Home > Meetings >

Live Q&A - Live Hack: Demonstrating Common IoT Security Weaknesses

Joe Hopper - Watch Now - Duration: 20:59

Live Q&A - Live Hack: Demonstrating Common IoT Security Weaknesses
Joe Hopper
Live Q&A with Joe Hopper for the talk titled Live Hack: Demonstrating Common IoT Security Weaknesses
italicssurround text with
boldsurround text with
**two asterisks**
or just a bare URL
surround text with
strikethroughsurround text with
~~two tilde characters~~
prefix with

No comments or questions yet. Will you be the one who will break the ice?

16:13:33	 From  Eric Lundquist : In the presentation you mentioned extra security measures in u-boot.  Could you discuss that a little further.
16:13:52	 From  Erwin : Awesome live hack! Embarrassing how easy it was to get into devices. Have you any thoughts/numbers how many devices in the field are so easy to attack?
16:15:33	 From  Robert Hancock : Newer U-Boot versions have a way to password protect the console access (the password is stored hashed so you can't just extract it from the binary). Or you can just disable console access entirely.
16:16:04	 From  Erwin : Another thing is, you showed how to get Access to Linux based devices. Is getting access to FreeRTOS or bare metal devices as easy or are those per definition better?
16:19:27	 From  Eric Lundquist : Thanks!
16:23:47	 From  enrico perera : How do you work out a threat model if you can’t see ahead what someone will do ?My company makes a utility meter, should I assume someone is going to take a meter from (electric, gas, water) line as part of my threat model ?
16:24:20	 From  Erwin : Thanks for your detailed answer.
16:27:57	 From  Leandro Pérez : Thanks Joe... Amazing talk ????
16:28:37	 From  jefcap : Do you have suggestions for secure update  IoT devices?
16:28:38	 From  Phillip Kajubi : Are these the most common attacks you've seen in the field? what should we be most prepared for when designing?
16:31:42	 From  Phillip Kajubi : Thanks!
16:31:59	 From  Jay Cosper : thanks!