| Description |
1 online resource |
| Contents |
Copyright -- Table of Contents -- Foreword -- Preface -- Who This Book Is For -- How to Use This Book -- Conventions Used in This Book -- Using Code Examples -- Safari® Books Online -- How to Contact Us -- Acknowledgments -- Chapter 1. Lights Out-Hacking Wireless Lightbulbs to Cause Sustained Blackouts -- Why hue? -- Controlling Lights via the Website Interface -- Information Leakage -- Drive-by Blackouts -- Weak Password Complexity and Password Leaks -- Controlling Lights Using the iOS App -- Stealing the Token from a Mobile Device -- Malware Can Cause Perpetual Blackouts |
|
Changing Lightbulb State -- If This Then That (IFTTT) -- Conclusion -- Chapter 2. Electronic Lock Picking-Abusing Door Locks to Compromise Physical Security -- Hotel Door Locks and Magnetic Stripes -- The Onity Door Lock -- The Magnetic Stripe -- The Programming Port -- Security Issues -- Vendor Response -- The Case of Z-Wave-Enabled Door Locks -- Z-Wave Protocol and Implementation Analysis -- Exploiting Key-Exchange Vulnerability -- Bluetooth Low Energy and Unlocking via Mobile Apps -- Understanding Weaknesses in BLE and Using Packet-Capture Tools -- Kevo Mobile App Insecurities -- Conclusion |
|
Chapter 3. Assaulting the Radio Nurse-Breaching Baby Monitors and One Other Thing -- The Foscam Incident -- Foscam Vulnerabilities Exposed by Researchers -- Using Shodan to Find Baby Monitors Exposed on the Internet -- Exploiting Default Credentials -- Exploiting Dynamic DNS -- The Foscam Saga Continues -- The Belkin WeMo Baby Monitor -- Bad Security by Design -- Malware Gone Wild -- Some Things Never Change: The WeMo Switch -- Conclusion -- Chapter 4. Blurred Lines-When the Physical Space Meets the Virtual Space -- SmartThings -- Hijacking Credentials -- Abusing the Physical Graph |
|
SmartThings SSL Certificate Validation Vulnerability -- Interoperability with Insecurity Leads to…Insecurity -- SmartThings and hue Lighting -- SmartThings and the WeMo Switch -- Conclusion -- Chapter 5. The Idiot Box-Attacking "Smart" Televisions -- The TOCTTOU Attack -- The Samsung LExxB650 Series -- The Exploit -- You Call That Encryption? -- Understanding XOR -- I call it Encraption -- Understanding and Exploiting the App World -- Decrypting Firmware -- Cursory Exploration of the Operating System -- Remotely Exploiting a Samsung Smart TV -- Inspecting Your Own Smart TV (and Other IoT Devices) |
|
Say Hello to the WiFi Pineapple Mark V -- Capturing credentials and stripping TLS -- Conclusion -- Chapter 6. Connected Car Security Analysis-From Gas to Fully Electric -- The Tire Pressure Monitoring System (TPMS) -- Reversing TPMS Communication -- Eavesdropping and Privacy Implications -- Spoofing Alerts -- Exploiting Wireless Connectivity -- Injecting CAN Data -- Bluetooth Vulnerabilities -- Vulnerabilities in Telematics -- Significant Attack Surface -- The Tesla Model S -- Locate and Steal a Tesla the Old-Fashioned Way -- Social Engineering Tesla Employees and the Quest for Location Privacy |
| Summary |
Annotation "This book is a marvellous thing: an important intervention in the policy debate about information security and a practical text for people trying to improve the situation." Cory Doctorowauthor, co-editor of Boing BoingA future with billions of connected "things" includes monumental security concerns. This practical book explores how malicious attackers can abuse popular IoT-based devices, including wireless LED lightbulbs, electronic door locks, baby monitors, smart TVs, and connected cars.If you re part of a team creating applications for Internet-connected devices, this guide will help you explore security solutions. You ll not only learn how to uncover vulnerabilities in existing IoT devices, but also gain deeper insight into an attacker s tactics.Analyze the design, architecture, and security issues of wireless lighting systemsUnderstand how to breach electronic door locks and their wireless mechanismsExamine security design flaws in remote-controlled baby monitorsEvaluate the security design of a suite of IoT-connected home productsScrutinize security vulnerabilities in smart TVsExplore research into security weaknesses in smart carsDelve into prototyping techniques that address security in initial designsLearn plausible attacks scenarios based on how people will likely use IoT devices" |
| Notes |
Includes index |
|
Vendor-supplied metadata |
| Subject |
Computer security
|
|
COMPUTERS / Internet / Security
|
|
COMPUTERS / Networking / Security
|
|
COMPUTERS / Security / General
|
|
Computer security
|
| Form |
Electronic book
|
| ISBN |
9781491902936 |
|
1491902930 |
|
9781491902929 |
|
1491902922 |
|
1491902337 |
|
9781491902332 |
|
9781491902899 |
|
1491902892 |
|
