back to article It's the Inter-THREAT of THINGS: Lightbulb ARMY could turn on HUMANITY

Fujitsu’s CTO has sketched a nightmare vision of lightbulbs turning on their human masters in massive denial of service attacks if industry doesn’t get a grip on the security of the “internet of things”. And even if they don’t get that incandescent, the much vaunted internet-connected lightbulb leaves users open to having …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward


    Turning off people's lights would give a whole new meaning to "zero day flaw".

  2. Code Monkey

    I'm getting more Luddite as the grey hairs multiply, but what problem does the internet-connected lightbulb solve?

    1. Novex

      It's not just the lightbulbs...

      It's not the internet connection to the lightbulb, it's the connection the lightbulb has to a home automation server. If the lightbulb's connection could be hacked (if the lightbulb is wireless that is) then the internal network can be hacked. Also, it's not just lightbulbs. Any kind of 'internet of things' will most likely eventually get some kind of standard for the connections between them, so any device connected to a network potentially has the chance of becoming a route to hack into a network. PCs and such like have firewalls - it's highly unlikely a lightbulb or other 'innocuous' simple device would ever have a firewall.

      Best bet is for all such devices to have a single encrypted connection to a trusted network as their only comms channel, and not allowing any other connections at all.

    2. Sander van der Wal

      Vendors not making enough money. The government not being able to check how much energy you are wasting.

    3. knarf

      ut what problem does the internet-connected lightbulb solve?

      1. Flash the lights to get your kids up without you getting up

      2. Turn lights on or off while on holiday

      3. Helping old people fall over more in the dark

      4. Scare folk with witch craft

      5. Turn off the light while in work, because kids can't do this themselves seemingly!

      6. Just cos you can

      7. Use Morse code to communicate with someone

      I'm sure there are loads more.....

    4. Anonymous Coward
      Anonymous Coward

      " what problem does the internet-connected lightbulb solve?"

      None. It's part of the wishy washy "smart home" cobblers, which is very long on ideas for making things work together, very short on real benefits (and which the planned roll out of smart meters is intimately linked with). As is usual the Climate Changeistas see a huge opportunity to manage your life better to suit their purposes, so things like remote control of your fridge to turn it off during the ad-breaks in Corrie, but then (because they can) why not have remote monitoring to tell you that a lightbulb will fail, or to turn it off because the household processor thinks the room is unoccupied, or quite bright enough already?

    5. John Gamble

      None if you live in a well-lit city, but in more remote areas the ability to have the home lights on before you get home is a plus.

      The internet-lightbulb is something of a straw dog anyway. The question is rather "what devices would it make sense to remotely control", and while the fanboi-types will certainly go overboard, in my case the ability to remotely monitor the temperature (and choose to turn on the air-conditioning) would be a plus for example. Or to turn on the outdoor lights.

      1. Anonymous Coward
        Anonymous Coward

        "The question is rather "what devices would it make sense to remotely control", and while the fanboi-types will certainly go overboard..."

        But there's existing capabilities to have remote control and automation of home electrical gear, for those who want it. I can't think of any time in the past twenty years when I've thought "Good Lord! I need to turn off the bathroom light, but I'm at work, if only somebody would invent the smartphone and full home automation to make that possible!"

        I do want the heating on when I get home (or SWMBO), but we have found an elegant solution, called a timer, that I recommend to all. And, it works perfectly alongside another recent breakthrough, the thermostat. And unless you're floodlighting a stadium, then a simple photocell controlled outside light would surely suffice?

    6. Brian Miller

      Lightbulbs, irons, toasters, ...

      Remember this one from the BBC? Russia: Hidden chips 'launch spam attacks from irons' Now you know!

      The problem that it solves is a lack of spam. Even though a botnet can be used for good (Researcher sets up illegal 420,000 node botnet for IPv4 internet map), it's usually something malicious.

      Now, there is already home automation that can remotely control lights. I have some. It's convenient for some things, like not having to go back to a room to turn off a light. Will everything have WiFi? Try this: if you have a phone or tablet with WiFi, take a look at all of the available connections in your surrounding area. Right now, near me, I count 11 networks. Some places I count over 20. Now, how can the light bulb be configured to connect to your network? Plus, you've secured your WiFi network. So now what, Wiley E. Coyote?

      Sure, you can get a new IP light bulb, put the MAC address into your router filter, flick it on and off in a sequence to activate something, and then configure it. Since it would be a PITA to do this, I can only imagine that the LED bulbs would get something like this.

      Or you could imagine what you'd do with suddenly 20 Raspberry Pis in your house.

      The light bulbs aren't enough! I need these on sockets, too! And they all need controller pins and ports! YES! Imagine: IP wallpaper!!! Solar paint containing microchips with self-organizing connections!

      Huh? What? No, there's no problem with grey goo. None at all...

    7. LaeMing

      Re: What problem does the internet-connected lightbulb solve?

      The problem of people still being able to turn on their own lights after it is discovered they violated some EULA.

    8. Anonymous Coward
      Anonymous Coward

      It solves the future profitability of the lightbulb manufacturers. The old incandescent bulbs burnt out regularly, then the long life bulbs came lasting 10 times longer and now the LED lights which probably last for the lifetime of the building. If manufacturers could remotely control their products they could make the lights behave erratically, so people would change them and suddenly the lights are working again. The same could be done with all internet connected things.

  3. Sureo

    Terrorists find hacking power plant too difficult, settle for turning the lights off....

    1. VinceH

      "Terrorists find hacking power plant too difficult, settle for turning the lights off...."

      Electricity supplier finds they aren't making enough profit, turns people's lights on...

  4. Anonymous Custard Silver badge
    Thumb Down

    At the same time, he warned, it was entirely feasible that miscreants could hack into your home illumination system to check usage. This could easily tip them off to when you’re likely to be home, or even whether you’re on holiday – and thus choose the optimum time to break in.

    Or they could just look in the window and see when there's movement or activity, or just see when the car's on the drive and then test by knocking on the door? Would seem a damn sight easier (and with the advantage to the toerag that they're already then at your property too), or is that just too old-fashioned?

    Plus somehow I think even in these modern times the intersection of people with both hacker and burglary skills (and the desire to use them) is probably rather small?

    1. Tim Parker

      "Or they could just look in the window and see when there's movement or activity, or just see when the car's on the drive and then test by knocking on the door? Would seem a damn sight easier (and with the advantage to the toerag that they're already then at your property too), or is that just too old-fashioned?"

      Doing it over the network potentially allows you to automatically scan thousands of addresses, or more, then analyse it at your leisure.

      "Plus somehow I think even in these modern times the intersection of people with both hacker and burglary skills (and the desire to use them) is probably rather small?"

      True - but the same person doesn't have to do both, e.g. a really simple setup would be J.Random Hacker scans the domestic networks, analyses the result, parcels up the most promising candidates by area and flogs them to the local under-world representatives - exclusive rights for those who pay a premium.

  5. Nigel 11

    One controller per household?

    Regardless of whether it's cheaper this way, there should be one and usually only one internet-connected master controller of thingies per household. The thingies should speak a restricted low-badnwidth protocol down a severely bandwidth-limited pipe. The mains wiring is the obvious conduit ... but give them a 100kbps channel not a 100Mbps channel!

    Cars are already moving this way, with the lights and other peripheral devices bus-connected.

    There's still botnet potential, but probably less so than the already extant hordes of broadband routers provide. And there would be just one thing to turn off when it malfunctioned, upon which the lights and other devices ought to revert to "dumb" behaviour.

  6. Anonymous Coward
    Anonymous Coward

    Why would I go all the way to Home Depot to buy a light bulb?

    They do sell them on the Continent too.

  7. Anonymous Coward

    In the future, progress is measured....

    In being able to buy a lightbulb for $1 and needing a $1000 home security audit because you turned on the lights?

    I think we're headed for Idiocracy.

    1. ecofeco Silver badge
      Paris Hilton

      Re: In the future, progress is measured....


      Look around.

  8. Anonymous Coward
    Anonymous Coward

    S.A.D. (but true)

    Make the light come on 15 minutes before the alarm goes off and you wake up feeling much better. But there are much simpler ways to do this than with internet connected lightbulbs.

  9. Vladimir Plouzhnikov

    Lightware as a service

    People will still have to pay for electricity but will also have to separately subscribe for photons delivery.

  10. M7S

    About 30 years ago on BBC1....

    I remember being shown central locking for houses, in the same way as with cars so you could go out, turn the key in the lock of the front door and be confident you'd not left any back doors or windows insecure (it was locks only, not closing of the apertures). Whether or not you got a "bip-bip" to confirm that all was well I do not recall but it would seem sensible, as would not unlocking all doors around the perimeter in a reverse of the operation.

    Seemed a good idea but I've not seen it since in the mainstream, however it seem the sort of thing that would go with home automation, but it begs the question "would anyone really have this if it was vulnerable in any way to outside interference?" I'd willingly put it (wired only) on my house for nipping into the garden but for longer absences I'd still have a mechanical deadlock on every door and window, just as I do now, which makes me wonder if much of this automation is worth the bother in the first place.....

  11. Anonymous Coward
    Anonymous Coward


    "More seriously, they could interrogate the bulbs in their home to check their condition and predict failures."

    You're out in the pub, for example, and suddenly you think, "I really MUST check on the condition of my light bulbs at home."

    All I can think is, WTF? That is a "serious" thing to do?

    1. Nigel 11

      Re: What?

      I think "lightbulb" is the modern incarnation of "toaster".

      A more sensibly net-connected gadget is your fridge. It could be registered with the National Grid as a device that can be commanded "off" at a moment of critically high demand. A fridge will stay cold enough for at least half an hour without power. You'd get the electricity the fridge uses at a discount. At a future date it might also be able to deliver an inventory of its contents to your phone while you are in Tesco.

      Or your central heating system, which you would command on with your mobile phone maybe half an hour before you arrive home, so home is warmed up. More efficient than having a timer set for your usual home time, that you forget to cancel on the evenings when you'll be home late.

      But if light bulbs could predict their likely failure within the next fortnight, that could be useful. A sane implementation would be to alert your house-controller, which you'd have programmed to mail you or text you alerts if you are that way inclined, or just to quietly add a new lightbulb to next week's shopping-reminder list. (Just like printer alerts at work, if you think about it).

      1. Anonymous Coward
        Anonymous Coward

        Re: What?

        There are an increasing number of central heating controllers appearing now that allow on/off and temperature control via smartphone, while doubling as room thermostats. Most are easy to fit replacements for existing thermostats, and at least one allows for the main unit/display to be detached from its wall cradle and moved about; useful for a multi room house served by a combi boiler with only a single thermostat so the temperature is determined for the room in use.

        The just-about-released Netatmo version will also take into account changes in outdoor temperature from your Netatmo weather station if you have one, the one nearest to you if you don't. I can see the utility of this if you're away in winter and the temperature drops below freezing. As you say, you can obviously turn the heating on before getting home without it automatically coming on if you keep irregular hours.

        I'm pretty cynical about of lot of IoT stuff that's announced, and can easily see that basic thought-through security will get forgotten in the usual slavering gold rush, just as it has been with many medical implants and voting machines. But the thermostat among others seems like a genuinely useful idea as well as being a fun toy. But current prices are pretty silly; the heating controls are marketed as energy and therefore money saving, yet at 200 quid a pop they seem too steep for me for what they deliver. I can see the energy saving aspect, but since I currently don't time the heating to come on before I get home, it would actually use more - though not freezing for two hours till it warms up has a distinct appeal, I'm not sure its worth it util prices look a bit more sane/

      2. druck Silver badge

        Re: What?

        Nigel 11 wrote:

        A more sensibly net-connected gadget is your fridge. It could be registered with the National Grid as a device that can be commanded "off" at a moment of critically high demand. A fridge will stay cold enough for at least half an hour without power.

        You can already do that without any Internet of things or registering with the national grid. The device just watches the mains frequency and temporarily turns off when the frequency drops a fraction of a Hz under nominal, which is what happens when there is a demand spike. See this graph.

  12. Mystic Megabyte

    "check their condition and predict failures."

    Dave, that light bulb is going to fail in 48 hours.

    1. LaeMing

      Re: "check their condition and predict failures."

      "Open the Garage door, HAL!"

      "I'm sorry, Dave, I cannot do that."

  13. John Smith 19 Gold badge

    May be too late

    Micro controllers in circuit breaker modules.

    WTF thought that was a good idea.

  14. Azzy

    This is not as farfetched as you might think.

    I've got a Linortek Fargo, which I use to control the lights in my room, and kick off the microwave to start a cup of tea so it's ready when I get home.

    The fargo doesn't use some remote located cloud that I don't control... but on several occasions , I've had to shut down the fargo for some reason or another... and then i'm standing in pitch darkness. That's the dark side to these connected houses - literally. Now, I could have wired it up smarter to have lights on when the unit was off, but I didn't think of that at the time (and it's kinda hard to fix now, due to questionable design decisions on my part).

    That's my point though - it's a new thing you have to think about, how will software or hardware failures in the control systems effect everyday living.

    1. Anonymous Coward
      Anonymous Coward

      Not IoT, but back in the early days of consumer electronic engine management systems in the mid 80's, a salesman from a local Audi showroom stopped at my house in the arse end of nowhere and asked to use the phone. His top of the line Quattro EMS had shut down for no obvious reason just at our layby and he needed a mechanic. Not a major drama, but he was seriously embarrassed; you want to hope that by the time we get to driverless cars, they think hard enough about the implications to include a decent 'plan B' mode in the event of malice induced failure.

  15. ecofeco Silver badge

    Somebody gets it

    And a CEO of a very large company at that.

    I do NOT want everything in my world effing connected!

  16. Pascal Monett Silver badge

    "an army of 8 billion"

    With the computing power of .. a gnat ?

    Come on, could someone please tell me what service this can render ME ? Oh, right, randomly turning lights on and off when I'm on holiday.


    I find a security contract is a much better deterrent, and it's not expensive anymore. Get those detectors, put that sign up, and watch as the crooks decide they rather try a house without an alarm system.

    So, what's the use of those connected lightbulbs again ? Predicting failure ? When the light doesn't come on, it has failed. I have spares. I go get one, put it in, light is on. Then I write down getting a replacement in my next shopping run. Where's the difficulty in that ? Is it really THAT important to be forewarned that tomorrow I'm going to have to do that, rather than just flipping the switch, getting no light, and doing it anyway ?

    Could the nannies of this world please leave us the fuck alone ? I've outgrown the need for diapers, thank you.

  17. Anonymous Coward
    Anonymous Coward


    With the latest work on internet via light (aka Li-fi), it would be feasible to include this functionality by design.

    So that "intelligent" bulb with a £2 adaptor plugged where the webcam used to be on most laptops as a standard module would give you wi-fi free broadband anywhere in the house.

    Also, using narrow beam infrared between bulbs would be interesting.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021