Yes, even Smart bulbs are smart enough to steal data!
Security researchers have adamant that even smart bulbs are suitable for secret data extrusion from personal devices. It can leak multimedia preferences by recording their luminance patterns from afar.
Light bulbs as light sources have now turned into an attack surface. All it requires is a support for multimedia visualizations and infrared capabilities.
The attacker does not need to attack the internal network of the victim to extract the information. They only need a direct connection between the target device and the lights, and line-of-sight with bulbs during the exfiltration process.
Smart bulbs deducing victim’s music and video tastes
Anindya Maiti and Murtuza Jadliwala from the University of Texas at San Antonio studied how LIFX and Philips Hue bulbs receive their commands for playing visualizations into a room and developed a model to interpret brightness and color modulations occurring when listening to music or watching a video.
During audio-visualization, the brightness level reflects the source sound, while in the case of video visualizations, the modifications reflect the dominant color and brightness level in the current video frame. The associated mobile app controls the oscillations by sending specially formatted packets to the light bulbs.
The model created by the two researchers requires the adversary to create a database of light patterns, like a dictionary for songs and videos, they can use as a reference for the profile captured from the target.
Data extrusion from personal devices
Information from a personal device can be easily extracted under certain conditions. But the simple observation of the light pattern is not sufficient in this case.
Light bulbs should not require authorization for controlling them over the local network and it needs to support infrared lighting. Moreover, the attacker needs to plant malware that encodes private data from the target device and sends it to the smart light bulbs.
The researchers used two observation points to capture the data: indoor and outdoor. As per the predictions, indoor observation recorded the most accurate results and longer exposure yielded a better outcome.
From a sample set of 100, “51 songs were correctly predicted in the top rank, while genres of 82 songs were correct in the same prediction,” the researchers reveal about audio inference results.
Data extrusion was possible through transmission techniques like such as amplitude and wavelength shift keying, using both the visible and the infrared spectrum of the smart bulbs (LIFX) were used.
To test the infrared data exfiltration method, the researcher chose to encode a picture at the source and decode it at different distances up to 50 meters. At 5m, the extracted pic is highly intelligible and it degrades visibly as the data capture occurs at greater distances. However, even at 50m, one can discern the information.
The work of the two researchers is experimental, but it shows that using infrared light to steal meaningful information is possible from relatively large distances.
Defending against these attack methods is just a matter of making the light less visible to the outside. A curtain can do the trick. Choosing a window glass that has a low transmittance is also an adequate defense.
For additional technical details, you can check the original paper titled “Light Ears: Information Leakage via Smart Lights,” available here.