Connect with us

News

IoT light bulb manufacturer, LIFX, responds to security issues

Now your LIFX bulbs are more secure….hopefully.

iot light bulb
Image: Limited Results

You’ve probably seen all the articles floating around recently about insecure IoT light bulbs. The short version is that credentials like Wi-Fi passwords and the information needed to control the device remotely are saved in plaintext, so they’re easily accessible to anyone with physical access.

Another one of the companies mentioned, LIFX, reached out to us after the piece ran to state that it has been working with the researcher at Limited Results who discovered the vulnerabilities in its light bulbs and that all the vulnerabilities discovered had been fixed with firmware updates towards the end of 2018.

LIFX has set up a dedicated security page with a brief Q&A section, along with instructions to get the updates if your devices haven’t already automatically updated.

If you have any LIFX lights, open up your LIFX app, and you should get a prompt to download and update the firmware.

That updated firmware brings resolution to the vulnerabilities discovered by Limited Results:

  • Wi-Fi credentials are now stored encrypted
  • The hardware now has extra security settings to guard against attack
  • The root certificate and RSA private key are now stored encrypted

It’s refreshing to see a company so willing to talk about working with security researchers to resolve vulnerabilities in its products. While you could argue that LIFX should have encrypted this data in the beginning, the company should be commended for its handling of this situation.

LIFX also offers the use of its security team if any of its customers feel their account may have been compromised or if they suspect any fraudulent behavior. If this sounds like you, reach out to LIFX with the instructions given.

Do you think you were affected by this? Have any thoughts? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Maker, meme-r and unabashed geek. Hardware guy here at KnowTechie, if it runs on electricity (or even if it doesn't) I probably have one around here somewhere. My hobbies include photography, animation and hoarding Reddit gold.

Comments
Advertisement

More in News