undefined | Better HN

0 pointsclose047y ago0 comments

TBH a a network with intrusion detection or firewalls doesn't really go in the same room as a smart bulb. You don't build a secure network and then say "hey, I should put some fun into it" :).

0 comments

annabellish7y ago

Nonsense. As smart light bulbs get even cheaper and more likely, the chances of them being used to achieve useful ends, like automatically dimming up and down as daylight requires, turning off when not needed at light-level instead of room-level, et cetera, rises. Once they're cheaper than alternative methods of doing that they _will_ be used, and eventually you _will_ get a smart bulb on an airgapped network.

close04OP7y ago

I'll just repeat myself, maybe the finer points were missed: If you set up a secure network with IDS and firewalls, you control all aspects of that network. Saying that you'll put some IoT smart bulb crap on that network is just like saying you have an airgapped network that's connected to the internet.

It doesn't make sense to build a secure network and then connect insecure crap to it or to allow anyone else to do it.

annabellish7y ago

There's nothing inherently insecure about a smart lightbulb. With studies like this proving the danger inherent even in a 100% perfectly secure bulb, then yes, people likely won't attach them to secure networks. _Without these studies_, they would, because nobody would know of any dangers.

You're thinking too current. There's no reason why an "industry" smartbulb won't exist in the not too distant future, with hardened security and professional use cases. This study is flagging up that even with hardened security there are new attack vectors.

1 more reply

bayesian_horse7y ago

You'd be surprised. Also, who says the bulb was deposited there by security experts.

close04OP7y ago

See reply above. Did it ever happen to you to come home and find a random fridge in the living room? Then why would you expect that anyone building a secure network would allow anything to be connected to it without any controls?

A smart light bulb usually needs some additional "infrastructure": the bridge that has to be connected somehow. Even if you made the mistake of not physically securing the ports of your secure network, and also don't authenticate any device that connects, and you somehow allow random devices to be connected to a secure [0] network, you'll still be able to catch any device that gets connected. And if your bulb somehow goes straight to WiFi why would you allow random devices on that network?

[0] Did I mention secure enough times? I just have the feeling that this is the crux of the discussion because you consider setting up firewalls and IDS that block any exfiltration as normal but somehow a smartbulb on the network doesn't raise any flags.

j / k navigate · click thread line to collapse

0 comments

annabellish7y ago

close04OP7y ago

It doesn't make sense to build a secure network and then connect insecure crap to it or to allow anyone else to do it.

annabellish7y ago

1 more reply

bayesian_horse7y ago

You'd be surprised. Also, who says the bulb was deposited there by security experts.

close04OP7y ago

j / k navigate · click thread line to collapse