Abusing the Internet of things blackouts, freakouts, and stakeouts
Annotation
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Sebastopol, CA
O'Reilly
2015
|
| Edition: | First edition |
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- Chapter 3. Assaulting the Radio Nurse-Breaching Baby Monitors and One Other Thing
- The Foscam Incident
- Foscam Vulnerabilities Exposed by Researchers
- Using Shodan to Find Baby Monitors Exposed on the Internet
- Exploiting Default Credentials
- Exploiting Dynamic DNS
- The Foscam Saga Continues
- The Belkin WeMo Baby Monitor
- Bad Security by Design
- Malware Gone Wild
- Some Things Never Change: The WeMo Switch
- Conclusion
- Chapter 4. Blurred Lines-When the Physical Space Meets the Virtual Space
- SmartThings
- Hijacking Credentials
- Abusing the Physical Graph
- Say Hello to the WiFi Pineapple Mark V
- Capturing credentials and stripping TLS
- Conclusion
- Chapter 6. Connected Car Security Analysis-From Gas to Fully Electric
- The Tire Pressure Monitoring System (TPMS)
- Reversing TPMS Communication
- Eavesdropping and Privacy Implications
- Spoofing Alerts
- Exploiting Wireless Connectivity
- Injecting CAN Data
- Bluetooth Vulnerabilities
- Vulnerabilities in Telematics
- Significant Attack Surface
- The Tesla Model S
- Locate and Steal a Tesla the Old-Fashioned Way
- Social Engineering Tesla Employees and the Quest for Location Privacy
- SmartThings SSL Certificate Validation Vulnerability
- Interoperability with Insecurity Leads to{u2026}Insecurity
- SmartThings and hue Lighting
- SmartThings and the WeMo Switch
- Conclusion
- Chapter 5. The Idiot Box-Attacking "Smart" Televisions
- The TOCTTOU Attack
- The Samsung LExxB650 Series
- The Exploit
- You Call That Encryption?
- Understanding XOR
- I call it Encraption
- Understanding and Exploiting the App World
- Decrypting Firmware
- Cursory Exploration of the Operating System
- Remotely Exploiting a Samsung Smart TV
- Inspecting Your Own Smart TV (and Other IoT Devices)
- Changing Lightbulb State
- If This Then That (IFTTT)
- Conclusion
- Chapter 2. Electronic Lock Picking-Abusing Door Locks to Compromise Physical Security
- Hotel Door Locks and Magnetic Stripes
- The Onity Door Lock
- The Magnetic Stripe
- The Programming Port
- Security Issues
- Vendor Response
- The Case of Z-Wave-Enabled Door Locks
- Z-Wave Protocol and Implementation Analysis
- Exploiting Key-Exchange Vulnerability
- Bluetooth Low Energy and Unlocking via Mobile Apps
- Understanding Weaknesses in BLE and Using Packet-Capture Tools
- Kevo Mobile App Insecurities
- Conclusion
- Copyright
- Table of Contents
- Foreword
- Preface
- Who This Book Is For
- How to Use This Book
- Conventions Used in This Book
- Using Code Examples
- Safari® Books Online
- How to Contact Us
- Acknowledgments
- Chapter 1. Lights Out-Hacking Wireless Lightbulbs to Cause Sustained Blackouts
- Why hue?
- Controlling Lights via the Website Interface
- Information Leakage
- Drive-by Blackouts
- Weak Password Complexity and Password Leaks
- Controlling Lights Using the iOS App
- Stealing the Token from a Mobile Device
- Malware Can Cause Perpetual Blackouts