this post was submitted on 22 Sep 2023
641 points (99.2% liked)

Technology

58535 readers
4248 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
641
Philips Hue will force users to upload their data to Hue cloud (www.home-assistant.io)
submitted 1 year ago by nekusoul@lemmy.nekusoul.de to c/technology@lemmy.world
106 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] cosmic_slate@dmv.social 2 points 1 year ago (1 children)

At some point you have to define which threat vectors you’re willing to accept. Yes, in theory you’re correct. A device could ship with exploits for wifi targeting most access points or Bluetooth cards I guess.

So this device hops on my network, downloads a payload to break into my computer and finds…. PDFs of my tax returns, where most of the important data is already exposed and associated with my name? Worst case, tries to log into my bank accounts but is stopped by 2FA requiring a hardware token?

The bigger threat is the device wanting on my wifi or wired network, not some Zigbee bulb that has to conceal a wifi radio.

[–] LrdThndr@lemmy.world 4 points 1 year ago (1 children)

And what about the zigbee hub, assuming you didn’t know enough to use homeassistant or some such?

Or a wifi bulb?

Point is, consumer smart electronics don’t have the same attention to security paid to them.

Fwiw, I’m not anti-smart device. I run HA and have all kinds of smart crap, so clearly I accept at least part of the risk.

But saying “it’s just a light bulb” is disingenuous as best.

[–] cosmic_slate@dmv.social 2 points 1 year ago

I’d be far more worried about a personal computer getting compromised before believing a Philips (or other mainstream hub) was popped.

Is it possible? Absolutely. We don’t know how secure these place’s software supply chain is.

I’m confident keeping it at “it’s just a lightbulb”, at least Zigbee bulbs, because the attack vector for this would take so much effort for it to be effective.

Sure, if you’re in a high-risk category, like if you live in an authoritarian state and you’re the popular candidate espousing democracy, I’d completely agree and say trash all of your wireless devices.