{"id":203055,"date":"2022-05-02T13:14:00","date_gmt":"2022-05-02T10:14:00","guid":{"rendered":"https:\/\/howto.com.de\/?p=203055"},"modified":"2022-05-03T02:41:46","modified_gmt":"2022-05-02T23:41:46","slug":"psa-turvaaugu-parandamiseks-kontrollige-oma-philips-huei-puesivara","status":"publish","type":"post","link":"https:\/\/howto.com.de\/et\/psa-turvaaugu-parandamiseks-kontrollige-oma-philips-huei-puesivara\/","title":{"rendered":"PSA: turvaaugu parandamiseks kontrollige oma Philips Hue&#8217;i p\u00fcsivara"},"content":{"rendered":"\n<p>T\u00e4hista<\/p>\n<p>Meil on teile halvad uudised. Osaliselt t\u00e4nu ZigBee mitu aastat vanale haavatavusele on turbeuurijad n\u00e4idanud v\u00f5imet Philipsi toonis\u00fcsteemi kaudu <a href=\"https:\/\/blog.checkpoint.com\/2020\/02\/05\/the-dark-side-of-smart-lighting-check-point-research-shows-how-business-and-home-networks-can-be-hacked-from-a-lightbulb\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">kahjustada tervet koduv\u00f5rku .<\/a> \u00d5nneks on ka h\u00e4id uudiseid: turvateadlased avalikustasid oma leiud vastutustundlikult Signifyle (Philips Hue'i taga olev ettev\u00f5te) ja seal on plaaster. Peaksite kohe oma Hue'i p\u00fcsivara kontrollima.<\/p>\n<p>2017 aastal <a href=\"https:\/\/eyalro.net\/publication\/rosw17.html\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">avastasid teadlased ZigBee protokollis haavatavuse,<\/a> mis v\u00f5imaldas h\u00e4kkeritel kahjustada \u00fchte nutikat pirni. Masendav on see haavatavus t\u00e4naseni. V\u00f5ib arvata, et \u00fcksainus kahjustatud nutipirn ei valmistaks suurt muret. Kuid n\u00fc\u00fcd on Checkpointi turvateadlased n\u00e4idanud, et halb tegutseja v\u00f5ib \u00fche pirni kaudu kahjustada kogu v\u00f5rku.<\/p>\n<div class=\"sds-iframe-wrapper fitvidsignore\" style=\"position:relative;padding-top:56.25%;max-width:100%;\"><iframe allowfullscreen style=\"position:absolute;top:0;left:0;width:100%;height:100%;\" src=\"\/\/www.youtube.com\/embed\/4CWU0DA__bY\" frameborder=\"0\"><\/iframe><\/div>\n<p>Protsess on \u0161okeerivalt lihtne, nagu on n\u00e4idatud \u00fclaltoodud videos. Esiteks peab h\u00e4kker kahjustama \u00fchte Philips Hue pirni, kasutades ZigBee protokolli olemasolevat viga. See t\u00f5mbab nutipirni v\u00f5rgust v\u00e4lja, kuid see on osa plaanist. Kui nad pirni kontrollivad, implanteerib h\u00e4kker pirnisse pahavara ja muudab selle v\u00e4rvi.<\/p>\n<p>N\u00fc\u00fcd, kui pirn on &quot;vale v\u00e4rvi&quot;, m\u00e4rkab sihtm\u00e4rk seda t\u00f5en\u00e4oliselt ja m\u00f5istab, et ei saa seda tagasi vahetada. Loomulikult teevad nad tavap\u00e4raseid t\u00f5rkeotsingu samme, kustutades pirni rakendusest Hue ja eraldades uuesti. see (targa kodu ekvivalent selle v\u00e4lja- ja uuesti sissel\u00fclitamisele).<\/p>\n<p>Ja see on just see, mida h\u00e4kker loodab; tahtmatu ohver kutsus just pahavara oma v\u00f5rku. Sealt v\u00f5ib h\u00e4kker nakatada teisi pirne, Hue Bridge'i ja v\u00f5ib-olla ka muid v\u00f5rgus olevaid seadmeid. Ebat\u00f5en\u00e4olise stsenaariumi korral, kui ohver \u00fchendab arvuti Hue Bridge'iga, v\u00f5ib h\u00e4kker ka seda ohtu seada.<\/p>\n<p>K\u00f5ik see on kohutav. Kuid \u00f5nneks avaldas Checkpoint oma leiud Signifyle vastutustundlikult ja ettev\u00f5te l\u00f5i selle s\u00fcndmuste jada \u00e4rahoidmiseks plaastri. Kahjuks ei saa Signify ZigBee protokollis muudatusi teha, seega on algne haavatavus endiselt olemas.<\/p>\n<p>Signify m\u00e4rkis plaastri automaatse v\u00e4rskendusena, nii et kui teil on Philips Hue Bridge, ei peaks te midagi tegema. Kuid arvestades haavatavuse t\u00f5sidust, v\u00f5ib olla m\u00f5istlik <a href=\"https:\/\/www.howtogeek.com\/570593\/how-to-update-your-philips-hue-firmware\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">kontrollida oma Hue Bridge'i p\u00fcsivara<\/a>, et veenduda, et see on juba v\u00e4rskenduse v\u00f5tnud. Ja kui seda pole, l\u00fckake p\u00fcsivara k\u00e4sitsi.<\/p>\n<p>Kahjuks kaasneb uute seadmete v\u00f5rku toomise oht alati ka uute haavatavuste ja r\u00fcndemeetoditega. Kuna nutika kodu maailm kasvab j\u00e4tkuvalt, n\u00e4eme selliseid juhtumeid t\u00f5en\u00e4oliselt rohkem, mitte v\u00e4hem. Loodetavasti j\u00e4rgivad teised ettev\u00f5tted Signify eeskuju ja reageerivad avalikustatud haavatavustele kiiresti.<\/p>\n<p><a href=\"https:\/\/9to5mac.com\/2020\/02\/05\/philips-hue-vulnerability\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">9to5Maci<\/a> kaudu<a href=\"https:\/\/9to5mac.com\/2020\/02\/05\/philips-hue-vulnerability\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external\"><\/a><\/p>\n<p><div id=\"PostUnique_PostSource\" style=\"padding-top: 50px\">:  <a target=\"_blank\" rel=\"noopener nofollow\" href=\"\/\/www.reviewgeek.com\" class=\"external external_icon\">www.reviewgeek.com<\/a><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Meil on teile halvad uudised. Osaliselt t\u00e4nu ZigBee mitu aastat vanale haavatavusele on turbeuurijad n\u00e4idanud v\u00f5imet Philipsi toonis\u00fcsteemi kaudu kahjustada tervet koduv\u00f5rku. \u00d5nneks on ka h\u00e4id uudiseid: turvateadlased avalikustasid oma leiud vastutustundlikult Signifyle (Philips Hue&#8217;i taga olev ettev\u00f5te) ja seal on plaaster. Peaksite kohe oma Hue&#8217;i p\u00fcsivara kontrollima.<\/p>\n","protected":false},"author":1,"featured_media":193223,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[521],"tags":[],"class_list":["post-203055","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tark-kodu"],"_links":{"self":[{"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/posts\/203055","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/comments?post=203055"}],"version-history":[{"count":0,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/posts\/203055\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/media\/193223"}],"wp:attachment":[{"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/media?parent=203055"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/categories?post=203055"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/howto.com.de\/et\/wp-json\/wp\/v2\/tags?post=203055"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}