    George Yianni, head of technology for connected lighting at Philips, told Ars the Hue lighting system was intentionally designed to grant access to any device connected to a user’s home network,” Ars Technica said.

    Read more: http://www.storyleak.com/smart-lightbulbs-reveal-

  12. Lewarson says:

    Should the child be highly scholastic in abilities that enable him/her to be described as intellectually talented above average, that student deserves free college education.solutionsinwriting.org for writing services with on time delivery.

  13. Seniors says:

    Nice post. I would like to visit again to your website.

  14. Jamal Hassan says:

    This is a great article, thanks for sharing.

Leave a Reply

Your email address will not be published. Required fields are marked *