Security Analysis of the LIFX Smart Light Bulb

The security is terrible:

In a very short limited amount of time, three vulnerabilities have been discovered:

• Wifi credentials of the user have been recovered (stored in plaintext into the flash memory).
• No security settings. The device is completely open (no secure boot, no debug interface disabled, no flash encryption).
• Root certificate and RSA private key have been extracted.

Boing Boing post.