Gizmo that remotely turns on house lights.

[doubleminus]

I am using this device that for the royal amount of $6 including shipping, provides wifi on-off control to anything. You can use it out-of-the-box, but the downside is that they have a clunky app that controls the thing via an AWS server (so that you can control while you are not at home) but is an inconvenience and security risk. The upside to the downside is that you can flash the thing with open-source software and connect it to most any smarthome app.

And since it has a 10A rated relay, you can control loads up to 1.1KW@110V or 2.2KW@220V, which means a whole set of lights.

[Balthisar]

gnoitall:

So retool your home RFC 1989 allocation* to use 10.0.0.0/8 address allocation and revel in 16.8 million available host addresses.

*Assuming you can. Most commercial home routers hard-code DHCP for a 192.168.x.0/8 internal network, but if you run a DHCP server off another device, you can configure it how you need. My in-home Linux server is my home network’s DHCP server, for instance.

I’ll admit my laziness and ignorance in this matter. I know that I can use a different subnet to increase my IP space, but it’s never been a concern for me (especially given that I’m not using light bulbs with IP addresses :p).

I’m pretty sophisticated when I need to be, and I’ve been fine with my current internal IP address allocation. I do run Tomato, which is definitely not hard-coded for anything. It’s my DHCP server and set up with custom hostnames and static IP addys for everything I know about (except one device… who the hell is 192.168.1.15? I will track you down!).

Although I’m back in the States and it doesn’t matter, in the past I’ve been able to configure custom IP tables for access using (or not) the VPN (I was in a country that has a grand fire-blocking wall), given that it’s just Linux, too.

The damnable thing is you’ve got my curiosity piqued and now I’ve got to decide if I want to continue down this path or just leave it for now.

[doubleminus]

I have never seen a router that does not allow to change the network address and mask to anything you want. And I’ve seen at least 20 types.

[Reply]

Leo_Bloom:

From a few weeks ago:

Israeli hackers show light bulbs can take down the internet:
Weizmann Institute researchers use airborne drone to take control of nearby office devices, demonstrate vulnerability of the ‘Internet of Things’

The “hackers” are among the founding fathers of on-line cryptography:
…The experiment, carried out by four researchers, Eyal Ronen, Colin O’Flynn, Adi Shamir and Achi-Or Weingarten, focused on simple Philips Hue wifi-connected smart bulbs and showed how the bulbs can “infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction.”

“The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes,” the researchers’ paper said.

Their paper: IoT Goes Nuclear: Creating a ZigBee Chain Reaction.

The Phillips page on Hue.

The ZigBee protocol manipulated.

Very cool. It’s like WiFi’s early days. Security always trails behind the rapid pace of innovation, I guess.

[Mama_Zappa]

Reply:

…
I’m not a security professional, but ZigBee is far behind wifi in popularity and security. It’s very popular as a home automation protocol, but has nowhere near the ubiquity of wifi. To be able to attack wifi-only smartbulbs (such as the TP-Link) would require not only breaking vendor-specific layers (like what happened with Philips) but also the universal, industry-standard wifi over WPA2 that everyone everywhere uses. An attacker would first have to get through your home router (and possibly its “stateful firewall”, as an additional security measure, which ignores random incoming connections from addresses that your light bulb hasn’t recently talked to).

ZigBee doesn’t go through a router like that, so any attacker within range can initiate a connection to your ZigBee light bulb directly. They can’t do that to a WiFi light bulb unless there’s some undiscovered secret command to initiate a hardware reset on those things (usually it requires you to turn on/off the bulb with its hardware switch in some secret pattern, almost like morse code).

TLDR: WiFi light bulbs should be reasonably safe for the time being. ZigBee too, unless you have rogue hackers driving around your neighborhood trying to hack light bulbs. While a theoretical attack vector, most hackers (especially international ones) will look for low-hanging fruit like wide-open internet cameras that run unprotected directly facing the internet, not something that requires specailized equipment and physical proximity like your ZigBee bulbs or something that requires traversing home routers like the wifi bulbs.

Interesting, and thanks. I’ll run this by my husband (who IS an IT security person and in fact got me interested in learning about IoT security issues after the recent DDOS attack).

I don’t see it as being an issue for us any time soon, whatever the options are, as I truly can’t think of any application around the house where remote-controlled lights would be all that useful to us. Of course that may change someday…

Also, routers themselves are good but not perfect, as googling turns up lots of stories of hacked routers.

[gnoitall]

doubleminus:

I have never seen a router that does not allow to change the network address and mask to anything you want. And I’ve seen at least 20 types.

Huh. My Linksys allows me to set the router’s LAN-side IP address (all octets) and netmask manually. As to the DHCP server, as I mentioned it seems to be restricted, but for me it’s a non-problem since I disable it in the router and run dhcpd on my Linux server. That’s a simple matter of tweaking a text-based config file (/etc/dhcp/dhcpd.conf) and restarting the server program (“service dhcpd restart”).

It’s something each home-network administrator will have to check for themselves if they’re interested.

[Max_Torque]

Mama_Zappa:

I don’t see it as being an issue for us any time soon, whatever the options are, as I truly can’t think of any application around the house where remote-controlled lights would be all that useful to us. Of course that may change someday…

I just got two “smart outlets” and am using them on my Christmas tree and the fireplace garland. The plugs for both are hard to get to, which makes turning the lights on and off a pain (and yes, I know they’ve had foot controls for trees forever, but you bury that cord under presents, and you’re back to square one).

Anyway, for the time being I named them “garland” and “tree” and put them both in a group, so I can say, “Alexa, turn on the Christmas lights,” and everything lights up in a flash.