A light bulb in a man's 'smart home' DoSed his house
March 4, 2015 8:44 PM   Subscribe

The creator of one of Germany's first 'smart homes' ran into a minor issue - a light bulb which needed changing was calling attention to the fact by essentially DoSing the house. This wasn't just a trial run, either, as homeowner Raul Rojas has lived in the house for the past five years.
posted by averysmallcat (42 comments total) 11 users marked this as a favorite
 
Award Rojas got for his soccer playing robots, resting on a painting done by a robot

...is the best photo caption I have ever seen.
posted by figurant at 8:52 PM on March 4, 2015 [4 favorites]


Light bulbs are so hot right now!
posted by argonauta at 8:54 PM on March 4, 2015


A light bulb in a man's 'smart home' DoSed his house

Easily among my all-time favorite headlines
posted by clockzero at 8:58 PM on March 4, 2015


This is why we can't have nice things. I'm serious. Nice things - we can't have them. Internet of things is one of the worst ideas I've ever heard.
posted by bleep at 9:21 PM on March 4, 2015 [13 favorites]


clockzero: Easily among my all-time favorite headlines

Even more delightful is the author's note that she initially wrote that it was a DDoS, not a DoS, because we must be very specific and accurate about the flavour of havok that the magical internet lights are wreaking.
posted by averysmallcat at 9:25 PM on March 4, 2015


Why the hell was a freaking light bulb designed to constantly stream packets in the first place?? Surely no component (other than, say, emergency-level stuff like fire or carbon monoxide detectors) should ever be sending out more than a singe polite ping every minute or so. Giving any household object the ability to cause an inadvertent DoS seems like incredibly negligent design.

I try to embrace new things and not be a fuddy-duddy. But a lot of this Smart Home stuff seems to be far more about razzle-dazzle fancy newness than offering anything truly useful or paradigm-shifty.
posted by Greg_Ace at 9:28 PM on March 4, 2015 [6 favorites]


Because they did not design this around a simple collection protocol with a central monitoring service. Welcome to "open source" being coopted by Capitalist decentralized failures. There are reasons for the old RFP structures.
posted by daq at 9:39 PM on March 4, 2015 [2 favorites]


Honestly, I think this kind of stuff is way more of a growing pain than an indictment of the whole concept. This is not the first system to re-discover the value of rate limiters and similar defensive programming concepts, nor will it be the last.

I think that over a 10-15 year time horizon we will see applications written to target a diverse set of interconnected devices become as common as mobile or web apps are today. Whether you want to call this "internet of things" or "smart car" or "smart home" or whatever doesn't really matter, but the price and size of reasonably powerful computers keeps falling and eventually we will arrive at a situation where the cost to add a full-blown today's-PC-class system-on-a-chip to any given product becomes trivial and suddenly they'll be everywhere and everything will want to talk to everything else. This is an extremely complicated problem so expect lots more growing pains, but I think it's inevitable at this point. There are just too many reasons for this to happen and every so often the case becomes more compelling with an unexpected new announcement, such as SpaceX low-latency satellite internet which opens up a whole new avenue of possibilities given the ability to have pervasive connectivity anywhere the satellites fly.
posted by feloniousmonk at 9:44 PM on March 4, 2015 [2 favorites]


How to keep your smart home safe. That's a lot of potential vulnerabilities..
posted by gemmy at 10:14 PM on March 4, 2015 [1 favorite]


Well, that Catan setup is ridiculous. So something was gained!
posted by DeepSeaHaggis at 10:46 PM on March 4, 2015 [1 favorite]


"Smart" is going the way of "value" as a debased word. Seriously, I have to remind every app on my so called smart TV that it can watch programs in HD, every time I watch one. The only thing it does that I would call smart is frame interpolation, and I turned that off out of the box. /rant
posted by iotic at 11:49 PM on March 4, 2015 [2 favorites]


It's always the error paths in code that receive the least testing, mainly because they're the hardest to test, especially when they involve interactions with the physical world. The IoT is a perfect storm of under-tested code in consumer devices all interacting with each other & the real world.
posted by pharm at 12:04 AM on March 5, 2015 [2 favorites]


I want no part of this Internet of things until manufacturers carry a much higher level of liability for shit like this. No one tests enough unless they're made to and probably not even then.
posted by PMdixon at 12:10 AM on March 5, 2015 [2 favorites]


Rojas changed the bulb, which fixed the problem.

Classic error. Now whenever the bulb fails it's always going to DOS the house. You have to ignore the DOSing and distract the bulb's attention away by suggesting something fun to do. Then once it's calmed down you have a quiet talk about feelings.
posted by EndsOfInvention at 1:27 AM on March 5, 2015 [16 favorites]


PMdixon: "I want no part of this Internet of things"
FTFY.

I work in IT. It has mainly made me very weary with computers.
posted by brokkr at 1:40 AM on March 5, 2015 [3 favorites]


What's funny is that a light bulb is literally the disposable good that least needs the ability to request replacement via magical internet technology. "Hmm... according to these server logs, bulb 2b needs replacing. Well, that explains why I'm sitting here in the fucking dark."
posted by No-sword at 1:52 AM on March 5, 2015 [51 favorites]


Even more delightful is the author's note that she initially wrote that it was a DDoS, not a DoS, because we must be very specific and accurate about the flavour of havok that the magical internet lights are wreaking.

Well, it's nice to clarify that the magical internet lights aren't colluding.

Yet.
posted by GenericUser at 2:11 AM on March 5, 2015 [3 favorites]


Someday we'll have to pay extra for "network safe!" ordinary light bulbs that "gently alert you they need to be replaced by lowering the illumination level of your home without interfering with networked products."
posted by Pater Aletheias at 2:11 AM on March 5, 2015 [6 favorites]


As far as I can see, the system worked as intended. The bulb needs changing, you get in there and change that fucking bulb.
posted by Literaryhero at 2:39 AM on March 5, 2015 [3 favorites]


Also:

Light bulbs are so hot right now!

Hello Mugatu!
posted by Literaryhero at 2:41 AM on March 5, 2015 [1 favorite]


I'm quite a fan of some "internet of things", er, things. I have one of those smart thermostats, which I like very much.

That said, it definitely seems to me like we're at a stage where we are still working out that cramming networking and "smart" technology into everything isn't necessarily the best idea.

I like the way my lights work. The switches are based on a mechanical-electrical principle as old as the earliest days of electricity usage. They are so simple and sturdy that the ones in my house have survived decades without maintenance and will presumably continue to survive through many more years of being bashed about, painted over and sanded off, prodded at by children with sticky fingers, etc.

If I want to turn the lights on, I don't have to worry that I left my phone in the other room and my laptop is turned off. I don't have to worry that my WiFi has crapped out. Someone can come into my house for the first time and use the lights without knowing a password or having to download a phone app. They will never become obsolete, need upgrading or, barring serious misadventure or home remodelling, replacing at all.

I'm just not convinced that trading all that in for being able to automatically dim the lights when I'm watching a film or whatever is worth it.
posted by Dext at 2:52 AM on March 5, 2015 [6 favorites]


Just wait till IoT things start serving ads.

"Your garage door will open in 25 seconds"
posted by sidereal at 3:01 AM on March 5, 2015 [11 favorites]


Then once it's calmed down you have a quiet talk about feelings.

Just don't teach it phenomenology, even if the Commander says you should.
posted by Segundus at 3:02 AM on March 5, 2015 [3 favorites]


You think you got problems now? Wati till the thermostats attain consciousness.
posted by Segundus at 3:04 AM on March 5, 2015 [1 favorite]


Remote-controlled lights are good for people with significant physical disabilities, like people with muscle-wasting diseases who can just about operate a tablet attached to their chair but probably not a switch up the wall.
posted by alasdair at 3:34 AM on March 5, 2015 [1 favorite]


I need my IoT things to have an external, ugly little box attached that enables them to be connected, but which I can yank off angrily at 3am when they stop working but I need to fucking sleep and I will call the goddman technician tomorrow, goddammit.

Like the smoke detectors that beep when the batteries run down. This always, always happens at 3am. Do you have batteries? No. Can you get them? No. It's 3am. You rip them off the ceiling with a lot of cursing and get the batteries the next day.

I want to be able to make my things stop yelling at me when necessary, or else I will have to become a hermit in a tent.
posted by emjaybee at 4:31 AM on March 5, 2015 [4 favorites]


Remote-controlled lights are good for people with significant physical disabilities, like people with muscle-wasting diseases who can just about operate a tablet attached to their chair but probably not a switch up the wall.

I thought the wifi-enabled colour-changing bulbs were a bit silly until I realised that with a Nest smoke/CO alarm and IFTTT, you can make your lights go red and/or flash if the smoke/CO alarm goes off. Brilliant if you have hearing problems.
posted by EndsOfInvention at 4:44 AM on March 5, 2015 [1 favorite]


And here I sit with my stupid thermostat and my stupid bulbs like a chump.
posted by tommasz at 4:44 AM on March 5, 2015 [2 favorites]


Fire Alarms with dying batteries have routinely Denial of Sleeped people for decades. This is new tech but not a new problem.
posted by srboisvert at 4:47 AM on March 5, 2015 [5 favorites]


I haven't researched IoT much, but I've worked on software projects both large and small, and I expect IoT will shake out into two main types:

Professional/Industrial - designed by embedded-system developers and engineers, with gobs of error trapping and sensible failover cascades baked in, and extensive test procedures. Trucking companies would benefit from real-time metrics on their fleet of rigs; engine performance, tire pressure, brake degradation early warnings, that sort of thing. You can sell this to the bean counters, who can sell it to the shareholders as a net profit.

Amateur/Consumer - designed by wage slaves in China with a pirated copy of Visual Studio .NET and no code review/formalized testing, who have to produce something NOW or they won't eat. You'll see these on the shelves at WAL*MART.

Problems will occur when one of the trucking company bean counters convinces the non-tech-savvy shareholders that, "We can get this shit off the shelves at WAL*MART for one tenth the price, and also knock some of those truculent embedded systems developers off the payroll, do you know how much we pay those dweebs? It's a competitive market, people!"
posted by sidereal at 4:49 AM on March 5, 2015 [1 favorite]


Calling it a DoS makes it sound more interesting than just saying his programming was buggy.
posted by Obscure Reference at 5:28 AM on March 5, 2015


Why the hell was a freaking light bulb designed to constantly stream packets in the first place??

somethingsomethingGeeks and EngineerssomethingsomethingBlinded by sciencesomethingsomethingForest for the treessomethingsomething
posted by Thorzdad at 5:37 AM on March 5, 2015 [1 favorite]


that one thing in your hand that operates all the other things

To me, that's a single point of failure.
posted by gimonca at 5:47 AM on March 5, 2015


Obligatory: Trust me (I'm a light bulb)
posted by leotrotsky at 6:08 AM on March 5, 2015


I realised that with a Nest smoke/CO alarm and IFTTT, you can make your lights go red and/or flash if the smoke/CO alarm goes off.

omg how did I not realize I could make my apartment go to Red Alert
posted by indubitable at 6:37 AM on March 5, 2015 [5 favorites]


“Of course, the bulb receptacle is not supposed to do this, but it happened,” said Rojas. “The technology for intelligent houses is still difficult to use and is the domain of geeks like me. It would have been horrible for a normal person. They would have torn down the wiring in the house trying to figure out what was wrong.”
Reading that, I don't think light bulb receptacle was designed to do this, but that there was some flaw in its manufacturing/coding. I'm not sure which would be worse, misguided design, or not being able to pull off "don't spam me with lightbulb notices all day" in the manufacturing/coding process.
posted by circleofconfusion at 8:46 AM on March 5, 2015


This article is weird in that it's framed almost like the DoS attack was the method for the bulb to signal failure. Hogwash. The bulb has a way to politely signal failure, then someone had a bug and it ended up flooding the network. It's a very common bug and not very interesting. Except that I guess it's novel that it calls attention to the fact that smart devices have bugs too.
posted by Nelson at 8:49 AM on March 5, 2015


Obligatory PKD reference:

"The door refused to open. It said, 'Five cents, please.'

"He searched his pockets. No more coins; nothing. 'I'll pay you tomorrow,' he told the door. Again it remained locked tight. 'What I pay you,' he informed it, 'is in the nature of a gratuity; I don't have to pay you.'

"'I think otherwise,' the door said. 'Look in the purchase contract you signed when you bought this conapt.'

"...he found the contract. Sure enough; payment to his door for opening and shutting constituted a mandatory fee. Not a tip.

"'You discover I'm right,' the door said. It sounded smug."

posted by Insert Clever Name Here at 8:51 AM on March 5, 2015 [2 favorites]


Well, that Catan setup is ridiculous. So something was gained!

It looks neat, but how do you keep your resource cards secret?

"I can tell you have wood for sheep. I can see it from over here."
posted by Dr-Baa at 8:52 AM on March 5, 2015


The bulb needs changing, you get in there and change that fucking bulb.
This reminds me that one of the earliest mainframe troubleshooting techniques was to turn off the room lights to see which tube wasn't lit, then replace that bulb.
Somehow this seems full-circle to me.
posted by MtDewd at 9:12 AM on March 5, 2015 [1 favorite]


How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb? How many engineers does it take to change an IoT lightbulb?
posted by Devonian at 6:00 PM on March 5, 2015 [8 favorites]


Multiply that by 2.3333333333, and you've got a real Answer!
posted by Greg_Ace at 7:08 PM on March 5, 2015


« Older Trading up   |   Etsy files for an IPO. Newer »


This thread has been archived and is closed to new comments