Philips Says: No Internet Of Things For You!

December 15, 2015 by Elliot Williams 159 Comments

The 900-pound gorilla in the corner of the Internet of Things (IoT) hype that everyone is trying to ignore is interoperability. In the Internet of Internets (IoI) everything works on a few standards that are widely accepted: IP and HTML. The discrepancies are in the details and the standards wars are in the past. Websites are largely interoperable. Not so in the wild-west ethos of the IoT.

Philips makes a line of ZigBee-enabled RGB lightbulbs that took the enthusiast community by storm. And initially, Philips was very friendly to other devices — it makes a ZigBee-to-WiFi bridge that would let you control all of your ZigBee-based lights, regardless of their manufacturer, from your phone. Until now.

Philips has just rolled out a “Friends of Hue” certification process, and has since pushed out a firmware update where their Hue bridges stop interoperating with non-certified devices. You can read Philips’ version of the story here.

Philips Locks Out 3rd Party ZigBee Hardware

The hub shown on the right is what's being locked down. — The hub shown on the right is what’s being locked down.

The short version is that, ZigBee standards be damned, your future non-Philips lights won’t be allowed to associate with the Philips bridge. Your GE and Osram bulbs aren’t Friends of Hue. DIY RGB strips in your lighting mix? Not Friends of Hue. In fact, you won’t be surprised to know who the “Friends of Hue” are: other Philips products, and Apple. That’s it. If you were used to running a mixed lighting system, those days are over. If you’re not on the friends list, you are an Enemy of Hue.

Their claim is that third party products may display buggy behavior on a Philips network, and that this loads up their customer-response hotlines and makes people think that Philips is responsible. Of course, they could simply tell people to disable the “other” devices and see how it works, putting the blame where it belongs. Or they could open up a “developer mode” that made it clear that the user was doing something “innovative”. But neither of these strategies prevent consumers from buying other firms’ bulbs, which cost only 30-50% of Philips’ Hue line.

While Philips is very careful to not couch it as such, the Friends of Hue program really looks like an attempt to shut out their competitors; Philips got an early lead in the RGB LED game and has a large share of the market. As they say themselves in their own press release “Today these 3rd party bulbs represent a minimal fraction of the total product connected to our bridges so the percentage of our users affected is minimal.” And they’d like to keep it that way, even though the people they’re hurting are probably their most vocal and dedicated customers.

Who owns the IoT?

This Techdirt response to the situation is positively apoplectic, and there’s been the predictable flood of tirades in the comments on Slashdot. [Joel Ward], who in January was celebrating the ability to afford enough colored lights to appease his son is not so happy anymore.

And while we, with our manual light switches, laugh comfortably at the first-world problems of Hue consumers, we have to ask ourselves whether we’re next. Today they come for our RGB lightbulbs, but tomorrow it might be our networked toasters. A chilling thought!

Snark aside, the IoT brings two of the saddest realities of the software world into your home appliances: Where there’s code, there’s vulnerabilities, and when you can’t control the code yourself you aren’t really in control. You may own the lightbulb, but you’re merely licensing the firmware that runs it. The manufacturer can change the rules of the game, or go out of the product line entirely, and you’re high and dry. What can you do? Pull out your JTAG debugger.

Of course it’s insane to suggest that everyone needs to become an embedded-device firmware hacker just to keep their fridge running. As we’ve written before, we need to come up with some solution that puts a little more control in the hands of the ostensible owners of the devices, while at the same time keeping the baddies out. We suggest a press-to-revert-firmware button, for instance. When Philips pushes a non-consumer-friendly upgrade, you could vote with your fingertips — but then you’d miss out on bug fixes as well. Maybe it’s better to just give in an learn to love Windows 10.

There are no easy solutions and no perfect software. The industry is still young and we’ll see a lot of companies staking out their turf as with any new technology. It seems to us that IoT devices leave consumers with even less choice and control than in the past, because they are driven by firmware that’s supposed to be invisible. It’s just a lightbulb, right?

What do you think? Any ideas about how to put the power back in the hands of the “owner” of the device without everyone’s refrigerators becoming botnet zombies? Let us know in the comments.

Thanks [djxfade] for the tip!

Edit: Shortly after we ran this piece, Philips backed down:

“We underestimated the impact this would have upon the small number of our customers who currently use uncertified lights from other brands in the Philips Hue system. We have decided to continue to enable our customers who wish to integrate these uncertified products within their Philips Hue system.”

Cory Doctorow Rails Against The Effect Of DRM And The DMCA

August 8, 2015 by Mike Szczys 30 Comments

If you weren’t at [Cory Doctorow’s] DEF CON talk on Friday you missed out. Fighting Back in the War on General Purpose Computing was inspiring, informed, and incomparable. At the very lowest level his point was that it isn’t the devices gathering data about us that is the big problem, it’s the legislation that makes it illegal for us to make them secure. The good news is that all of the DEF CON talks are recorded and published freely. While you wait for that to happen, read on for a recap and to learn how you can help the EFF fix this mess.

Continue reading “Cory Doctorow Rails Against The Effect Of DRM And The DMCA” →

Hackaday Links: May 10, 2015

May 10, 2015 by Brian Benchoff 9 Comments

Here’s a cool crowdfunding campaign that somehow escaped the Hackaday Tip Line. It’s a remote control SpaceShipOne and White Knight. SpaceShipOne is a ducted fan that has the high-drag feathering mechanism, while White Knight is a glider. Very cool, and something we haven’t really seen in the scratchbuilding world.

[Sink] has a Makerbot Digitizer – the Makerbot 3D scanner – and a lot of time on his hands. He printed something, scanned it, printed that scan… you get the picture. It’s a project called Transcription Error.

Keurig has admitted they were wrong to force DRM on consumers for their pod coffee cups.

The Apple ][, The Commodore 64, and the Spectrum. The three kings. Apple will never license their name for retro computer hardware, and there will never be another computer sold under the Commodore label. The Spectrum, though… The Sinclair ZX Spectrum Vega is a direct-to-TV console in the vein of [Jeri Ellisworth]’s C64 joystick doohickey.

Infinity mirrors are simple enough to make; they’re just one mirror, some LEDs, and another piece of glass. How about a 3D infinity mirror? They look really, really cool.

Here’s the six-day notice for some cool events: Hamvention in Dayton, OH. [Greg Charvat] will be there, and [Robert] is offering cold drinks to anyone who mentions Hackaday. If anyone feels like scavenging for me, here’s a thread I created on the Vintage Computer Forum. Bay Area Maker Faire is next weekend. Most of the rest of the Hackaday crew will be there because we have a meetup on Saturday night

Beating DRM To Extend The Life Of An Anti-Aging Therapy Light Mask

March 16, 2015 by Anool Mahidharia 89 Comments

It’s becoming more common to see DRM cropping up in an increasing number of hardware products nowadays. Quite often, its used to prevent the use of unauthorized consumables and some may argue that it helps prevent counterfeiting and help shore up revenues. But it’s a totally different matter when DRM is used to severely limit the operational life of a product. When [travis] wrote in about the run time limitation on an “Illumimask” light therapy device, we first had to look up what that device was. Apparently, these are anti-acne or anti-aging light therapy masks that use red and blue LEDs to kill skin bacteria, stimulate skin cells and reduce blemishes. While these claims most likely may not hold water, the device itself is cheap enough not to hurt you at $30 a pop.

The trouble is, it is limited to 30 daily uses of 15 minutes each, totaling just 7 1/2 hours, effectively lasting you a month. At the end of which, you just discard the device and get a new one. That seems like a ridiculous waste of a perfectly fine, functional device whose LED’s can last at least 30,000 to 40,000 hours. [travis]’s wife [Bebefuzz] was obviously pissed at this situation. So she did a simple hack to bypass the microcontroller that imposed the goofy restrictions. In [travis]’s own words “Not a crazy-technical hack…. but a very functional one to bypass a manufacturer’s ‘WTF'”. It involved soldering a slide switch across the circuit terminals that the micro-controller uses to monitor the LED current (likely). Unfortunately, this also breaks the 15 minute timer measurement, so she now has to manually switch off the device at the end of the 15 minute therapy cycle.

To check out more DRM hacks, check out these we covered earlier, from Coffee Makers to 3D printer filaments to Cat Litter boxes and even furniture.

Cracking Litter Box DRM

January 19, 2015 by Brian Benchoff 120 Comments

DRM on a specific brand of cat litter box has been cracked. In other news, DRM on cat litter boxes exists.

[Jorge] moved into a new apartment with a feline companion and wanted one of those fancy, auto-cleaning litter boxes. Apparently only one such device exists, the CatGenie. This ‘Rolls Royce of cat litter boxes’ uses little pieces of plastic granules as ‘functional medium’ that are scooped up, cleaned, and returned to use. These granules are washed with a cartridge full of fresh-smelling cleaning solution that comes in a container with an RFID tag. Yep, DRM’ed cat boxes. Welcome to the future.

After cruising around the Internet, [Jorge] found a CatGenie community that has released open source firmware for a litter box and something called a CartridgeGenius, a drop-in replacement for the cartridge tag reader in the litter box. It simulates both the RFID tag and its reader, allowing any robotic litter box owner to select between 120 cycle cartridges, 60 cycle cartridges, a maintenance cartridge, and set the fill level of those cartridges.

Previously, [Jorge] was spending about $350 a year on the solution to clean these plastic granules, so in a few months this CartridgeGenius has already paid for itself.

DRM Protection Removed For… Coffee?

December 16, 2014 by Bryan Cockfield 73 Comments

Keurig, the manufacturer of a single-serve coffee brewing system, has a very wide following amongst coffee drinkers. Their K-cup (pre-packaged coffee grounds with a coffee filter, all in a plastic container) is an interesting concept and makes brewing a single cup of coffee much more efficient over making a whole pot. Their newer line of coffee makers, the Keurig 2.0, has some interesting (and annoying) security features though, which [Kate Gray] has found an interesting and simple way around.

The DRM security in these coffee makers is intended to keep third-party “cups” from being used in the Keurig. It can recognize an authentic Keurig cup, and can stop the operation of the coffee pot if a knockoff is placed in the machine. We can only assume that this is because Keurig makes a heap of cash by selling its canisters of coffee. One simple solution was already covered a few days ago by taping an authentic lid to the machine. This one doesn’t require any authentic pods but just removes one wire from a wiring harness inside of the case.

There are other ways around the security on these devices, but when [Kate Gray] actually investigated, she found the security decidedly lacking. With something this simple, one can only speculate how much Keurig has really invested in making sure users don’t use third-party cups of coffee in their machines, but it also brings up the classic question of who really owns hardware if we can’t use it in the way we want, rather than the way the manufacturer wants.

You can read more about the project on its Reddit page. Thanks to [MyOwnDemon] for the tip!

Dead Simple Hack Allows For “Rebel” Keurig K-Cups

December 10, 2014 by Rick Osgood 141 Comments

If you haven’t actually used a Keurig coffee machine, then you’ve probably at least seen one. They are supposed to make brewing coffee simple. You just take one of the Keurig “k-cups” and place it into the machine. The machine will punch a hole in the foil top and run the water through the k-cup. Your flavored beverage of choice comes out the other side. It’s a simple idea, run by a more complex machine. A machine that is complicated enough to have a security vulnerability.

Unfortunately newer versions of these machines have a sort of DRM, or lockout chip. In order to prevent unofficial k-cups from being manufactured and sold, the Keurig machines have a way to detect which cups are legitimate and which are counterfeit. It appears as though the machine identifies the lid specifically as being genuine.

It turns out this “lockout” technology is very simple to defeat. All one needs to do is cut the lid off of a legitimate Keurig k-cup and place it on top of your counterfeit cup. The system will read the real lid and allow you to brew to your heart’s content. A more convenient solution involves cutting off just the small portion of the lid that contains the Keurig logo. This then gets taped directly to the Keurig machine itself. This way you can still easily replace the cups without having to fuss with the extra lid every time.

It’s a simple hack, but it’s interesting to see that even coffee machines are being sold with limiting technology these days. This is the kind of stuff we would have joked about five or ten years ago. Yet here we are, with a coffee machine security vulnerability. Check out the video demonstration below. Continue reading “Dead Simple Hack Allows For “Rebel” Keurig K-Cups” →