Home >

Live Hack: Demonstrating Common IoT Security Weaknesses

Joe Hopper- Watch Now - Duration: 31:19

Live Hack: Demonstrating Common IoT Security Weaknesses
Joe Hopper

How would hackers attack your IoT device? Joe Hopper, Principal Security Consultant at Fracture Labs, will demonstrate several complex hacks against off-the-shelf IoT devices to shed light on the design and implementation weaknesses seen across the industry. He will walk through common attacks such as: finding and connecting to hidden serial consoles, boot process hijacking, memory analysis, firmware extraction, password cracking, and more to gain unauthorized access to IoT devices and customer information.

By using the same approach hackers use against your devices, you will walk away with a better understanding of where and how you need to tighten security controls.

italicssurround text with
boldsurround text with
**two asterisks**
or just a bare URL
surround text with
strikethroughsurround text with
~~two tilde characters~~
prefix with

Score: 0 | 6 months ago | no reply

That was a very compelling demo Joe. A real eye opener. You certainly have an interesting set of tools to analyze a binary image. Sure drives home the point of how important it is to reduce the attack surface. I was impressed at how easy it was for you to get the OS to execute a command using the web interface for the camera and how telnet could be setup to execute without credentials so easily.

Score: 0 | 6 months ago | 1 reply

Great demonstration. I am a firm believer in 'defense in depth'.

Score: 0 | 6 months ago | no reply

Thanks, I appreciate that. Keep preaching that defense in depth! It's hard to get everything right all the time, so defense in depth is a great way to protect your systems even when some controls fail!

Score: 0 | 7 months ago | 1 reply

From a non hacker point of view it surprises me how "easy" it seems to be able to compromise a system.
Thanks for the demo Joe.

Score: 0 | 7 months ago | no reply

Thanks, Leroy - I'm glad you enjoyed it. Unfortunately, it often is that easy to compromise a system, which is why I want to educate more engineers and challenge them to harden their systems further!