4 Horsemen of the Apocalypse
IoT
1 of 65535
TL;DR
Security
- Because there isn't much.
famine
- Implementing your own "standards" is not cool
(Telegram)
- same amount of things as a Linux phone, but on an Arduino
- niche tools are not advised
(ESP8266)
Ask me for a handout
Homeland s02e10
FitBit
Jeep
Mr Robot s01e05
There is a search engine dedicated to finding insecure devices
Access
- Local Network
- additional crypto layer
- resetting network settings
- new device setup
- Physical
- jtag/swd lock
- trusted boot
- device phishing
- Remote
- device to cloud
- cloud to app
- bad cloud
- Chip level
- Semi invasive
- Fully invasive
Resources
- Building secure connected devices 1 & 2
- Samy Kamkar
- Joel Sandin's ESP8266 slidedeck
- DEFCON
Hardware
- Dying because software is eating the world
- Number of mergers
- More standardisation
death
NOTE: The Arnold T-800 never connected to the Internet because Skynet was cloud hosted. Connor reprogrammed a captured T-800. So the new firmware didn't connect to the Internet because that's how (probably) Connor got access in the first place.
WiFi
BLE
GSM
and others
Cheap processors
Cheaper controllers
- No apt-get for you
- What are these datasheets that you speak of ?
- Power hogs
- Need a bunch of other stuff
Cloud
war
starring
Amazon, Microsoft, Google, IBM
and others waiting to be acquired
Congratulations on selling your hardware !
You have to now manage the devices !
ReST
MQTT
CoAP, AMQP
MQTT
- History
- Why lightweight?
- How lightweight?
Eclipse IoT
- Hawkbit
- Hono
- and many more
Data
conquest
- Business cases like these never existed - foursquare predicts quarterly results
- Applications are like fish, data is like wine - James Governor
Data is the new oil"
-Mukesh Ambani
Aadhar
- You can reset passwords,
can you reset fingerprints? - LoveVivah, Skype tie up with
UIDAI - Aadhar mandatory for Income Tax
Reliance Jio crosses 100 million users
Do we own our data?
Judge asks Google search history of entire town
Murder investigation requires Amazon to release Alexa data
Solid
Data and content are decoupled
Bitcoin
- No central authority,
no middle men
@anujdeshpandey
anuj@makerville.io
Cheers !
4 Horsemen of the IoT
By anujdeshpande
