Loading...

DEF CON 23 - IoT Village - Wesley Wineberg - Cameras Thermostats and Home Automation Controllers

4,078 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Dec 3, 2015

CAMERAS, THERMOSTATS, AND HOME AUTOMATION CONTROLLERS - HACKING 14 IOT DEVICES
BIO:
Wesley Wineberg is a Senior Security Research Engineer at Synack. Prior to Synack, Wes spent six years testing the security of SCADA, Smart Grid, Medical, and other “critical infrastructure” technologies. Wes enjoys black box analysis, pen testing, software, firmware and hardware reverse engineering.

ABSTRACT:
It is easy to find poorly designed devices with poor security, but how do the market leading devices stack up? Are they more secure than a Linux-powered rifle? This presentation documents our effort to assess the state of security of top selling Internet of Things Devices.

We procured 14 of the leading “connected home” IoT devices and tore them down, all the way from software to hardware and compared their relative security. This talk will demonstrate techniques useful for assessing any IoT device, while showing how they were applied across a wide range of devices.

Attend for stories of device rooting, SSL interception, firmware unpacking, mobile app vulnerabilities and more. Stay to find out why your favorite new gadget might just be a backdoor into your home. If you own (or are considering buying) one of the following devices, come and find out how secure it actually is!

Devices:

Dlink DCS-2132L
Dropcam Pro
Foscam FI9826W
Simplicam
Withings Baby Monitor
Ecobee
Hive
Honeywell Lyric
Nest Thermostat
Nest Protect
Control4 HC-250
Lowes Iris
Revolv
SmartThings
Samsung Smart Refrigerator (model RF28HMELBSR)
Samsung LED Smart TV (model UN32J5205AFXZA)

REASON:
The best thing about this talk is that it covers a large number of devices, all devices which are among the industry leaders for their category.

While we have published the high level findings from assessing these devices, this talk will include full technical details on how to attack each of these devices, and full tech details on any of the vulns which we found. Those details have not yet been released, and will be of interest to anyone who owns or wants to hack any of these devices.

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...