 Thank you everyone for coming. This is our penultimate talk of the day. This is Dennis. He's going to be doing a talk on, you know, privacy leaks by dumpster diving, more or less, correct? Yeah, so if you ever get, you know, cool technology at eBay or the Goodwill Store or in the dumpster, maybe there's some stuff that got left over even after like a factory reset. So he's gonna get into all that today. I think it's gonna be pretty cool. Can everyone in the back hear me okay? If I talked like this, would you really hear me okay? Okay, so you have to talk as loud as that. Because he's gonna start talking and he's gonna be like, can you hear me? It's pretty good talk, right guys? See, negative thumbs. So you gotta get real close. All right, I try. Can you hear me in the back? Yes, maybe. Should I speak louder? Louder? Loud enough? What about now? Yeah, okay, great. All right, so I'll welcome to my talk about privacy leaks in smart devices. The introduction was mostly correct in terms of like dumpster diving. What I do more is like a shop on Amazon warehouse deals or like eBay. And the main idea of the talk is about to speak about the extraction of data of used smart home devices. So the outline for this talk is the following. I start with the motivation. Then I will speak about how data is stored or what kind of data is stored on IoT devices. Then how is it stored and what kind of reset states you can imagine if you get like a used device. What kind of data is maybe there or won't be there. In the next topic I would talk about the data extraction methods. So how you get the data off the device and later on I will have some example devices where I will tell you how I got the data off and how I found for example like the previous owner of that. So some information about me. I'm a PhD student at Mofiessen University and I'm working there with Professor Gewerner Bier. So we're doing mostly wireless security, but I'm kind of into this IoT stuff. I'm also right now a grad student at the TU Darmstadt in Germany and working there with Mathias Holtig and my main interest is like reverse engineering of any kind of interesting devices can be nearly everything, but at the moment it's more like IoT and smart locks, but I do also physical locks, which is kind of like the same thing and So you find me also in the tool of lock picking village. Some side notes about my talk. It's not a Xiaomi bashing talk. So maybe some of you know me from last year where I was giving a lot of talks about Xiaomi. The problem is I have only I have a lot of these devices. So basically I need to talk about them. Most of the methods I present are already known and used for other things. There are some ethical and legal questions in this presentation. So I had to censor most of the data and like mark it up a little bit. If you use any of the methods, for example, if you want to do like BGA on soldering and you break it, then it's kind of a new I am not responsible for that and a lot of technical aspects. I Totally simplified. So basically NAND flash is way more complex, but I did it for the sake of the talk to simplify And there's particular things which are out of the scope of the stock. For example, how to interpret NAND data or reassemble it or for example, how to do device specific routing. I mean, there's a lot of manuals out there So I won't cover that So let's start with the motivation of the stock Traditionally We had like nearly forever like the problem that there's a lot of second hand devices which still contain data This issue literally existed forever since the hard drive exists But it was increased as soon as people started to buy or sell Hard drives in eBay and most of this hard drives on eBay They still contain data like some personal information Emails pictures or any other media sometimes even sensitive documents if the government sold hard drives And the awareness for this kind of topic was raised like in the beginning of the 2000s there was for example like a paper where the researchers analyzed like what kind of data is still there and What you have to do to basically get rid of all the data Interestingly this not only affected like computers, but it also affected like multi-function printers or lab instruments And the NIST kind of recognized that in 2006 and they published a standard how to kind of wipe your devices to get rid of the data And some of the solution was for example, like you need to wipe your device and actually verify it or you sell devices without hard drive and Destroy the hard drive like in the one picture, which is like the example there. You just shred it But we were still like a big problem and the problem was that The lack of knowledge and awareness of the user. So for example, most of people didn't know how to securely reset drives They format their USB stick and I thought like okay, everything's fine some people didn't care they said like yeah, I have nothing to hide and There's one particular problem if you have a broken device for example broken laptop most people don't know how to remove the hard drive and to format it For a long time, I thought this problem was actually kind of solved But this year we have been like a study where someone bought like one hundred fifty nine hard drives from ebay and sixty six for them Still contain data. So it's like still apparently like an issue The whole problem become a little bit more interesting with smartphones because smartphones also contain a lot of data Sometimes even more than your personal computer pictures all kind of pictures messages account credentials call list and One thing which people didn't know for a long time is that the phones are not encrypted by default at least not up to 2014-2015 so very long time the phones were not encrypted and it just was this was only introduced with iOS 8 for example by Apple in 2014 or if Android 6 in 2015 there have been some researchers who didn't analyze on like how the devices do the Factory reset and they figured out that most devices actually don't do it correctly But still there's a lot of data and this was kind of addressed again by this in 2014 They figured out okay smartphones is a big risk. So we should address that in this new standard So now the next topic comes with IOT IOT in contrast to smartphones and PCs has has like a big difference and there's literally no Small or like no user interface Available so as a user you cannot really access Directly the data which is on the device like you go in the file browser or something look at that So you don't know what kind of data is also collected by this device So you literally don't know anything about your device if you do a better factory reset Then you cannot really verify that this device is really empty The other thing is you kind of don't know what kind of implementation of the factory reset was done by the vendor So and this depends from vendor to vendor from device to device and sometimes even from one version to another So you could have a version which does it correctly and then the next version they do something completely different So the main motivation for the stock is when I was writing my master thesis at Zemo and was analyzing a lot of security The security of a lot of IOT devices I had to do like a lot of root access matters and had to factory set them regularly and I figured out every time I do a factory set with this device all the data is still there or there's still data left So I was kind of figuring out like hey, maybe I should look into that Another important thing is not only we as kind of hackers are interested in the data But other people are also interested in the data and this is like an example from Germany where the police Forget out like hmm smart devices that might be interesting to look at like for forensic to solve crimes So more and more people come now on the idea to actually do forensics analysis of IOT devices So this kind of talk is about like if you get to use device or if the cops bust your door and actually take your device So what kind of data you can expect there? All right Let's talk about the data on IOT devices In general the data that you find on a device is basically dependent on the device type There's different device types which contain more or less data However, there's one important thing which is like the same for all IOT devices And this is basically we need to have bifurc credentials without bifurc credentials It's not IOT because it's cannot connect connect to the internet The other thing what you most of the time have is like some kind of drought credentials because the device need to Authenticate itself against the cloud to like upload data to download data, whatever As a rule of thumb what I found is the more performance functions or storage a device has The more data is on it or will be collected. So this is like a thing if you have a very powerful device You can expect to definitely collect something So let's start with the first kind of group of devices and those are the vacuum clean robots Which most of the time additional to critical credentials contain connection lock files maps cleaning locks user IDs And you see like an example for like Like a map like they're on the screen I did analysis over a lot of vacuum cleaners I have a lot of vacuum cleaners to see like a small collection there, but I have even more so I had a lot of fun with them Another second group is smart home gateways. This can be anything which controls any functions in your home They also connect contain connection lock files sensor actuators binding bindings So for example, if you have like any sensors in your home, they know obviously what kind of sensors you have Sometimes they correct also data in terms of like if sensors are triggered like temperature sensors You have like lock files about temperatures in your home Depending on the device you might have also key material on it or like user ID again The next group cameras Here again depending on what kind of camera you have it might contain cash snapshots of video clips Recorded video event logs for example, if you have this nice double cameras and they detect if someone is in front of it Then most of the time this device is sometimes or sometimes this device is locked that It might contain again user IDs and for it for cameras in particular They might have a cloud storage credentials because we need to upload like video files to some kind of space and sometimes you can use the storage credentials to Download data again, so it's like depends on the device Another thing which is not directly smart home, but which is also important are routers You can buy a lot of routers out of eBay by the way, so People update them on a regular base But what they forgot is forget actually is to erase them and interesting information for example is there a DCP leases So you see the MAC address to IP binding. You see timestamps. You see that the lock files You can potentially track down like when this person is home or not home because if you go home Your smartphone is logging into your Wi-Fi. So this kind of stuff is still stored in your device Firewall configurations as if you have any interesting service behind Like your firewall media files. There's like very powerful like media routers Which contain also like media files and all kind of other lock files connections DNS Some people activate actually DNS logging on the router and sell it later Which is maybe not the best idea because you see all the DNS requests and especially parents are a little paranoid and said like Children like you know parent parenting filters and other things other stuff and also other credentials So some people put whatever in the router Never interesting example media players This is a kind of critical thing for me So they contain again Connection locks sometimes or most of the time media libraries playlist caches Some people are using this kind of devices also for in their home to browse on the TV So basically we have Firefox or some other browser installed We have their emails installed and so on and they contain also Credentials like for Google Play Store or for network shares that people are using them to net for network shares There's one unfortunate thing which I had to change in my presentation And it's basically for ethical reasons. I need to skip this device because this devices contains some Interesting information or interesting pictures. Let's say it's a Very interesting taste I heard from someone else that this is not that uncommon that someone Bought a PlayStation 3 and it contained also like a lot of adult movies and whatever Another thing which I added also our toys Most of the people don't know that toys can also record a lot of data for example after nice drone And this devices can also like record audio and video data And if you crash it, we have no way to reset it and most of the time like this device You cannot reset it anyway in the first place. So yeah Right This is like a little bit more technical now the storage of IT devices But this is like a little bit. This is actually important to understand why you kind of screwed up in particular situations If you talk about storage on IoT devices, you have more or less two kind of flash types Which you use you use the raw flash and to block devices for raw flash to the typical things Which most of you probably know or see in IoT devices is SPI flash Which can come in two flavors net and nor for this presentation We just stick to an end and the parallel Nand flash parent and flashes in the green box model space also like different flavors of that The other group are the block devices which are emmc emcp, which is like a new smartphone or SD cards and depending What kind of storage type you have chosen it affects more less the The selection of file systems, which you can use for your IT device and this becomes more less later This becomes important later for the forensic analysis Let's start first with the with the raw nand flash If you have SPI flash for example most of the time it's like smaller than 64 megabyte and you see it like in small packages like Let's see like in this kind of like eight pin package if you have bigger sized Nand flash when it's most of the time like parallel nand flash as a raw nand and This can vary from 128 megabyte to 4 gigabyte and it can come in all kind of different like packages like BGA or TSOP over there The reason why vendors are liking the loft is kind of flashes because it's cheap and fast But the problem with that is that it has that it produce a lot of bit errors which you need to correct and you see on the right how the access is going so basically we have the raw nand flash and This is connected to the host processor and the host processor in this case need to take care of their leveling the ecc correction and the bad block management If you work with linux, this is usually done by the memory technology devices Subsystem which takes care of that and it's basically converts the character device into a block device and it kind of takes care of all the things for you If we take a closer look like to the properties of nand flash then what you see at some point is that it's organized in blocks which are then organized like in blocks and pages and the block contains multiple pages the Problem with nand flash is if you want to erase data you need to erase the whole block which contains a lot of pages And the raising of a block means basically you set all the things to two one The typical size of this blocks are between 16 and 512 kilobyte So if you want to to erase like one particular small area of memory then you need to erase like 512 kilobytes And you need to copy them somewhere Interestingly the programming works on page level so the programming you can do it on on two kilobyte But if you want to erase it you need to erase a big block The other thing in addition to the data Space there's also like an out-of-band data space which is for management and for ecc reasons Because nand flash is so unstable a lot of vendors adding a lot of some like two percent of additional blocks for spare So if if you have like a lot of bad blocks then basically very useful that and again like I said the ecc is computed by a host CPU and And the problem here at some point is that depending on what kind of host CPU you use or an end controller It can do particular computations differently. So you you cannot really swap one flash to another maybe that are like and read it out so Let's talk about where leveling of raw flash and in the problem of raw flash is basically that individuals flash cells are very limited Lifetimes and writes so you can write on one cell only 1000 times and file systems like x2 x3 x4 Another we are leveling aware. So basically if you run a next to your x3 system file system on an end flash Without any other layer in between it will just destroy it with like multiple writes as soon as you write too much And the solution for that is basically that you have flash aware file systems or additional layer so on the right side you see like one example you might have like a JFFS 2 for example is like a file system, which is like flash aware which works in the partition layer a level and The other thing what you can do is like you can add an additional level between the flash and the file system And this is an example for that is like Ubi or UBF UBFS And this works on the whole level there's a particular a pro and cons for the decision But this is like more or less depends on the vendor what we want to do This is not that important for now But the thing here is that the support for the bad block management and we're living is again done in the operation system And the main idea of that is of this way a leveling in particular Deleted blocks are not erased because that would cause again like many writes instead We are just marked as dirty or deleted and the actual change information is copied into a new block and at some point If necessary the garbage collector will take care of like the old data But if you don't need to take care of it then it stays there. I Did the graph for that so this is again simplified so bear with me It's like I'm not totally correct in terms of like terms, but imagine we have like a data block this one which we want to change and it's assigned to the use block or the physical use block there and Now what happens is if you want to change it the original the old use block is read Then the information with the modified information is written to a new free block The link is more less Set to the new block and the old block is just mark as dirty and the important thing thing here is the data is Still present the data is not erased is still there The interesting thing in particular for IOT is if you if you change the particular file more often when you have more more and more copies of that so The thing is you have multiple copies on flash And this data is also not erased as long as the this whole block is not erased And if you have some data in there, which is never touched then it's probably never erased The interesting thing for us is to reverse engineer or like to extract data is basically that the copies have like a size bigger than 2 Kilobytes so you can put like a text file credentials file or whatever into that and The more data gets changed for example lock files or wafer credentials or pictures the more copies you have in then flush So basically it's like panel like a backup just without being a backup So this was super simplified if you were more interested in that there's a great talk from the back at USA 2014 About a reverse engineering flash memory for fun and benefit from that Oh, and you have given like an introduction into the communication protocol of NAND the soldering unsoldering of NAND flash and how to reverse engineer the NAND formats never interesting talk is also like from or it is a block entry actually from NAND chips to files from John Michael Picotte and there's also like a recommender thing As a side note by the way even vendors of devices are not aware of particular features of their file systems For example, this is like from this next sample from my talk last year at Defcon Where developers leaked actually like a key their developer keys in the JFFS 2 file system So they basically deleted the file and just image the whole file system and put it on millions of devices And all the millions of devices still had like some where the fragments of the key So even vendors are not safe on that Let's talk about block devices So block devices are in general known as managed NAND. They have multiple standards EMMC-4, EMMC-5, the higher the standard the more difficult it gets for us as reverse engineers or like forensics the classical thing that most people know is like EMMC and EMMC in technical Technically speaking is a flash with integrated controllers. So basically the controller is like on the chip So it's not necessary anymore that you have that you do the bare leveling or the other things in like in like on the operation system another flavor of of this kind of Memory is EMCP and those are typical things which you find on your smartphone Because it's basically EMMC with an additional DRAM on one chip and the advantages you put a vendor for the supply chain Basically, you have only one chip it contains DRAM and flash at the same time You see it gets a little bit more complicated with the pins down there Under Linux, these devices are kind of seen as normal block storage devices like an SD card and so we support all file systems X2, X3, X4 And the advantage of VAMkina is like for complexity reasons that The bare leveling the ECC and bad block management is already integrated in them. So you don't have to take care of that Now if you want to access deleted data then it gets a little bit more complicated because the EMMC controller doesn't really allow us to get raw access on the device like with a raw NAND So but the thing is that the this kind of chips they're using a raw NAND internally and there are like possibilities where you can just Bypass the EMMC controller and directly attached to the NAND internally and just bypass all the security things The challenge is just that some EMMC controllers are doing some kind of weird format So you need to figure out what we do internally again recommend a talk here is the EMMC chips data recovery beyond the controller by a company who is doing like a lot of recovery things or salute I think and The summary is basically even if you delete all the data from the EMMC all the data is still in there in The in the chip so you can extract it but there's a little bit out of scope for the stock all right Let's talk about reset states Which you can find if you buy like a used device or if you do dumpster diving or if your neighbor gives you some broken device So the reset states most of the time depend on the previous owner So some previous owner think like yeah, I have nothing to hide. So for example for this media box For the critical one. I don't need to reset it at all So basically this device contains still all the data auto configurations And one of the reason why it might be the case is that the knowledge is just missing so the people don't know how to reset this thing Never level which can be the bifur configuration reset So this device might still contain all the data or most of the data But it's like in an unprovisioned state. That means if you power it on it won't connect to any Wi-Fi it expects more or less you to provision it again to a new Wi-Fi and Interestingly many devices only offer this Wi-Fi reset So basically if you see a reset button on your device when most of the time it's a Wi-Fi reset It's not the device vibe, which is the next thing Device vibes and contrast to that they just delete all the data put the device back in a factory state and But even in this case there might be still traces of data there Interestingly not all the devices support that because it's basically open technical reasons if they built a device incorrectly Then they can't just wipe the device so In comparison both so some devices actually support both features So why for reset is usually marked by a special button if you have a reset button you click it It's basically doing a bifur reset device vibe It's usually available over the app if you have an app or you need to press like multiple keys And now the idea of this bifur reset is like a very logical one So basically you don't want to erase the whole device every time you do want to change the Wi-Fi So basically this device can be reconnected quickly to a new Wi-Fi so you don't have to wait like for five minutes or ten minutes until the flash gets erased so You want to just move to move the thing in contrast to that I mean as with the device vibe you want to erase all the data And you want to get rid of everything and get bring it back in a factory mode But this is like these things are like not necessary the same in terms of like what people understand under reset You know, so it's basically for people think they reset the device most of the time is the bifur reset All right, let's talk about that data extraction methods For me the idea is extract all available that data everything which I can get from this device And there are multiple methods to do that for example if I somehow can get root access on a device Then I can extract it by software Sometimes I can flip dump the flash contents without actually disordering anything in the worst case I need to disorder like the flash for example. So this is like typically the chip of method So if you talk about software methods for many IoT devices, especially for the cheap ones where like some public Methods are available where you people tell you how to access like the file system how to root a device how to do like whatever And most devices support also like installation of custom firmware or access over USB for example adb For example adb or you are For some devices especially for cameras with like some special modes where you can boot a system from the SD card for example, and If you have no root chart some point what you think what you want to do is like basically dump all the flash contents via a DD The advantage for DD is basically DD is not flash aware. So it doesn't know anything about out of out of Data blocked out of band blocks or ECC. So it just dumps everything Which is very helpful for us Usually you shouldn't use DD by the way if you ever do backups of NAND flashes because you can't restore them again without breaking a system You extract the data usually by external media SSH or netcat netcat is more probably the most easiest thing to do This method of software works especially good for file systems if it's like JFS2 or UBFS The disadvantage here is you can only do things with the kernels allowing you so basically sometimes the kernels not allowing You low-level access on the flash so you might be a little bit limited there The other things which you can do is like you can dump flash without a soldering and it works mainly very good for SPI flash or EMMC Some of the devices if you get them they allow in-system programming and how it works Basically you take your flash reader and you attach it to particular test pins and then you can directly access the memory The problem is the processor shouldn't interfere with this process So you need to kind of make sure that the process or the sock is kind of like not working And you can do that sometimes by pulling like the reset pin or you just ground the Clock the crystal so that it doesn't do anything the advent advantage of this thing is well you have a reduced risk of destroying a hardware if you're not very good in BGA resoldering or like Unsoldering then you probably break your device the disadvantage is you need to fight the test pins first or the traces and some vendors do With full air PCBs we do so that we hide things like in the middle layers and this kind of nasty um The last method of resort is more or less dumping the flash by the soaring so this works literally for all the flash methods for the order flash chips I'm confused well, okay, so how does Okay, how does it works is usually that? The recommended thing is you heat up the PCB Before you do any soaring because if you don't heat up the PCB then at some point You might accidentally pull pins because you have like a ground plane If you have accessible pins for like for T-SOP one one trick what you can do is like basically create like a low-temperature alloy and low-temperature alloy you just take like a Like an alloy like a soldering alloy which is like 120 137 degrees Celsius and then you just mix it with the existing alloy and you can do that with a normal soldering iron So you don't need too much special tools for BGA chips that gets a little bit more complicated Most of the time need like some hot air station infrared or a flow oven For soaring station some people use also a pizza oven, but I might not to recommend that in general the disadvantage of BGA chips is if you want to reuse the device later you need to Reball the chip and To resort it and this might be complicated and might be what might require a lot of patience Especially one one thing about nan devices is that you might need a special adapter to use them because of the high-pink count All right Let's start with the tools which you need to do which you which you can use for particular things If you want to access SPI flash you can literally take any device which can do big bit banging on GPIOs You can use a Raspberry Pi. You can use adrinos. You can use bus pirates For a Raspberry Pi you have to sort a flash from which can natively speak to most of the flash chips So that's kind of easy my favorite tool because I use it also farther things as flash get USB Which is I don't know couple like 30 30 40 bucks or so This is also that purpose If you if you want to access emmc flash The advantage of emmc flash is it speaks the same protocol like SD card so you can use potentially like SD card readers Here the important thing is you want to double check the datasheet of the emmc flash because some of them are low voltage So it's like 1.8 volt if you connected the 3.3 when you have a very hard time and you need to buy new devices One very cheap method is here. There's not like an exploit tears emmc adapter for 10 bucks which you can get you can just connect it into a secret reader you sort of the The cables To to the trip and you can can read it out the disadvantage of that is the ships are very small and So you might have good eyes to do that or you need to microscope or something and The disadvantage of this particular method was also what you might not be able to access all the partitions Which might be which is actually not a real problem for us in this our use case of getting data from the devices But if you do more reverse engineering, you also want to access the special partitions like the boot partitions But this doesn't matter here And never met it By the way for emmc flash is if you get some cheap stuff from China like this BGA adapters where you can just put your BGA chip in there and just jiggle a little bit around and then get a very good connection The advantage of this is that they support dual voltage chips So I mean should be good to go with that disadvantage is with that by the way you need to Find the correct position of the of the chips or you need to try a little bit and I wouldn't recommend to use the Original software because it's detected as malware and the typical recommendation of the developers of the softwares. Yeah, it's fine Just to say we have antivirus and Doesn't sounds very trustworthy all right If you want to access Ron and this gets a little bit more complicated because the pin count gets higher So you need like at least No, I think 16 pins which you need to connect to the chip And this requires some kind of nan controller You can again look into the talk about reverse engineering flash memory for fun and benefit They have like very very cheap method to do that, but again here. There's like more or less professional Devices available where you can just use like a socket to put the chip in and read it out And dump all the data the problem with that kind of devices is most of the time that they cannot interpret The ecc or out of band data, so it might be hit or miss Another method if you have access to that evaluation boards So just take a look at the processor which is used in your device So I did a lot of vacuum cleaners. I have some development boards, which I have exactly the same chip So I can just sort of the chip onto this evaluation board and can just use the processor Like it is to read and dump all the information and can I also use it to write information to that without Thinking on how to calculate the ecc and how to do other things The disadvantage of this method is obviously you need to get this board somehow and sometimes they're not available Or if they available very extremely expensive, so it's kind of yeah difficult At the moment we extracted the data there's like a lot of there's a whole zoo of tools which you can use The typical thing that most people just do is like binwalk If you just extract if you just want to extract some data like credentials when you can just use a hex editor At some point if you want to interpret and then flash dumps There's like some tools like the dump flash tool or Nant dump tool the problem with this particular tools is even though that they open source They don't handle exotic out-of-band data sizes correctly sometimes or also the ecc data is kind of like Difficult so it depends more or less on the stock which was used If you at some point have like a ubi image, you can just dump the whole content of that JFS images is also easy. There's like also tools for that so basically for most of the things you have open source tools available You should be good to go with that All right, let's start with the device analysis So some of the methods which I use We're basically disassembled the device Unsoldered the flash dump the flash put the flash on again then power the device on again and Maybe try to root it sometimes it works sometimes it doesn't work The one thing which I tried to do is like I basically tried to connect the device also to the app So as a new user kind of I connect to you the Device to the app and hope that I still get some old information The other thing is like as a kind of test I do I use the devices For example a random vacuum clearance in my in my lab and then I reset them and then I just compare the data Which I had before and after that so to get an idea what kind of how good the factory set us So the first device where I would start is the eco works debaught 900. I think it's mostly it's very popular in Europe I'm not sure how popular as it is in America I got this device in 2019 and the previous owner told me that he erased it So I was kind of curious about that this thing runs Linux the test is weird a rock chip a sock And they use a 128 megabyte of nan flash and T-SOP 48 format So you see like this green thing on the left The approach what I used is basically I dumped an end flash like when I connected over you are to get some additional information to figure out what's going on After I unsoldered the flash. I wanted to verify But it but this device was actually factory set it because otherwise it's kind of like a little bit unfair and the thing Is what I found is actually that I Found a log file which is where it says that this device was erased before I got it So basically it was I was newing for sure that this device was erased The next thing what I found there is like lots lots of fragments of log files keys maps by for credentials The only problem that what I had with this particular devices But I didn't knew how to how to read the out of band data to reassign all the blocks correctly So this is like still something which I'm working on The next step what I did is like connect it over you are and was hoping that I can get some shell to extract the data Very easy, but unfortunately they did protect that by making the Like you are to read only, but I found some information about it So the one information I could figure out is that the rock trip is using this very specific like driver to communicate with the With the flash and they do a very leveling by themselves And the other thing what I knew is that the root position is squash a fast and but the data position X4 is X4 So basically I could expect that I think more more traces So this is like the example with the credentials. So basically this device At some point you need to obviously to have files which sort of credentials and what you can see here from the from the top to the bottom This was the original file which was created in the factory So you still see the factory credentials of the as the SSID and the Wi-Fi password for the factory somewhere in Changseng Or wherever this vacuum cleaner was designed and over the time when the back when the previous owner was adding Wi-Fi's Or what was connecting this device to the Wi-Fi you see that more and more Wi-Fi's were like added to this The ever I had to censor things to the blue things are censored The everything what you see out of the lock files is every time when a vacuum cleaner was connected to the Wi-Fi or even the original point Where the owner was provisioning this device first time to the Wi-Fi? So in this case I knew that the person had like a galaxy phone because you can see it in the in the lock files But the galaxy phone was connected to this So now we have some info of the information. So what about locating the former owner and There's like a very useful IP for that the Google geolocation IP And what it does is you give it two MAC addresses and the signal strength and it gives you back the coordinates and the accuracy rating The problem of this particular device was Unfortunately, I had only one MAC address so I couldn't use this RP to find the original position of that But there's another website where you can just enter the SSID and then you can just look around the world where this SSID is coming from and the thing about this particular SSID is that it was like a provider modem Which had like a random random number as a SSID. So I found exactly only one Position where this SSID was used at a second SSID from the same owner I checked double checked it and figured out it somewhere in the middle of Germany So I have also the exact address, but I didn't have it here Right so As a summary for this particular device most of the user data is still existing on this device even though that was wiped I could see the XMMP lock files. This device is using XMMP for the communication with the cloud I could see the maps the credentials Because the maps are using some kind of weird format. I couldn't really reassemble them But I might at some point I'm also tried to reset the device three times in a row and still could get all the fragments So factory setting is not very effective there One interesting aspect is I also found the factory locks So where the sensors and all the other stuff was tested and I think this files are actually not existing anymore in the logical space But they're still on this thing Again, I could track the previous owner of this device. However, there's one small good news If you connect this vacuum cleaner now to the to the Wi-Fi and to your account then basically the app doesn't leak previous information So it's kind of this is kind of a case. So the data is apparently not There anymore in the form that everyone can see it Interesting thing is I found the similar results also for other vacuum cleaners. I'm not sure if I mean everyone who's using this kind of Raw n-chips that's kind of like want to save money. So a lot of devices have exactly the same issue right The second device which I analyzed because I do many research on Xiaomi So I bought random used devices and broken devices out of eBay. This is a device which I got in 2018 I didn't really know what kind of condition it had because it was broken In general the Xiaomi devices they have we run an open to 14 to 4 with the quad core I'm and they have 4 gigabit of EMMC and here the approach was that I connect over you are it and dump the partitions Over you are it and then later on I try to connect it again to the cloud The good thing about the show me a vacuum cleaners is that rooting methods exists. I found them I think two years ago and presented them You can get root shell over you are it or you just can push your custom firmware onto that The good thing with pushing custom firmware is it doesn't destroy the data. So the data is still there. So which is kind of good And later on you can exfiltrate all the data via SSH The alternative method is if this device is totally broken, you can still remove and dump the flash content that still works To give you like an idea for what to look for this system This is like the EMMC layout how it looks like so you see that it has like three copies of the operation system then on the Pre-last line there's the reserve partition which contains all the usage data. So how much how often this device was used? What is the status of like all the sensors the? HEPA filter and so on and then there's a user partition, which is to use this partition Which contains all the locks maps Wi-Fi configuration and user ID and This is like the partition which we interested for so One thing about this vacuum cleaners in particular this device is actually support two modes of Resets so the first thing is a Wi-Fi reset, which is Which is a button which is called reset and the second is like the Factory set The Wi-Fi reset what it does is just to lead some of the credentials But everything else remains there and the actual the factory set needs a special procedure where you need to press multiple buttons To wait and then it resets the device in the factory It's mentioned in the manual, but I figured out that nearly no one knows about it so probably the first thing what you do is like if you get the manual you just throw it away and Yeah, what this factory set actually is doing is it restores the operation system from the recovery and Formats the data partition, but interestingly here is it doesn't wipe it really so there might be still some traces The partition with the usage data is not erased. So basically all the usage data is still there But not kind of a user data So what I did is I just connected it went to the cloud and I figured out oh, hey All the data is still visible in the app so I could figure out like okay when when was the apartment cleaned of the person what the apartment is looking like and So the assumption was that this device was only Wi-Fi reset it So they pressed only the reset button nothing more And even though that I connected it to a totally different account This device was re-uploading all the data from the vacuum cleaner up in the cloud So I had it as a new owner had all the previous data before also all the lock files We're still locally available and I was kind of curious what happens if I do a factory set So at the end of the day, I did the factory set the good news is if you do like a real factory set impressory buttons Then the data is at least not visible in the app anymore I was looking in a lock files. I figured out hey, I have to make addresses and actually the geo the Google geo RP have given me like some coordinates back and I Figured I mean I again censored it. So it's like somewhere in the area, but I knew the exact address As soon as I knew the address I was looking at the at the street and I figured out that the Wi-Fi credentials have SSID had part of the street name in it and the street number because I don't know someone figured out It's maybe a good idea to use the street name and street number as a pi for SSID and the password contains some personal information Like probably Doc's name. I don't know. No, sir However, because this data is like stored in plaintext in the device. You can just read it out another magic trick is by the way The device has a user ID of the user and if you use like the app You can share devices with other users and one thing which I did is basically I create like a fake account connected like a fake device And then I was just sharing this device with this user with the previous owner and had also the profile picture and the name so yeah Yeah So as a summary For this particular device all the data was still there The vice was not what was not wiped Said only wife or reset was done The reset button is very misleading like for many devices. So reset is not doing actually reset However, in this case the correct procedure is actually documented in the menu, but most of the people don't read that Again here I could track the owner with the due to the lock files and this kind of devices that create a lot of lock files and very We're both so you have like a nice Nice idea what's going on there All right some other example which I have here Like this door belts. I figured out like I have like now I think eight door belts and seven of them are more or less from the same I think SDK In terms of like if you buy like eight Door belts from Amazon you have probably Internally seven times the same hardware but different interior like exterior most of them are based on the high 3518 ship They have like an SPI nor flash in there They use again JFS to and you BFS so you can happily Recover all the credentials They have some lock files So you might get one Mac address of to of to by fax this point. So it's kind of like a little bit more difficult But I actually could track it down the sad thing about this kind of devices is we have unfortunately like a SD card slot so we don't contain video data. So it was like a little bit sad about that Not necessarily all IT devices are bad So I found actually one device which I didn't disclose yet Which was also vacuum cleaner from a different company who use trust zone for key storage. They encrypted all the user partitions with looks the Keys were managed by this trust trusted execution engine and we're the very specific and Every time this thing boots up it checks like some states and then unlocks the partitions Interesting thing here is if you do a factory said to just throw us away the keys and Recreate the partition so this kind of case it would be kind of safe But this is like this is one example. I saw it so far. So it's very very rare As a conclusion in general had to like a sample size of like 26 devices, which I found Got or found like in like some swap fasts. I figured out that apparently Secure or correct factory sets are very difficult to implement Especially if you use raw net Flash it nearly defeats all the time like full vibes and there's no real way to ensure that the device has actually wait wait Many also many vendors actually not to reach all the user-generated data So you have like usage data, which still remains there lock flights are not erased The only thing that sometimes is erased is like to buy for confirmation files But all the other information is more or less still like on this device Another problem what you have again is the missing knowledge of the user So if the people don't know how to reset devices then in the first place then we cannot even complain about the vendors because the user Don't reset them as a recommendation if you ever want to get rid of Devices don't sell them and throw them away Especially if you expect that they contain any sensitive information. So especially don't throw away like this media stuff the media players Is and also don't throw away devices if you cannot verify that they have been done a full vibe One example is destroy the physical memory if it's a cheap device or just use this device to practice soldering that unsolder resorder things In general, it might be a good idea if you had to throw away devices Maybe change the change your Wi-Fi credentials So at least that someone cannot let who has the credentials cannot break into your local network Or the other thing is just put all your devices into a separate IOT Wi-Fi Which kind of also limits the impact of someone gets the credentials All right That's it for here. I want to thank thank professor Nubir and Professor John Manfredelli from the nothison University and also the Zemo team from to Darmstadt and if you have any questions I'm happily here to answer them and I've also some devices if you want to take a look at this kind of weird adapters I'm here for a while. Thank you