TBH a a network with intrusion detection or firewalls doesn't really go in the same room as a smart bulb. You don't build a secure network and then say "hey, I should put some fun into it" :).
Nonsense. As smart light bulbs get even cheaper and more likely, the chances of them being used to achieve useful ends, like automatically dimming up and down as daylight requires, turning off when not needed at light-level instead of room-level, et cetera, rises. Once they're cheaper than alternative methods of doing that they _will_ be used, and eventually you _will_ get a smart bulb on an airgapped network.
I'll just repeat myself, maybe the finer points were missed: If you set up a secure network with IDS and firewalls, you control all aspects of that network. Saying that you'll put some IoT smart bulb crap on that network is just like saying you have an airgapped network that's connected to the internet.
It doesn't make sense to build a secure network and then connect insecure crap to it or to allow anyone else to do it.
There's nothing inherently insecure about a smart lightbulb. With studies like this proving the danger inherent even in a 100% perfectly secure bulb, then yes, people likely won't attach them to secure networks. _Without these studies_, they would, because nobody would know of any dangers.
You're thinking too current. There's no reason why an "industry" smartbulb won't exist in the not too distant future, with hardened security and professional use cases. This study is flagging up that even with hardened security there are new attack vectors.
Sure, because I know that the second the "industry" smartbulb is launched and connected to secure networks (someone will definitely provide a good reason to connect a lightbulb to a network with confidential data just like today you connect your phone over WiFi to a secure network to Snapstagram) IDS systems will detect flickering lights on all wavelengths thus preempting any attempt to exfiltrate data that way :). This would make the whole point moot. Hence me staying in the present.
In all seriousness there is absolutely no good reason to ever connect anything to a secure network that's not critical for the functioning of that system. But maybe I'm too current, maybe future networks are managed by... creative people.
See reply above. Did it ever happen to you to come home and find a random fridge in the living room? Then why would you expect that anyone building a secure network would allow anything to be connected to it without any controls?
A smart light bulb usually needs some additional "infrastructure": the bridge that has to be connected somehow. Even if you made the mistake of not physically securing the ports of your secure network, and also don't authenticate any device that connects, and you somehow allow random devices to be connected to a secure [0] network, you'll still be able to catch any device that gets connected. And if your bulb somehow goes straight to WiFi why would you allow random devices on that network?
[0] Did I mention secure enough times? I just have the feeling that this is the crux of the discussion because you consider setting up firewalls and IDS that block any exfiltration as normal but somehow a smartbulb on the network doesn't raise any flags.
