IoT and the Security of That Mobile App - Mark Loveless
Offered By: LASCON via YouTube
Course Description
Overview
Explore the security vulnerabilities in Internet of Things (IoT) devices and their accompanying mobile apps in this 55-minute conference talk from LASCON 2017. Delve into common mistakes, potential attack vectors, and techniques for dissecting IoT systems from a researcher's perspective. Examine real-world examples that highlight security issues in data transmission between devices and the cloud. Learn about various research tools and methodologies used to evaluate IoT security, including Bluetooth pairing methods, WiFi traffic analysis, certificate pinning, and web security. Investigate specific case studies involving personal protection devices, Apple Watch, and Milwaukee Tool, focusing on aspects such as LE privacy, MAC address security, and physical security. Gain insights into basic security concepts like bearer tokens and stored credentials, essential for understanding and improving IoT security.
Syllabus
Intro
What is IoT
Bluetooth
Pairing Methods
WiFi Traffic
Certificate Pinning
Web Security
Library Security
IoT Basics
Personal Protection Devices
Roars
LE Privacy
Roar Athena
MAC Address
Security
Apple Watch
Physical Security
Bluetooth Security
Milwaukee Tool
Basic Security
What are bearer tokens
Stored credentials
Bearer token
Taught by
LASCON
Related Courses
Comparing WAF and RASP - Why?LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube