Cargando…

Abusing the Internet of things : blackouts, freakouts, and stakeouts /

Annotation

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Dhanjani, Nitesh (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Sebastopol, CA : O'Reilly, [2015]
Edición:First edition.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Copyright
  • Table of Contents
  • Foreword
  • Preface
  • Who This Book Is For
  • How to Use This Book
  • Conventions Used in This Book
  • Using Code Examples
  • Safari® Books Online
  • How to Contact Us
  • Acknowledgments
  • Chapter 1. Lights Out-Hacking Wireless Lightbulbs to Cause Sustained Blackouts
  • Why hue?
  • Controlling Lights via the Website Interface
  • Information Leakage
  • Drive-by Blackouts
  • Weak Password Complexity and Password Leaks
  • Controlling Lights Using the iOS App
  • Stealing the Token from a Mobile Device
  • Malware Can Cause Perpetual Blackouts.
  • Changing Lightbulb State
  • If This Then That (IFTTT)
  • Conclusion
  • Chapter 2. Electronic Lock Picking-Abusing Door Locks to Compromise Physical Security
  • Hotel Door Locks and Magnetic Stripes
  • The Onity Door Lock
  • The Magnetic Stripe
  • The Programming Port
  • Security Issues
  • Vendor Response
  • The Case of Z-Wave-Enabled Door Locks
  • Z-Wave Protocol and Implementation Analysis
  • Exploiting Key-Exchange Vulnerability
  • Bluetooth Low Energy and Unlocking via Mobile Apps
  • Understanding Weaknesses in BLE and Using Packet-Capture Tools
  • Kevo Mobile App Insecurities
  • Conclusion.
  • Chapter 3. Assaulting the Radio Nurse-Breaching Baby Monitors and One Other Thing
  • The Foscam Incident
  • Foscam Vulnerabilities Exposed by Researchers
  • Using Shodan to Find Baby Monitors Exposed on the Internet
  • Exploiting Default Credentials
  • Exploiting Dynamic DNS
  • The Foscam Saga Continues
  • The Belkin WeMo Baby Monitor
  • Bad Security by Design
  • Malware Gone Wild
  • Some Things Never Change: The WeMo Switch
  • Conclusion
  • Chapter 4. Blurred Lines-When the Physical Space Meets the Virtual Space
  • SmartThings
  • Hijacking Credentials
  • Abusing the Physical Graph.
  • SmartThings SSL Certificate Validation Vulnerability
  • Interoperability with Insecurity Leads to{u2026}Insecurity
  • SmartThings and hue Lighting
  • SmartThings and the WeMo Switch
  • Conclusion
  • Chapter 5. The Idiot Box-Attacking "Smart" Televisions
  • The TOCTTOU Attack
  • The Samsung LExxB650 Series
  • The Exploit
  • You Call That Encryption?
  • Understanding XOR
  • I call it Encraption
  • Understanding and Exploiting the App World
  • Decrypting Firmware
  • Cursory Exploration of the Operating System
  • Remotely Exploiting a Samsung Smart TV
  • Inspecting Your Own Smart TV (and Other IoT Devices)
  • Say Hello to the WiFi Pineapple Mark V
  • Capturing credentials and stripping TLS
  • Conclusion
  • Chapter 6. Connected Car Security Analysis-From Gas to Fully Electric
  • The Tire Pressure Monitoring System (TPMS)
  • Reversing TPMS Communication
  • Eavesdropping and Privacy Implications
  • Spoofing Alerts
  • Exploiting Wireless Connectivity
  • Injecting CAN Data
  • Bluetooth Vulnerabilities
  • Vulnerabilities in Telematics
  • Significant Attack Surface
  • The Tesla Model S
  • Locate and Steal a Tesla the Old-Fashioned Way
  • Social Engineering Tesla Employees and the Quest for Location Privacy.