LIFX HomeKit bulbs appear to be storing Wi-Fi passwords unencrypted

2»

Comments

  • Reply 21 of 24
    macguimacgui Posts: 1,526member
    MplsP said:
    So I read this article and think 'why, in God's name you need a lightbulb to be wifi connected, much less storing passwords?' If I want to dim a lightbulb, I'll put a dimmer switch on and buy a $4 bulb from Target or Home Depot
    Talk about not being the brightest bulb...
  • Reply 22 of 24
    macguimacgui Posts: 1,526member
    rcfa said:
    WiFi access doesn’t buy much, particularly if you use the router to limit which MAC addresses are allowed access.

    At least where I’m at, I consider WiFi almost equivalent to the public internet, security must be enforced at the individual device level 
    Because we all know nobody would every think to spoof a MAC address to gain access to a network, and even then there's absolutely nothing they could do once in, right?

    Blocking MAC addresses is almost as secure as putting that little sliding gold chain on your door to restrict entry.
  • Reply 23 of 24
    rolyroly Posts: 66member
    MplsP said:
    So I read this article and think 'why, in God's name you need a lightbulb to be wifi connected, much less storing passwords?' If I want to dim a lightbulb, I'll put a dimmer switch on and buy a $4 bulb from Target or Home Depot
    Then you’re missing out on a lot of value. My entire house runs on scenes based on the sun and time of time, as well as ad hoc voice commands and, yes, physical switches/dimmers. They work together and do more. 
    How about changing the colour, and triggering based on people enter and leave the house? You can't do that with a $4 bulb.
  • Reply 24 of 24
    focherfocher Posts: 645member
    rcfa said:
    WiFi access doesn’t buy much, particularly if you use the router to limit which MAC addresses are allowed access.

    At least where I’m at, I consider WiFi almost equivalent to the public internet, security must be enforced at the individual device level (NAS, computer, printers, etc.)

    If someone having access to the WiFi password creates more of an issue than stolen bandwidth, you have much bigger security issues than these bulbs.
    Spoofing the MAC address is extremely easy. Some people also think using the "hidden network" feature is helpful. It's not at all.

    I have LIFX bulbs (not this specific one, but their multicolored LED ones). For me, their general flakiness in connectivity is as big of an issue as any security problems.
    maltz
Sign In or Register to comment.