IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Savvy threat actors can recover conversations using lightbulbs

Lightbulb eavesdropping doesn’t even require a smart bulb

Researchers at the Ben-Gurion University of the Negev and the Weizmann Institute of Science have successfully demonstrated it’s possible to track and recover conversations by closely observing lightbulbs. This new eavesdropping technique, which a research group dubbed Lamphone, records slight frequency variations in a lightbulb to recover speech, conversations and songs played within a particular room.

During the experiments, researchers found by using a remote electro-optical sensor to analyze a lightbulb's frequency response to sound, they could recover speech and music. The recovered speech was then accurately transcribed by Google's Speech to Text API while Shazam was able to recognize the singing clips. 

The team recovered sounds from 82 feet away using equipment such as a bigger telescope or 24/32 bit analog-to-digital convertor. Researchers say this range can be extended even further.

While analyzing the side effects of sound waves on nearby objects is concerning, researchers claim “they are limited in one of the following ways: they (1) cannot be applied in real time (e.g., Visual Microphone), (2) are not external, requiring the attacker to compromise a device with malware (e.g., Gyrophone), or (3) are not passive, requiring the attacker to direct a laser beam at an object (e.g., laser microphone).”

This isn’t the first time lightbulbs have encroached on users’ privacy. In February, a vulnerability in Philips smart lightbulbs allowed threat actors to access targeted Wi-Fi networks. Tracked as CVE-2020-6007, the vulnerability enabled malicious actors to infiltrate a home or office's computer network over the air to spread ransomware or spyware. A similar vulnerability impacted LIFX smart bulbs in the same month.

There are ways to protect your smart lightbulbs from malicious threat actors, according to Cyware. Cyware recommends using decorative lampshades and curtains to protect lightbulbs. The site also suggests using low-transmittance window glass to prevent intruders from seeing inside of rooms of a home or office.

For smart bulb users, it’s important to keep lightbulbs up to date too. To keep such lightbulbs secure, users should ensure that the bulbs have been patched with the latest security updates released by the lightbulb’s manufacturer.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Twilio account breach result of sophisticated social engineering campaign
Security

Twilio account breach result of sophisticated social engineering campaign

9 Aug 2022
Over 200,000 DrayTek routers vulnerable to total device takeover
Security

Over 200,000 DrayTek routers vulnerable to total device takeover

3 Aug 2022
Data on 69 million Neopets users stolen and listed for sale on hacker forum
Security

Data on 69 million Neopets users stolen and listed for sale on hacker forum

21 Jul 2022
HackerOne employee fired for using position to steal bug bounties
Security

HackerOne employee fired for using position to steal bug bounties

4 Jul 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022