this post was submitted on 31 Mar 2025
1584 points (99.3% liked)
People Twitter
6692 readers
620 users here now
People tweeting stuff. We allow tweets from anyone.
RULES:
- Mark NSFW content.
- No doxxing people.
- Must be a pic of the tweet or similar. No direct links to the tweet.
- No bullying or international politcs
- Be excellent to each other.
- Provide an archived link to the tweet (or similar) being shown if it's a major figure or a politician.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How’s the security on those light bulbs is a weird but valid question
Depends on what aspect you're referring to. I'm sure the online accounts are following standards, and the hue bridge can be used locally or via the cloud account. Local LAN generally doesn't have any restrictions on usage, anyone on your net with the app can control stuff from my experience. Maybe that's changed.
The bridge goes out to the Internet, it works without port forwards, so no exposure to the Internet there.
The last point I would think about with security is local bridge-to-bulb security which.... Probably isn't great. But someone needs to be within range with a specific skillset to take advantage of that.
I work in tech and maybe know one guy who might be able to pull that off?
Not sure, it's ZigBee, and I don't think they have encryption turned on at all.
Quick Google search shows that ZigBee is encrypted. So it may not be that insecure.
Yep, I see that too. Looks like it's baked into the protocol.
Zwave will let you disable encryption or run without it. But it's definitely still an option for zwave.
Both use AES 128, so there shouldn't be any significant difference in security between them.