[wlesieutre]

If one of the "novel attacks" is against this:

>while in the case of video visualizations, the modifications reflect the dominant color and brightness level in the current video frame.

How does this leak anything that your TV screen doesn't leak already?

This just in! People outside your window can see what color your TV screen is glowing! People at particular angles can retrieve a 4K visual representation of the media you're viewing!

[hw_penfold]

I'll take a moment to spell out what's going on here, since they seem to be beating around the bush in the article itself, possibly for fear of imitation in the wild.

They take a smart lightbulb with certain features: infrared and media decoders.

They specifically hijack the infrared portion of the bulb's spectrum only. Why?

Because standing right next to the bulb, you wouldn't notice it flickering hot/cold, at millisecond intervals. So they can create a channel in the IR range to send anything they want, and go unnoticed.

So, then, at any time (not just while you are watching movies) that bulb can be made to send any information, and not just add atmosphere to your viewing habits. Indeed, it can both exfiltrate arbitrary data, without you noticing, by flickering in the invisible heat region, AND also follow along with your movies, independently, Much in the same way it can blend a blue channel and a yellow channel into green ambient light.

It needs the media decoder, so that they can gain fine-grained access to the bulb's transmission state. It needs malware and local network access to create the implant and continuously relay data to steal.

The benefit here is that it might ba able to amplify reads at a distance, perhaps greater than wi-fi. The signal is degraded at 50 meters, but if one wished to transmit a very course signal at lower bandwidth, it need not be a high-detail image, such as lena.

It could be the heavily aliased bitmaps of your password, read from across the street from a hotel parking lot, where a hotel has installed these bulbs in every room.

It could also use a control signal sequence, to automate sniffed passwords. For example, have a passive video buffer watching a specific window, waiting for S-O-S, before it starts recording, then it captures 60 second interval, and ceases for a 5 second quiet period, to await the next S-O-S.

[wlesieutre]

I'm talking about their "Deducing victim's music and video tastes" section.

The data exfiltratiom part is after that, titled "Data exfiltration from personal devices", which yes, is a new means of transmitting data. Under the assumptions that there's no authentication to control the lights and that they have malware running on your computer already.

But my point is that the whole first section is absurd. Leaking what's on the TV via a light that shows the average color of what's on the TV? It's already on the TV. Stop looking at the light from the lightbulb and look at the TV. If you can't see the TV directly, look at the light from the TV, which is already the same color as what the lightbulb would tell you.

The music part doesn't seem any better. You know what's a good way to figure out what music someone's listening to? A microphone. Granted a light might be visible from farther away, but if someone is running party lights the music is probably not quiet.

[peteforde]

Honestly, you're just being argumentative. The researchers haven't proposed that they've backdoored your computer, but historically every impressive hacking feat is built on a stack of "obvious in hind-sight" novel abuses.

Instead of writing it off as Rube Goldberg over-engineering, it would be a lot more useful (and fun) to consider what these sort of attacks could do in less obvious conditions.

The people who put the 2600hz tone whistles in the breakfast cereal didn't anticipate Apple computers.

[wlesieutre]

>Instead of writing it off as Rube Goldberg over-engineering, it would be a lot more useful (and fun) to consider what these sort of attacks could do in less obvious conditions.

Having slept on it, I still can't come up with a situation where the "average screen color" mode reveals anything that wasn't already public with higher fidelity.

Maybe you can help me out?

[semi-extrinsic]

For remote surveillance, you can use a laser microphone up to 4-500 meters away from the target house. No hardware or software in the house required.

[jcims]

With a $20 dongle you can perform TEMPEST attacks on the display itself.

https://www.rtl-sdr.com/tempestsdr-a-sdr-tool-for-eavesdropp...

[userbinator]

Also this:

Moreover, the adversary needs to plant malware that encodes private data from the target device and sends it to the smart light bulbs.

...if you can already install/run code of your choice, why not just send the data out over the network and into the Internet?

[jessaustin]

Maybe there is a firewall? Lots of people put smart bulbs on their own subnet that is cut off from the internet.

[lucb1e]

Honestly, that doesn't strike me as something lots of people know how to do, nor take the effort to.

[wlesieutre]

Five people tops. Maybe six.

[braythwayt]

O HAI, other four people, maybe five.

I'd never have thought that I'd need to put my audio speakers and bathroom scale behind a firewall would be a thing, but it's 2018 and here we are.

I threw my smart lightbulbs out entirely.

[SmellyGeekBoy]

> I threw my smart lightbulbs out entirely.

Smart move. Perhaps I'm becoming a dinosaur (at the tender age of 34 no less!) but I genuinely never saw the appeal of these things.

[dylan604]

I’m in an early ‘60s model house where the electrical circuit demands were way less than they are today. When the house was flipped, the living area had 4 incadessant can lights added to the existing fan/light combo. All of that is on a single switch. So for me to have the fan on, it reuired the 4 heat generating can lights to be on at 100%. It was much cheaper to add 4 LED smart lights to the cans than to completely rewire the circuit to have multiple switch legs. That was the appeal to me that pushed me over the wdge to buy them. Plus, now I have energy saving bulbs, I havent had to replace a bulb since, and now they are dimmable which is a bigger deal now than I would have thought prior to having them.

I dont try to turn the lights on remotely or any of those features. I have taken steps to prevent them from being online. I know this works because the app is constantly reminding me that it cant check for updates.

[wlesieutre]

In in an apartment where I can't install hardwired dimmers, so lightbulbs are the only way I can have my lighting at all adjustable. Color is a bonus.

[elorant]

Uploading data to a server leaves a trail. Theoretically there are allegedly untraceable servers leased in the underground but they're quite expensive and you never know who's actually running them. In this scenario the risk is limited.

[underwater]

Don’t smart bulbs have the ability to connect to and broadcast to arbitrary networks?