IoT and the Security of That Mobile App - Mark Loveless
Offered By: LASCON via YouTube
Course Description
Overview
Explore the security vulnerabilities in Internet of Things (IoT) devices and their accompanying mobile apps in this 55-minute conference talk from LASCON 2017. Delve into common mistakes, potential attack vectors, and techniques for dissecting IoT systems from a researcher's perspective. Examine real-world examples that highlight security issues in data transmission between devices and the cloud. Learn about various research tools and methodologies used to evaluate IoT security, including Bluetooth pairing methods, WiFi traffic analysis, certificate pinning, and web security. Investigate specific case studies involving personal protection devices, Apple Watch, and Milwaukee Tool, focusing on aspects such as LE privacy, MAC address security, and physical security. Gain insights into basic security concepts like bearer tokens and stored credentials, essential for understanding and improving IoT security.
Syllabus
Intro
What is IoT
Bluetooth
Pairing Methods
WiFi Traffic
Certificate Pinning
Web Security
Library Security
IoT Basics
Personal Protection Devices
Roars
LE Privacy
Roar Athena
MAC Address
Security
Apple Watch
Physical Security
Bluetooth Security
Milwaukee Tool
Basic Security
What are bearer tokens
Stored credentials
Bearer token
Taught by
LASCON
Related Courses
Stealthily Access Your Android Phones - Bypass the Bluetooth AuthenticationBlack Hat via YouTube For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems
44CON Information Security Conference via YouTube Fuzzing the Phone in the iPhone
media.ccc.de via YouTube BrokenMesh - New Attack Surfaces of Bluetooth Mesh
Black Hat via YouTube BlueMaster - Bypassing and Fixing Bluetooth-Based Proximity Authentication
Black Hat via YouTube