Recently I was given two LED desk lamps to improve lighting for video meetings, these are just lamps with three controls, on/off, temperature, and brightness. In the misguided vein of “make it an IOT device with an app to monetize human data” mentality the temperature and brightness control aren’t just knobs on the lamp, no, they are controlled by a proprietary app that you are forced (well… unless you hack it (as I explain below)) to download to your phone or computer. You also have to agree to the terms of service to install and use the application. After installing the app you must “activate” the lamp in the app by connecting it to your WiFi and the Internet.
Full Lamp Stack
This is no longer just a lamp… it is a full computer and WiFi access point. Secondarily it requires a proprietary app to be installed on a phone or computer that cannot be audited for security. Ownership is the ultimate measurement of privacy, security, and freedom; if you don’t own the device fully, you are owned by the developer (and manufacturer) of the device. The only way to own my lamp was to pwn my lamp.
Read the rest of the article here: