FIGURE 1-16. Wireshark capture of channel 20 traffic
Once the bridge receives an authorized request to change the state of an associated light-
bulb, the ZigBee protocol and the ZLL specification are used to communicate with the bulb,
as captured and shown in Figure 1-15 and Figure 1-16.
We know the bridge uses the ZLL protocol to communicate with the bulbs. The bridge
also uses a shared secret key to maintain an HTTP-based outbound connection with the hue
infrastructure. This connection is used by the bridge to pick up commands that are routed
through the hue website (or the iOS app, if the user is remote). It is possible for a flaw to exist
in the implementation of ZLL or the encryption used by the bridge. However, to exploit the
issue, the attacker would need to be physically close to the victim (to abuse an issue with ZLL)
or be able to intercept and inject packets on the network segment.
Since the probability of this issue is low, it is not deemed to be a critical risk, although the
potential is worth stating.
If This Then That (IFTTT)
If This Then That (IFTTT) is a service that lets users create recipes that follow the simple logic
of “if this then that” instructions. Users can create recipes across multiple cloud services, such
as Gmail, Dropbox, LinkedIn, Twitter, etc. For example, you can use the app to establish
CHAPTER 1: LIGHTS OUT—HACKING WIRELESS LIGHTBULBS TO CAUSE SUSTAINED(^32) BLACKOUTS