Security Issues

From my research as developing an interface to the lifx product using php, I can say this system like most IoT systems is insecure. The reason being is there is no authentication provided in the protocol to adjust the lights. The protocol actually provides the capability to add in some authentication, however, IF someone gets into your LAN/WIFI they can control your lighting with no password whatsoever. The lifxlan protocol really needs to use TLS as well, to prevent sniffing of such authentication. Just because its cool, does not mean that it is secure…

Well first they have to get into my LAN or WIFI which worries me a great deal more than someone changing my lights from inside my network. If someone gets their jollies from changing my lights on me then go for it, it lets me know I need to change the security on my network and cut them off in the first place.

Its true, we rely on the authorisation and authentication protocols that are already present in your home network to provide the access control. Most users probably consider this enough protection, and indeed a feature, because it allows you to easily give control to your guests by letting them onto the Wi-Fi network.

However we do recognise that this does not work for everyone, as evidenced by threads like this one. We have been recently investigating adding the ability to disable LAN control completely once the bulb has been onboarded and forcing all control to happen via our cloud services, which provide a stronger security guarantee. Obviously this change need to be well tested in both technical and user experience aspects, so it will likely take some time.

This seems like it could be a good idea if the cloud could give “family style” controls, such as in my post that you linked (parents have control over all bulbs, kids over subsets, maybe a guest group)

Actually one of the reasons why I chose to develop using the LIFX Lan protocol is because I simply don’t trust cloud services… I don’t want to trust a vendor to turn on my lights… What if you go out of business?? Making it dependent on the cloud basically will cut out a LOT of potential customers that may have a lighting lan instead of a regular one. What if you have no internet access at the location? What can you do? Quite frankly, the damn lan protocol should be rewritten… Its cludgey there are too many reserved fields in it. The engineer who designed that protocol should have known that “Reserved for future use” is a VERY BAD design because you never really know where things will go.

So whats the processor in these things? How much memory does that light bulb have? (lol) Depending on the microcontroller installed, you might be able to rewrite the protocol stack and release it in a firmware update…

In face, why not make it an open source project, I’d love to contribute…

You give us the hardware, let the community develop the software for it…

If you don’t trust our software why would you trust our hardware?

I never said the bulb would be dependent on the cloud. This would be an option that users could choose to enable if they wished.

With regards to the LAN protocol, unfortunately we don’t control all the clients so we need to try and keep as much backwards compatibility as possible. This is why some fields have been marked as ‘reserved’. A few of the fields are also reserved in the public documentation because they are features that are not yet finished, and their behaviour may change before we make them public. Please remember that when you look at things you aren’t necessarily seeing the full picture, and comments like this are unhelpful.

If you wanted to make an open source light bulb I would back it. Its not something LIFX is pursuing at this time.

2 Likes