The Google Home arrived this week and I detail a few first impressions here. Kevin Tofel and I also came up with a sneaky way to control a wider variety of devices using If This Then That and the Google Home. We kicked off the show talking about the recent hack of the Philips Hue light bulbs and then covered the Nest appliance news. We also discussed a new mindfulness device I’m testing, Talkies, a way to connect with your kids, and Bixi a gesture-controlled button.
The next half of the show features Rammohan Malasani, the CEO of Securifi, which makes the Almond Router, discussing how the Wi-Fi demands in the home are changing, how to secure routers and why consumers may never buy a smart home hub. We also talk about adoption rates and what he’s learned in four years of selling the idea of a smart home. Enjoy.
Hosts: Stacey Higginbotham and Kevin Tofel
Guest: Rammohan Malasani, founder and CEO of Securifi
Sponsors: Samsung ARTIK and Bluetooth
- First impressions of the Google Home
- Philips bulbs (and ZigBee lights in general) are vulnerable
- Check out Spire, a wearable for mindfulness
- Why combine a router with a home hub?
- How many devices are on your network?
Podcast: Play in new window | Download | Embed
Subscribe: RSS
Regarding the possible Phillips Hue hack, typically a side channel attack is performed by having physical access to a device especially to obtain the global AES-CCM key, although there are possibilities to perform this remotely if there is enough info known about the device or by intercepting wireless commands being sent to the device. The paper does not describe how they performed the side channel but it seemed like they physically had a Hue light, was able to re-flash the firmware and then add it to an existing Phillips Hue config. This, I see, could be performed easily by someone buying a Phillips Hue Light in the Starter Kit, either change one of the lights in the kit or change the code in a light and then return the kit to the store. If the store puts the kit back on the shelf as an open box, or worse just resales the kit as new, an unsuspecting buyer could end up with the infected light in their home or business.
The fact that they were able to perform a factory reset on Hue lights from up to 400 meters away and then take control of the light was a bit troubling. The war-flying attack with the drone was even more troubling and is an example of the dangers of allowing folks to fly such devices anywhere they like. How many other devices have the same vulnerability? Having Colin O’Flynn, the creator of the Chip Whisperer, on the team that performed the attack ensured the side-channel attacks success.
Cheers,
Jon