Author(s): Peter Bryer
In the age of the Internet of things, simplicity sometimes comes at the price of complexity. Some very everyday objects suddenly need to be monitored and maintained. How far will the average household go to keep things together?
LIFX is an impressive connected light bulb that hooks into the home network via Wi-Fi, enabling it to be controlled by mobile apps. It can create its own chain of networked LIFX bulbs in a home through a mesh network using 6LoWPAN, an IP networking spec designed for connecting things. However, a chain of light bulbs is only as strong as its weakest link — some researchers found a flaw in the architecture of LIFX that allowed hackers to gain access to the Wi-Fi password by hooking into the mesh network.
The makers of LIFX quickly issued a firmware update for the bulb which encrypts traffic across the mesh network, and there have been no reports of real-world damage. Users simply need to download the latest software and update their LIFX bulbs to secure their local network of lights.
However, the concept of downloading and installing patches for something as mundane as a light bulb could be frustrating for many users. It appears that home automation will require a bit of work. Gadgets like LIFX are intended for early adopters who can handle the hassle, but, if the smart home is to go mainstream, connected objects must be more secure and require less work.
The LIFX case is not the first high-profile Internet of things security hole to be uncovered. Flaws have been found in other popular connected objects, including in major brands of smart bulb, but solutions were found before any significant harm was done. However, such events show potential buyers that even light bulbs have their dark sides in the well-networked world. It will be a challenge to be both smart and safe. "Set it and forget it" is still the most admirable goal for gadget makers.