Philips' smart lighting products offer 16 million color changes and can be remotely adjusted using the mobile app. But this surprisingly novel system has been hacked and is at risk of being shut down remotely by humans.
Safety researcher Nitesh Dhanjani has demonstrated an attack technology for the Philips HUE intelligent lighting system that allows the victim to be completely in the dark. Due to authentication issues, HUE personal wireless systems may expose users to hackers, resulting in a light-off event.
The researcher said that the HUE system generates a token whitelist that can be used by the wireless bridge to authenticate commands. The token is the MD5 hash of the MAC address of the authentication device. This causes the malware to calculate the whitelist token by looking at the infected device's ARP cache, which can result in a continuous lighting system shutdown event.
Users can purchase HUE systems in the Apple Store and elsewhere, and configure 16 million color lighting bulbs through iOS and Android apps. A Philips spokesperson said in a statement that the company uses industry-standard encryption and authentication technology to ensure unauthorized access to the lighting system.
The spokesperson said that such an attack requires a computer in a proprietary local network to issue internal commands, which means that if the home network is effectively protected and traffic between the device and the Internet is in a secure state, there is no security risk.
Dhanjani pointed out that the wireless bridge of the HUE system uses a set of tokens to authenticate the request. Any user on the same network can issue an HTTP command to change the state of the light as long as it knows any token.
According to this study, when controlling the light bulb through the HUE website or iOS application, the token whitelist is not random, but the MD5 hash of the MAC address of the device such as desktop, notebook or iPhone.
The researchers say that lighting is critical to physical security. Intelligent lighting systems may be installed in residential and corporate buildings. Remotely shutting down the lighting of hospitals and other public places by intruders can have serious consequences.
Given that the cost, size and ease of installation of lithium ion battery are reducing, to rely on renewable solar energy and Solar Lifepo4 Battery can be an optimal option for any residential, commercial or industrial. The back-up battery should eliminate virtually all outages, and using Li-ion should last at least five years. UFO 48V 200Ah home Lithium Battery is designed with new lithium iron phosphate (LFP) battery technology. It is operating at 48 volt, which offers a power capacity of 9.6kWh.
Wall Mounted LiFePO4 battery Features
â— Safe
UFO POWER has more than ten years experience in the lithium battery industry. We use reliable LiFePO4 batteries to ensure excellent product quality for you.
â— Long Service Life
The Lithium battery has More than 6000 cycles, a longer life span of up to 15 years approximately. Deeper depth of discharge without decreasing in battery performance.
â— Wide Compatibility
Can be equipped with UFO Self-developed Communication Protocols Conversion Module, which provides compatibility with 10 popular solar inverters on the market.
The UFO Powerwall is equipped with LCD Display Screen, making LiFePO4 battery status checking easily.
â—Easy and Quick Installation
Each Powerwall battery is equipped with battery bracket and screws for easy installation.
48V 200Ah Powerwall,Powerwall Battery Pack,Fully Charged Battery,48V Powerwall Lithium Battery
ShenZhen UFO Power Technology Co., Ltd. , https://www.ufobattery.com