Abusing the Internet of Things: Blackouts, Freakouts, and by Nitesh Dhanjani

By Nitesh Dhanjani

This booklet is a marvellous factor: a tremendous intervention within the coverage debate approximately details safety and a realistic textual content for individuals attempting to increase the situation.— Cory Doctorowauthor, co-editor of Boing Boing
A destiny with billions of attached "things" contains huge safety matters. This functional ebook explores how malicious attackers can abuse well known IoT-based units, together with instant LED lightbulbs, digital door locks, child displays, clever TVs, and attached cars.

If you’re a part of a crew growing purposes for Internet-connected units, this advisor can help you discover protection strategies. You’ll not just methods to discover vulnerabilities in current IoT units, but in addition achieve deeper perception into an attacker’s tactics.

• examine the layout, structure, and protection problems with instant lights systems
• know the way to breach digital door locks and their instant mechanisms
• study safety layout flaws in remote-controlled child monitors
• overview the safety layout of a collection of IoT-connected domestic products
• Scrutinize safeguard vulnerabilities in shrewdpermanent TVs
• discover study into defense weaknesses in clever cars
• Delve into prototyping thoughts that deal with protection in preliminary designs
• examine believable assaults eventualities in keeping with how humans will most probably use IoT units

Show description

Read or Download Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts PDF

Best security books

NATO : Its Past, Present and Future

The formation of NATO represented a turning aspect within the heritage of either the U.S. and the opposite Atlantic powers. For the 1st time in peacetime, the USA had engaged in an enduring alliance linking it to Western Europe either in an army and in a political experience. NATO: A historical past tells the total tale of this old alliance, from its shaky beginnings via its triumphs and screw ups to its present new grouping of countries.

HazMat Data: For First Responce, Transportation, Storage, and Security

The HazMat info, second version offers an in depth reference for emergency responders and those that delivery chemical substances. contemplating the occasions of September eleven, the publication is principally orientated towards first responder and emergency administration group of workers. Additions to this new moment variation contain Spanish language synonyms for all entries, and an elevated total variety of synonyms.

Cyber Security and Privacy: Trust in the Digital World and Cyber Security and Privacy EU Forum 2013, Brussels, Belgium, April 2013, Revised Selected Papers

This ebook constitutes the completely refereed, chosen papers on Cyber safety and privateness european discussion board 2013, held in Belgium, in April 2013. The 14 revised complete papers awarded have been conscientiously reviewed and chosen from a variety of submissions. The papers are equipped in topical sections on cloud computing, safeguard and privateness administration, safeguard and privateness expertise, safety and privateness coverage.

Extra resources for Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts

Example text

Brocious’s work is popular in the information security community because it abuses basic security design flaws, so it is a perfect place to begin understanding security issues surrounding electronic door locks. THE ONITY DOOR LOCK The Onity HT door lock is extremely popular. If you’ve stayed at hotels, you’ve likely encountered it and implicitly relied upon its mechanisms for your safety and privacy. As shown in Figure 2-1, the Onity lock consists of a magnetic key card reader. Hotel guests are issued magnetic key cards, which open the locks when swiped through the readers.

Of course, it is not possible to easily ascertain exactly what doors the newly created spare card might open, which makes this attack a little difficult to execute. VENDOR RESPONSE On July 24, 2012, Brocious revealed his research and his paper to the world, providing anyone armed with a cheap Arduino board with all the information needed to break into millions of hotel rooms. This also alerted the public to the risk they were taking when staying in hotel rooms protected by the Onity lock. Onity was put under scrutiny by the public and hotel owners, who looked to it to provide a solution to the problem.

When spare cards are created in a batch (to be used with programming cards), each subsequent card has an incremental ident value. 40 CHAPTER 2: ELECTRONIC LOCK PICKING—ABUSING DOOR LOCKS TO COMPROMISE PHYSICAL SECURITY When a guest inserts a card into the lock, the data on the card is decrypted using the sitecode. Next, the expiration date is checked to see if it is still valid. Finally, the keycode value is checked and the lock opens if it is within the look-ahead range. THE PROGRAMMING PORT A programming port, accessible using a DC adapter, is located at the bottom right of the lock.

Download PDF sample

Rated 4.47 of 5 – based on 28 votes