Here at LIFX we are serious about the security of our product and we want to share information about a recent issue with the first released version of our firmware. During our firmware development cycles and with the assistance of a security firm audit, an issue was found, analyzed and addressed.
This issue has been resolved and the firmware updater can be downloaded here.
The updated firmware also includes a number of improvements such as:
- Bulbs are faster and more responsive
- Improved color output
- Security improvements and various bug fixes
- Enabled support for exciting coming features
In rare circumstances the security issue could expose network configuration details on the mesh radio, requiring a person to dismantle a bulb, reverse engineer the debug connection and firmware, then be physically present with dedicated hardware within the bounds of your WiFi network (not from the internet). Eg. Someone hiding in your garden with complex technical equipment.
No LIFX users have been affected that we are aware of, and as always we recommend that all users stay up to date with the latest firmware and app updates.
We are committed to achieving the highest level of security available in this new connected world.
CTO – LIFX