A misfortunate implementation of the security token in the Hue intelligent lighting system from Phillips could allow an attacker to control the lights in your home and turn them on or off as they wish. According to a paper by security researcher Nitesh Dhanjani, the problem arises from the fact that mobile devices or PCs used to control the lighting system are authorized with a token (a unique identifier) derived from the device’s MAC address.