SoylentNews is people
SoylentNews
Abstract: Within the next few years, billions of IoT devices will densely populate our cities. In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction, provided that the density of compatible IoT devices exceeds a certain critical mass. In particular, we developed and verified such an infection using the popular Philips Hue smart lamps as a platform. The worm spreads by jumping directly from one lamp to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity. The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes, enabling the attacker to turn all the city lights on or off, permanently brick them, or exploit them in a massive DDOS attack. To demonstrate the risks involved, we use results from percolation theory to estimate the critical mass of installed devices for a typical city such as Paris whose area is about 105 square kilometers: The chain reaction will fizzle if there are fewer than about 15,000 randomly located smart lights in the whole city, but will spread everywhere when the number exceeds this critical mass (which had almost certainly been surpassed already).
To make such an attack possible, we had to find a way to remotely yank already installed lamps from their current networks, and to perform over-the-air firmware updates. We overcame the first problem by discovering and exploiting a major bug in the implementation of the Touchlink part of the ZigBee Light Link protocol, which is supposed to stop such attempts with a proximity test. To solve the second problem, we developed a new version of a side channel attack to extract the global AES-CCM key (for each device type) that Philips uses to encrypt and authenticate new firmware. We used only readily available equipment costing a few hundred dollars, and managed to find this key without seeing any actual updates. This demonstrates once again how difficult it is to get security right even for a large company that uses standard cryptographic techniques to protect a major product.
A PDF of the paper is available here.
(Score: 2) by kaszz on Wednesday April 19 2017, @01:50AM
The main problem with LED lamps asfaik is heat and unclean power. The main component that is prone to bad design is the power converter which usually lack good cooling. Just opening the lamp and separate the converter and LED onto some wide conducting plate together with thermal grease would help a lot. The LED component of course also needs cooling but usually it's good enough in many cases. As always make absolutely sure that the mains power have no path to any touchable parts.
The unclean power can be handled with components that cuts out fast transients like MOV and zener diodes. Powering the lamps from a beefy power supply to a local DC power network can also dampen transients through all the energy storage and impedance the converters and wires make up.
One simple trick can actually be to drill small holes into the bulb!