Reply to post:

Osram's Lightify smart bulbs blow a security fuse – isn't anything code audited anymore?

JamesMcP

The Osram rep is lying when they say that flaws in zigbee protocols are "unfortunately not in Osram's area of influence."

Aside from the fact that zigbee can be heavily modified by Osram, way back in 2007 the DoE published a paper descibing how to secure a Zigbee network from replay attacks.

(links below)

They could have used the secure zigbee settings but just like their wifi management, they screwed it up.

(link

http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/Securing_ZigBee_Wireless_Networks.pdf)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019