Which is the bigger WTF?



  • Encryption was being used, but after physically pulling apart lightbulbs to determine the key algorithm, they found they could reverse-engineer the encryption.

    The researchers said in their findings, published online, that they could "capture the Wi-Fi details and decrypt the credentials, all without any prior authentication or alerting of our presence"

    . . .

    Depending on which version of software a user's light bulb has, the update can take as long as **two hours**, Fairfax has found. . . . "In an ideal scenario, the expected update time for a single bulb can take between **45 minutes to an hour**. As more bulbs are added or radio signal drops, this expected time will increase." . . . "The next public firmware release will be distributed via Wi-Fi and will take approximately **one to two minutes** per bulb."


  • Wat



  • Whew. I just checked, and no one is actually on my lawn right now.



  • I can't imagine any scenario in which it's desirable to put the "smartness" in the light bulb itself instead of in the thing supplying power to the light bulb.



  • It makes sense in that the bulb is easier to replace. We replace them all the time, though maybe with LEDs that will slow down. I think it's a much easier sell to do it in the bulb rather than replace lamps or especially recessed lighting. Assuming the cost and reliability are reasonable, of course.



  • I'd imagine it's easier to fit "smart" bulbs into existing "dumb" wiring than to also upgrade your wiring.

    I'm not sure why "smart" light bulbs are a thing though.



  • @loopback0 said:

    I'm not sure why "smart" light bulbs are a thing though.

    It seems like kind of a fun thing, if only as a "because I can" sort of idea. But probably not very useful.



  • You don't need to upgrade your wiring, just your light switch. Which is easily accessible at chest level with any screwdriver.

    ... then again, working on that also requires first turning off the breaker, so I suppose there is a barrier to installation there.



  • And a barrier to midgets without stepladders...



  • @loopback0 said:

    I'm not sure why "smart" light bulbs are a thing though.

    For home use, I'd say it's for iHoles with more money than sense. I could kind of see something like this for professional stage lighting except there are plenty of existing standards that do a lot more than these ever could.

    Just looks like rich kid toys to me.



  • @loopback0 said:

    I'm not sure why "smart" light bulbs are a thing though.

    If you're one of those 300 kilo nerds who don't get out of the bed with their tablets and laptops... maaaaybe.

    I don't know, though. It... might be kinda cool to have the lights dim themselves when you start watching a movie? Or something? I wouldn't shell out money for it, but...



  • @Maciejasjmj said:

    I don't know, though. It... might be kinda cool to have the lights dim themselves when you start watching a movie? Or something?

    You could buy one in 1986... **clapclap**



  • @dcon said:

    You could buy one in 1986... clapclap

    Heh. We were playing some Xbox Live with a friend who'd just moved to another state. He kept getting disconnected like crazy and the entire time we were taunting him for having awful Internet at his new location. Finally he told us it wasn't the Internet, it was his power. He didn't have any kind of plug strips at the time except for one that had a Clapper built in, and his TV, console, and sound system were all plugged into it. Every time a loud grenade explosion happened in the game, it would trigger the Clapper and turn everything off.



  • ...and he couldn't be arsed to drive to the local [any store at all] and buy one?

    Hell, even grocery stores seem to carry them these days.



  • @powerlord said:

    ...and he couldn't be arsed to drive to the local [any store at all] and buy one?

    But that would involve longer breaks from Call of Duty (I think it was 4 at the time) than the couple minutes to power up and sign in again!



  • @mott555 said:

    Watt

    FTFY



  • Fair point. It's still easier to change the bulb.

    I agree there are better places to put the smartness but when you're selling fancy light bulbs to people, being able to say it's as easy to install as changing a light bulb is probably a handy selling point.


  • area_deu

    You could tell people that your forum is 10-year-future-proof but that still won't make it a good forum.



  • Yeah, I've looked into it, and it's just easier to import a reliable Asian housewife these days than build a reliable smarthouse with the devices built in Asia. For one, the statistical chance of the housewife burning the place down with the kids inside and running away with the poolboy is at least one standard deviation lower.



  • By itself, a smart light bulb is definitely not worth the hassle.

    However, if you had a full "smart house", that you could control from a single interface and where different appliances worked together, I don't see any reason not to automate everything. After all, electronic circuits are cheap.

    However, in order to achieve this, you'd need:

    1. An easy, practical and cheap way to connect "dumb" devices with no screen or keyboard to the local network.
    2. A standard and secure protocol to control those devices from a central computer (that would handle authentication and encryption).
    3. A good human interface to control all that, with scripting capabilities, accessible from both the local network and the internet (if you want).

    But as far as I can tell, none of these things seem to be common today. So until some company like Google or Apple decides to "revolutionize the world" again by being the first ones to release (and publicize) a product that's not pure shit, we're stuck with custom Android apps running custom protocols broadcasting data encrypted with base64.



  • Agreed but these bulbs aren't aimed at that sort of solution, just the sort of people who want to go "Hey, I can turn off my lights with my phone" and only use it when they show it off to other people IMO.



  • X10 used to market something like that, but it actually used powerlines to transmit signals, so it was very limited in the number of devices you could have plugged-in at once.

    Of course X-10 didn't sell smart lightbulbs, they sold smart switches. Because that makes more sense.



  • @blakeyrat said:

    X10 used to market something like that, but it actually used powerlines to transmit signals, so it was very limited in the number of devices you could have plugged-in at once.

    My father in law had his whole house rigged up this way. It was crazy. There were remotes with buttons all over the place, and he had tons of stuff on timers. I could never figure out how to operate the lights.

    The one silver lining of the worst lightbulbs ever, CFLs, was that they didn't provide enough resistance for the system to work properly with something or other, so it's mostly gone from his house now.



  • My grandfather did the same with his house, and his company building which was about 500 ft away.



  • OK, so I actually checked how this thing works and why it needs so long to update the firmware

    The bulb is equipped with Wi-Fi microcontroller that uses master/slave concept. The master light bulb connects to the router via 802.11a/802.11g/802.11n and then to all the other LIFX bulbs in the house via a low power IPv6 802.15.4 mesh network.

    So there is indeed a wireless protocol intended for cheap devices, and this thing uses it. But it also has wifi, which kind of defeats the point of being low-cost ($100 per lightbulb, seriously?). And it apparently has a maximum data rate of 250 Kbps, which kind of sucks if you need to update a firmware that's hundreds of MB in size.



  • The Master Light Bulb sounds like a villain in The Tick.



  • We've stayed at my inlaws house before, and I've woken up before the rest of the house and sat in the dark because I couldn't figure out how to turn on a light.

    His TV situation is pretty insane, too. Thought it's gotten better. He has DishNetwork and used to have 2 or 3 tuners. They all sat upstairs, and he had wireless stuff set up to connect the tuners with the various TVs. You had to tune to a specific channel for different tuners.

    And then you had to figure out which DishNetwork remote to use. They were all RF. Madness.



  • Jesus. Back when I watched TV, I was too lazy to even turn on my surround receiver 90% of the time and that only took 2 remotes.

    What a waste of money. Bought it. Watched Aliens and Apocolypse Now with my friends on it. Then spend the next 3 years listening to the 15 watt or whatever speakers on my LCD.



  • @anonymous234 said:

    a firmware that's hundreds of MB in size.

    We're still talking about light bulbs right? They emit light, and maybe change colour? What are they putting in that firmware, full HD video?



  • Sheesh, that's enough to run a theatrical lighting controller with multiple 512-channel DMX universes.



  • I was talking hypothetically, for slightly more complex things like washing machines or whatever. For the light bulb, it seems to be between 30 and 50MB (from the fact that it takes 45min).

    Don't forget though, the easiest "quick and dirty" way to smartify anything is to embed a linux distro and write your programs there, so firmwares in the order of 1GB shouldn't be too surprising.



  • @hungrier said:

    We're still talking about light bulbs right? They emit light, and maybe change colour? What are they putting in that firmware, full HD video?

    Perhaps the light itself is a tiny screen and it simply loops over a video to provide illumination?



  • @anonymous234 said:

    Don't forget though, the easiest "quick and dirty" way to smartify anything is to embed a linux distro and write your programs there, so firmwares in the order of 1GB shouldn't be too surprising.

    Why, why do people insist on doing this? Not only does it create a massive attack surface (the entirety of an embedded Linux distro instead of just your code + a few small libraries), it jacks up the per-unit (BoM and manufacturing) costs of your device because now you need a full-on ARM SoC with either external or PoP DRAM and presumably a NAND Flash for firmware as well (unless you use a very large NOR Flash), all for functions that could be performed by a much cheaper garden-variety Cortex-M at the expense of some NRE costs.



  • Does the firmware upgrade enable microwave charging?



  • @anonymous234 said:

    I was talking hypothetically, for slightly more complex things like washing machines or whatever. For the light bulb, it seems to be between 30 and 50MB (from the fact that it takes 45min).

    Don't forget though, the easiest "quick and dirty" way to smartify anything is to embed a linux distro and write your programs there, so firmwares in the order of 1GB shouldn't be too surprising.

    That still seems insanely wasteful to me. The latest snapshot of Cyanogenmod on Nexus 5 is 245 MB, and that's got drivers for a bunch of sensors, radios, screen, etc, along with the entire Android OS and any Cyanogenmod enhancements. There's no way that any "smart device" has anywhere near that level of complexity.



  • @anonymous234 said:

    a linux distro

    A fucking high-schooler could code an AtMega and some Ethernet IC to steer the fucking lightbulb. And also write a full HTTP webserver while he's at it.



  • You seem to forget this is an indie startup, they probably don't know what any of those technologies are.

    LIFX began life as a Kickstarter project and today the bulbs sell for US$89, with the choice of Bayonet, Edison Screw or Downlight connectors. The first bulb connects to your wi-fi network, with subsequent bulbs connecting to the master bulb via their own mesh network. You can give each bulb a name – such Lounge Room, Bedroom and Study – to make them easier to manage. If you switch off the master bulb at the wall you temporarily lose control of the system until another bulb takes on the master role.


  • @Matches said:

    If you switch off the master bulb at the wall you temporarily lose control of the system until another bulb takes on the master role.

    What.

    Seriously, the thing is connected to mains for at least several hours a day - couldn't they, I don't know, put a battery in that would last those couple of miliseconds it takes to transmit a "I'm off, Bedroom is the new master" message? Hell, even a capacitor and a brownout detection circuit would probably do.

    Not to mention the fact that they're charging fucking $89 for what should be a couple of RGB LEDs, a $5 microcontroller, and a $5 WiFi module.



  • I'm just a bit bitter because I chose embedded systems as a university path and ended up hating everything about it.



  • They're actually charging $129.



  • For that kind of money, you can get a decent Insteon setup going, and start controlling more than just light bulbs.

    With the right know and parts, you can setup a (relatively) cheap voice-responsive home automation system.



  • Or... not?

    Hey, Discourse, post my picture you asshole.



  • Something nobody has asked yet: how do you connect the first lightbulb to the WiFi network?

    Don't worry, already found the answer for you:

    - Download the LiFx App onto your mobile device - Install and turn on the LiFx master smart-bulb (contains the WiFi bridge) - Change your mobile device WiFi settings to connect to the ad-hoc wireless network called “LiFx” - Start the LiFx App on your mobile device and wait for it to connect to the master smart-bulb - Enter your WiFi network SSID and password and press the [Configure] button - The master smart-bulb will then connect to your WiFi network - Close the LiFx App on your mobile device - Change your mobile device WiFi settings to connect to your WiFi network - Restart the LiFx app on your mobile device - Install and turn on any slave smart-bulbs - The slave smart-bulbs will discover the master smart-bulb - Your LiFx smart-bulbs are now ready for action !

    Whew. So, follow-up question, how do "slave" and "master" lightbulbs authenticate each other? I'm assuming they don't, the device is built on the assumption that no two close neighbors will ever try to use it at the same time (which is probably true given its price and usefulness).

    Conclusions of the study:

    • WiFi sucks for anything involving direct connection between two clients
    • Authenticating devices with no direct input or output into a network is hard


  • I have a lot of confidence in a business that uses the same free WordPress template I had on my blog for many years.

    @anonymous234 said:

    WiFi sucks for anything involving direct connection between two clients
    Authenticating devices with no direct input or output into a network is hard

    Additional conclusion: if you don't have an iPad or iPhone, FUCK YOU!



  • @blakeyrat said:

    You don't need to upgrade your wiring, just your light switch. Which is easily accessible at chest level with any screwdriver.

    ... then again, working on that also requires first turning off the breaker, so I suppose there is a barrier to installation there.

    Too complicated.

    There are motion sensors you can just screw into the existing fixture.

    No reason anyone can't make a much smaller fixture that adds smartness to the bulbs.



  • @boomzilla said:

    Does the firmware upgrade enable microwave discharging?

    FTFY.



  • @anonymous234 said:

    Authenticating devices with no direct input or output into a network is hard

    Christ, just put a QR code or something on them and scan it before screwing it in. Then when you connect to The Master Lightbulb, you send it a list of bulbs you have.



  • @blakeyrat said:

    Additional conclusion: if you don't have an iPad or iPhone, FUCK YOU!

    It seems like the nature of the product has already defined itself as appealing to the same silly market.


  • Fake News

    @anonymous234 said:

    until some company like Google or Apple decides to "revolutionize the
    world" again by being the first ones to release (and publicize) a product that's not pure shit
    Neither Google nor Apple has made security and privacy top priority for any of their products and services. You expect me to trust a "smart home" run by either of them? You're Jerry fucking Seinfeld!



  • @anonymous234 said:

    , I don't see any reason not to automate everything.

    Yeah, right:

    and

Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.