Philips' smart lights left in the dark by dumb security

Karl Itschen

Not such a big deal

It's really not such a big deal.

- It's really easy to fix. They could MD5 any other value from the iPhone instead of the MAC. Or even a random value. Expect it in the next app update.

- Commercial applications (hospitals, offices) will not use the consumer Hue bridge, but a commercial grade gateway, which will have a different API/access control. The only critical part is the ZigBee over-the-air security.

- The attacker must first have access to the LAN which requires to exploit a vulnerability in the host PC. Makes the whole thing much less probable.

Wanna put your toaster and fridge online? Over to you, Ofcom

Karl Itschen

ZigBee IP has all that and more

With ZigBee IP, we already have a IPv6 compatible, worldwide available, wireless machine-to-machine communication protocol with all the benefits of SIG's specs (low power, long battery life etc) but also some more: open specs, big alliance of industry partners behind etc. Just that: ZigBee IP is not just a spec, theres also at least 5 silicon fabs (Texas Instrument and Silicon Labs come to mind) which ship eval boards today.

I'd say, you're about 3 years late with that tech, guys.

Dutch script kiddie pwns 20,000 Twitter profiles

Karl Itschen
Thumb Down

Still better than LinkedIn

LinkedIn is even (shocking!) directly asking for your mail password to access your contacts (and so propose connections).

At least Twitter has a decent OAuth authorization scheme (though that still doesn't help, as the article shows).

What happens when Facebook follows MySpace?

Karl Itschen

Use PDF/A - that's its purpose

Long-time (>5 years) archiving is not a new problem in the digital world. In my opinion, currently the most promising solution is the PDF/A standard (A stands for archive). That's PDF as we know it with some restrictions to make it more suitable for archiving.

Being an ISO standard and used by many libraries to back-up their documents, it will certainly be possible to find a reader in 20 years...

Btw, as any PDF, it also maintains the layout and presentation as requested by Matt (now we only need to lobby for an "Export to PDF/A" function in FB - dreaming on...)

Japanese firm exhibits droid construction worker

Karl Itschen

That gear is not working (is the robot?)

On that robot's web site the PR people have chosen a beautiful image of gear. But as it is drawn, it can't turn... LOL

Hopefuly their engineers are better than the PR people...

