[lxe]

> Light bulbs need to support infrared lighting and should not require authorization for controlling them over the local network. Moreover, the adversary needs to plant malware that encodes private data from the target device and sends it to the smart light bulbs.

If you've already exploited the target device, why not just send private data to the attacker's servers instead? This has to be one of the most convoluted attack vectors.

[sowbug]

To exfiltrate data from a network not connected to the internet. Drop USB drive in parking lot to get malware inside the network. Use a signaling mechanism like this one to get data out.

[dwighttk]

Heck, drop a smart bulb in the parking lot...

[zaarn]

This might sound too obvious to work but I know a non-zero number of people who picked up lightbulbs and plugged them in at home.

[DonHopkins]

I know a non-zero number of people who picked up telecommunications panels, terminals, monitors, trunk test equipment, access codes and other items and plugged them in at home.

https://en.wikipedia.org/wiki/Kevin_Poulsen

https://archive.org/stream/JustinTannerPeterson/1346919-0_-_...

>A couple of hours later, Neal accompanied Poulsen to his condominium down the street from SRI. Against one wall stood a six-foot-long phone monitoring station. Strewn on the floor or stuffed in the closet were line-testing equipment, trunk test sets, telecommunication panels, terminals, monitors, cables and a switching device. At the same time that he had an SRI security clearance, Poulsen had been pulling nighttime burglaries on Pacific Bell facilities, stealing manuals, passwords, anything that might provide access, the San Jose indictment charged. The handful of books and papers ranged from "How to Buy Stocks" to a copy of "Watchmen," a violent comic book scries, to a bright yellow report binder that might have been scribbled by an eighth-grader but for its title. "Burglar Alarm Procedures."

>A police photograph taken at the scene showed Poulsen leaning against the door, a sour look on his long face. "I had him sign a copy of what we were taking away," says Neal. "I think he finally realized there wasn't going to be an easy way out."

[bayesian_horse]

Or in a network with intrusion detection or firewalls this could be a way to exfiltrate data without the system noticing.

[close04]

TBH a a network with intrusion detection or firewalls doesn't really go in the same room as a smart bulb. You don't build a secure network and then say "hey, I should put some fun into it" :).

[annabellish]

Nonsense. As smart light bulbs get even cheaper and more likely, the chances of them being used to achieve useful ends, like automatically dimming up and down as daylight requires, turning off when not needed at light-level instead of room-level, et cetera, rises. Once they're cheaper than alternative methods of doing that they _will_ be used, and eventually you _will_ get a smart bulb on an airgapped network.

[close04]

I'll just repeat myself, maybe the finer points were missed: If you set up a secure network with IDS and firewalls, you control all aspects of that network. Saying that you'll put some IoT smart bulb crap on that network is just like saying you have an airgapped network that's connected to the internet.

It doesn't make sense to build a secure network and then connect insecure crap to it or to allow anyone else to do it.

[annabellish]

There's nothing inherently insecure about a smart lightbulb. With studies like this proving the danger inherent even in a 100% perfectly secure bulb, then yes, people likely won't attach them to secure networks. _Without these studies_, they would, because nobody would know of any dangers.

You're thinking too current. There's no reason why an "industry" smartbulb won't exist in the not too distant future, with hardened security and professional use cases. This study is flagging up that even with hardened security there are new attack vectors.

[close04]

> You're thinking too current.

Sure, because I know that the second the "industry" smartbulb is launched and connected to secure networks (someone will definitely provide a good reason to connect a lightbulb to a network with confidential data just like today you connect your phone over WiFi to a secure network to Snapstagram) IDS systems will detect flickering lights on all wavelengths thus preempting any attempt to exfiltrate data that way :). This would make the whole point moot. Hence me staying in the present.

In all seriousness there is absolutely no good reason to ever connect anything to a secure network that's not critical for the functioning of that system. But maybe I'm too current, maybe future networks are managed by... creative people.

[bayesian_horse]

You'd be surprised. Also, who says the bulb was deposited there by security experts.

[close04]

See reply above. Did it ever happen to you to come home and find a random fridge in the living room? Then why would you expect that anyone building a secure network would allow anything to be connected to it without any controls?

A smart light bulb usually needs some additional "infrastructure": the bridge that has to be connected somehow. Even if you made the mistake of not physically securing the ports of your secure network, and also don't authenticate any device that connects, and you somehow allow random devices to be connected to a secure [0] network, you'll still be able to catch any device that gets connected. And if your bulb somehow goes straight to WiFi why would you allow random devices on that network?

[0] Did I mention secure enough times? I just have the feeling that this is the crux of the discussion because you consider setting up firewalls and IDS that block any exfiltration as normal but somehow a smartbulb on the network doesn't raise any flags.