SlideShare uma empresa Scribd logo

Home Automation Benchmarking Report

•
•
Synack
Synack

Synack completed a benchmarking test in a series of home automation devices from cameras to home automation controllers to thermostats. The devices were examined head to head to derive conclusions on the relative state of security across the board. Interested in what we found?

Tecnologia
1 de 9
Baixar para ler offline
www.synack.com Home Automation Benchmarking
Project Scope Cameras Thermostats Smoke / CO Home Automation Controllers Dlink DCS-2132L Ecobee First Alert SC9120B Control4 HC-250 Dropcam Pro Hive Kidde i2010S Lowes Iris Foscam FI9826W Honeywell Lyric Nest Protect Revolv Simplicam Nest Thermostat SmartThings Withings Baby Monitor
Cameras • All communications encrypted • No public services • Automatic firmware updates • No default credentials • Hardwired connection available • Public firmware is encrypted to some extent • Credential change required on first boot • Encrypted automatic updates • Lost communications alerting • Automatic firmware updates • No hardwired connection • No SSL pinning in mobile app • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Publicly available firmware • Maximum 12 character passwords • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Weak password policy • No certificate validation • Multiple communications are unencrypted • Credentials easily pulled from backups • Hard-coded shared password • Considerable network footprint BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
Thermostats • All communications encrypted • Automatic firmware updates • Proper SSL usage / encrypted traffic • Public firmware is encrypted to some extent • Credential change required on first boot • Built on widely used platform • Automatic firmware updates • Encrypted communication • Weak password policy • Weak password policy • Easily guessable configuration token used • Lack of SSL pinning in mobile app • Insecure initial configuration • History of vulnerabilities across product lines • Not all traffic is encrypted • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
Smoke and CO Detectors • Audible power loss notification • Encrypted network communication • Difficult to tamper with • Impossible to remotely hack, because it lacks connectivity • Impossible to remotely hack, because it lacks connectivity • Weak password policy • Custom configuration protocol / short pairing codes • Not applicable because this is not a “smart” device • Not applicable because this is not a “smart” device BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
Home Automation Controllers • Encrypted communications • Strong pairing mechanics • Encrypted communications • Notified if goes offline • Strong password policy • Encrypted communications • Automatic firmware updates • Unsigned firmware • Custom remote management feature • Open ports • Hardcoded API keys • Weak password policy • Exposed telnet service • History of unpatched security issues • Built-in unauthenticated remote management feature • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
Takeaways • Overall, IoT security is poor, with cameras scoring the lowest • With few exceptions, Nest leads the industry in security practices • A sinking tide incident will likely hit home automation • The industry needs some basic standards to set the bar
Areas to Watch Wi-Fi Jamming • With few exceptions, all Wi-Fi devices are susceptible to jamming • Diversification of used spectrum (2.5Ghz + 5 Ghz, etc.) reduces risk • Hardwired Ethernet options also reduce the risk • Jamming/network down incidents should result in a proactive alert to the user Password strength, Reuse, and Attack Resistance • Basic Password strength requirements should be enforced • Horizontal and vertical password guessing countermeasures should be implemented at application and network layers
Areas to Watch Unencrypted and unauthenticated communications • All communications should use bidirectional encryption • Unauthenticated servers, communications and services should not be allowed Misconfiguration of Encryption • Independent encryption architecture reviews should always be performed. There are thousands of ways to get it wrong, and only a handful of ways to get it right • SSL pinning should be used to prevent man-in-the-middle attacks • Certificate validation should always be performed against a 3rd party • Self-signed certificates should never be used

Recomendados

AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch LogsAWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
Amazon Web Services Japan
 
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
Amazon Web Services Japan
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
Karl Fosaaen
 
AWS Black Belt Online Seminar 2017 Amazon VPC
AWS Black Belt Online Seminar 2017 Amazon VPCAWS Black Belt Online Seminar 2017 Amazon VPC
AWS Black Belt Online Seminar 2017 Amazon VPC
Amazon Web Services Japan
 
Privacidad de facebook
Privacidad de facebookPrivacidad de facebook
Privacidad de facebook
AndreaYJesusTecnologia
 
AWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
AWS Black Belt Online Seminar 2018 AWS Well-Architected FrameworkAWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
AWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
Amazon Web Services Japan
 
Let's Hack a House
Let's Hack a HouseLet's Hack a House
Let's Hack a House
Synack
 
Table of content For My Home Automation report
Table of content For My Home Automation reportTable of content For My Home Automation report
Table of content For My Home Automation report
Naman Gautam
 

Recomendados

AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch LogsAWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
AWS Blackbelt 2015シリーズ Amazon CloudWatch & Amazon CloudWatch Logs
Amazon Web Services Japan
 
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
202205 AWS Black Belt Online Seminar Amazon VPC IP Address Manager (IPAM)
Amazon Web Services Japan
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
Karl Fosaaen
 
AWS Black Belt Online Seminar 2017 Amazon VPC
AWS Black Belt Online Seminar 2017 Amazon VPCAWS Black Belt Online Seminar 2017 Amazon VPC
AWS Black Belt Online Seminar 2017 Amazon VPC
Amazon Web Services Japan
 
Privacidad de facebook
Privacidad de facebookPrivacidad de facebook
Privacidad de facebook
AndreaYJesusTecnologia
 
AWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
AWS Black Belt Online Seminar 2018 AWS Well-Architected FrameworkAWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
AWS Black Belt Online Seminar 2018 AWS Well-Architected Framework
Amazon Web Services Japan
 
Let's Hack a House
Let's Hack a HouseLet's Hack a House
Let's Hack a House
Synack
 
Table of content For My Home Automation report
Table of content For My Home Automation reportTable of content For My Home Automation report
Table of content For My Home Automation report
Naman Gautam
 
DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 DevicesDEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
 
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one![DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
Synack
 
Zeronights 2016 - Automating iOS blackbox security scanning
Zeronights 2016 - Automating iOS blackbox security scanningZeronights 2016 - Automating iOS blackbox security scanning
Zeronights 2016 - Automating iOS blackbox security scanning
Synack
 
Electromagnetic Hypersensitivity and You
Electromagnetic Hypersensitivity and YouElectromagnetic Hypersensitivity and You
Electromagnetic Hypersensitivity and You
Synack
 
Synack at AppSec California with Patrick Wardle
Synack at AppSec California with Patrick WardleSynack at AppSec California with Patrick Wardle
Synack at AppSec California with Patrick Wardle
Synack
 
Synack at AppSec California 2015 - Geolocation Vulnerabilities
Synack at AppSec California 2015 - Geolocation VulnerabilitiesSynack at AppSec California 2015 - Geolocation Vulnerabilities
Synack at AppSec California 2015 - Geolocation Vulnerabilities
Synack
 
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Gabriel Dusil
 
преимущества и недостатки интернета
преимущества и недостатки интернетапреимущества и недостатки интернета
преимущества и недостатки интернета
Ay_sel
 
A touch of sin (lee sweet wan)
A touch of sin (lee sweet wan)A touch of sin (lee sweet wan)
A touch of sin (lee sweet wan)
Xiao Yun
 
Documentary proposal
Documentary proposalDocumentary proposal
Documentary proposal
Xiao Yun
 
10 Passos para mudar sua vida completamente
10 Passos para mudar sua vida completamente 10 Passos para mudar sua vida completamente
10 Passos para mudar sua vida completamente
Paulo Nagawa
 
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Placeable
 
Structural insulated panels price
Structural insulated panels priceStructural insulated panels price
Structural insulated panels price
sips-structural-insulated-panels
 
iOS Automation Primitives
iOS Automation PrimitivesiOS Automation Primitives
iOS Automation Primitives
Synack
 
Curriculo atualizado
Curriculo atualizadoCurriculo atualizado
Curriculo atualizado
Mariana Madalena
 
Blended learning
Blended learningBlended learning
Blended learning
Ay_sel
 
me
meme
me
barcata
 
Giver (archetypes)
Giver (archetypes)Giver (archetypes)
Giver (archetypes)
Xiao Yun
 
The Multi-barrier Approach to Address Water Quality and Disease Prevention
The Multi-barrier Approach to Address Water Quality and Disease PreventionThe Multi-barrier Approach to Address Water Quality and Disease Prevention
The Multi-barrier Approach to Address Water Quality and Disease Prevention
Madelyn Skinner
 
01. pengantar-adm-server-3
01. pengantar-adm-server-301. pengantar-adm-server-3
01. pengantar-adm-server-3
Setiyo Budi
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 

Mais conteĂşdo relacionado

Destaque

DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 DevicesDEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
Synack
 
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Gabriel Dusil
 
преимущества и недостатки интернета
преимущества и недостатки интернетапреимущества и недостатки интернета
преимущества и недостатки интернета
Ay_sel
 
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Placeable
 
Blended learning
Blended learningBlended learning
Blended learning
Ay_sel
 
me
meme
me
barcata
 

Destaque (20)

DEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 DevicesDEF CON 23: Internet of Things: Hacking 14 Devices
DEF CON 23: Internet of Things: Hacking 14 Devices
 
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one![DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
[DefCon 2016] I got 99 Problems, but 
Little Snitch ain’t one!
 
Zeronights 2016 - Automating iOS blackbox security scanning
Zeronights 2016 - Automating iOS blackbox security scanningZeronights 2016 - Automating iOS blackbox security scanning
Zeronights 2016 - Automating iOS blackbox security scanning
 
Electromagnetic Hypersensitivity and You
Electromagnetic Hypersensitivity and YouElectromagnetic Hypersensitivity and You
Electromagnetic Hypersensitivity and You
 
Synack at AppSec California with Patrick Wardle
Synack at AppSec California with Patrick WardleSynack at AppSec California with Patrick Wardle
Synack at AppSec California with Patrick Wardle
 
Synack at AppSec California 2015 - Geolocation Vulnerabilities
Synack at AppSec California 2015 - Geolocation VulnerabilitiesSynack at AppSec California 2015 - Geolocation Vulnerabilities
Synack at AppSec California 2015 - Geolocation Vulnerabilities
 
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
Cognitive Security - Anatomy of Advanced Persistent Threats ('12)
 
преимущества и недостатки интернета
преимущества и недостатки интернетапреимущества и недостатки интернета
преимущества и недостатки интернета
 
A touch of sin (lee sweet wan)
A touch of sin (lee sweet wan)A touch of sin (lee sweet wan)
A touch of sin (lee sweet wan)
 
Documentary proposal
Documentary proposalDocumentary proposal
Documentary proposal
 
10 Passos para mudar sua vida completamente
10 Passos para mudar sua vida completamente 10 Passos para mudar sua vida completamente
10 Passos para mudar sua vida completamente
 
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
Leading in Local! Advance Auto Parts Discusses How To Win The Local Marketing...
 
Structural insulated panels price
Structural insulated panels priceStructural insulated panels price
Structural insulated panels price
 
iOS Automation Primitives
iOS Automation PrimitivesiOS Automation Primitives
iOS Automation Primitives
 
Curriculo atualizado
Curriculo atualizadoCurriculo atualizado
Curriculo atualizado
 
Blended learning
Blended learningBlended learning
Blended learning
 
me
meme
me
 
Giver (archetypes)
Giver (archetypes)Giver (archetypes)
Giver (archetypes)
 
The Multi-barrier Approach to Address Water Quality and Disease Prevention
The Multi-barrier Approach to Address Water Quality and Disease PreventionThe Multi-barrier Approach to Address Water Quality and Disease Prevention
The Multi-barrier Approach to Address Water Quality and Disease Prevention
 
01. pengantar-adm-server-3
01. pengantar-adm-server-301. pengantar-adm-server-3
01. pengantar-adm-server-3
 

Semelhante a Home Automation Benchmarking Report

Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 
IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101
April Mardock CISSP
 
Hugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric ImpHugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric Imp
Business of Software Conference
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptxCIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 

Semelhante a Home Automation Benchmarking Report (20)

WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
 
Myles firewalls
Myles firewallsMyles firewalls
Myles firewalls
 
IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101
 
Hugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric ImpHugo Fiennes - Security and the IoT - Electric Imp
Hugo Fiennes - Security and the IoT - Electric Imp
 
Recover Multi-Vendor Network Infrastructure in minutes
Recover Multi-Vendor Network Infrastructure in minutesRecover Multi-Vendor Network Infrastructure in minutes
Recover Multi-Vendor Network Infrastructure in minutes
 
Zero Trust for Private 5G and Edge
Zero Trust for Private 5G and EdgeZero Trust for Private 5G and Edge
Zero Trust for Private 5G and Edge
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
6-IoT protocol.pptx
6-IoT protocol.pptx6-IoT protocol.pptx
6-IoT protocol.pptx
 
HOME AUTOMATION USING INTERNET OF THINGS.pptx
HOME AUTOMATION USING INTERNET OF THINGS.pptxHOME AUTOMATION USING INTERNET OF THINGS.pptx
HOME AUTOMATION USING INTERNET OF THINGS.pptx
 
Home automation in kerala ,home automation in calicut , home automation
Home automation in kerala ,home automation in calicut , home automation Home automation in kerala ,home automation in calicut , home automation
Home automation in kerala ,home automation in calicut , home automation
 
Secure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, EnglishSecure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, English
 
Essential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access SecurityEssential Layers of IBM i Security: System-Access Security
Essential Layers of IBM i Security: System-Access Security
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptxCIRA Labs - Secure Home Gateway Project 2019-03.pptx
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Power Grid Communications & Control Systems
Power Grid Communications & Control SystemsPower Grid Communications & Control Systems
Power Grid Communications & Control Systems
 

Mais de Synack

DEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke ItDEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
Synack
 
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
Synack
 
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
Synack
 
Black Hat '15: Writing Bad @$$ Malware for OS X
Black Hat '15: Writing Bad @$$ Malware for OS XBlack Hat '15: Writing Bad @$$ Malware for OS X
Black Hat '15: Writing Bad @$$ Malware for OS X
Synack
 
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
Synack
 

Mais de Synack (12)

Synack cirtical infrasructure webinar
Synack cirtical infrasructure webinarSynack cirtical infrasructure webinar
Synack cirtical infrasructure webinar
 
OS X Malware: Let's Play Doctor
OS X Malware: Let's Play DoctorOS X Malware: Let's Play Doctor
OS X Malware: Let's Play Doctor
 
RSA OSX Malware
RSA OSX MalwareRSA OSX Malware
RSA OSX Malware
 
Gatekeeper Exposed
Gatekeeper ExposedGatekeeper Exposed
Gatekeeper Exposed
 
Virus Bulletin 2015: Exposing Gatekeeper
Virus Bulletin 2015: Exposing GatekeeperVirus Bulletin 2015: Exposing Gatekeeper
Virus Bulletin 2015: Exposing Gatekeeper
 
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke ItDEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
 
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
DEF CON 23: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex ...
 
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
DEF CON 23: 'DLL Hijacking' on OS X? #@%& Yeah!
 
Black Hat '15: Writing Bad @$$ Malware for OS X
Black Hat '15: Writing Bad @$$ Malware for OS XBlack Hat '15: Writing Bad @$$ Malware for OS X
Black Hat '15: Writing Bad @$$ Malware for OS X
 
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
Black Hat '15: Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simpl...
 
DLL Hijacking on OS X
DLL Hijacking on OS XDLL Hijacking on OS X
DLL Hijacking on OS X
 
Synack at ShmooCon 2015
Synack at ShmooCon 2015Synack at ShmooCon 2015
Synack at ShmooCon 2015
 

Último

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Último (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Home Automation Benchmarking Report

  • 2. Project Scope Cameras Thermostats Smoke / CO Home Automation Controllers Dlink DCS-2132L Ecobee First Alert SC9120B Control4 HC-250 Dropcam Pro Hive Kidde i2010S Lowes Iris Foscam FI9826W Honeywell Lyric Nest Protect Revolv Simplicam Nest Thermostat SmartThings Withings Baby Monitor
  • 3. Cameras • All communications encrypted • No public services • Automatic firmware updates • No default credentials • Hardwired connection available • Public firmware is encrypted to some extent • Credential change required on first boot • Encrypted automatic updates • Lost communications alerting • Automatic firmware updates • No hardwired connection • No SSL pinning in mobile app • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Publicly available firmware • Maximum 12 character passwords • Communications default to unencrypted • Obfuscates, rather than secures data in transit • Weak password policy • No certificate validation • Multiple communications are unencrypted • Credentials easily pulled from backups • Hard-coded shared password • Considerable network footprint BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  • 4. Thermostats • All communications encrypted • Automatic firmware updates • Proper SSL usage / encrypted traffic • Public firmware is encrypted to some extent • Credential change required on first boot • Built on widely used platform • Automatic firmware updates • Encrypted communication • Weak password policy • Weak password policy • Easily guessable configuration token used • Lack of SSL pinning in mobile app • Insecure initial configuration • History of vulnerabilities across product lines • Not all traffic is encrypted • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  • 5. Smoke and CO Detectors • Audible power loss notification • Encrypted network communication • Difficult to tamper with • Impossible to remotely hack, because it lacks connectivity • Impossible to remotely hack, because it lacks connectivity • Weak password policy • Custom configuration protocol / short pairing codes • Not applicable because this is not a “smart” device • Not applicable because this is not a “smart” device BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  • 6. Home Automation Controllers • Encrypted communications • Strong pairing mechanics • Encrypted communications • Notified if goes offline • Strong password policy • Encrypted communications • Automatic firmware updates • Unsigned firmware • Custom remote management feature • Open ports • Hardcoded API keys • Weak password policy • Exposed telnet service • History of unpatched security issues • Built-in unauthenticated remote management feature • Moderate password policy BEST PRODUCT QUALITIES WORST PRODUCT QUALITIES *The qualities outlined for each product are a result of individual product analysis conducted in isolation from other products examined in this research.
  • 7. Takeaways • Overall, IoT security is poor, with cameras scoring the lowest • With few exceptions, Nest leads the industry in security practices • A sinking tide incident will likely hit home automation • The industry needs some basic standards to set the bar
  • 8. Areas to Watch Wi-Fi Jamming • With few exceptions, all Wi-Fi devices are susceptible to jamming • Diversification of used spectrum (2.5Ghz + 5 Ghz, etc.) reduces risk • Hardwired Ethernet options also reduce the risk • Jamming/network down incidents should result in a proactive alert to the user Password strength, Reuse, and Attack Resistance • Basic Password strength requirements should be enforced • Horizontal and vertical password guessing countermeasures should be implemented at application and network layers
  • 9. Areas to Watch Unencrypted and unauthenticated communications • All communications should use bidirectional encryption • Unauthenticated servers, communications and services should not be allowed Misconfiguration of Encryption • Independent encryption architecture reviews should always be performed. There are thousands of ways to get it wrong, and only a handful of ways to get it right • SSL pinning should be used to prevent man-in-the-middle attacks • Certificate validation should always be performed against a 3rd party • Self-signed certificates should never be used