Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts

(ebook) (audiobook) (audiobook)

Autor:: Nitesh Dhanjani

Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts Nitesh Dhanjani - okładka ebooka

Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts Nitesh Dhanjani - okładka audiobooka MP3

Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts Nitesh Dhanjani - okładka audiobooks CD

Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 296
Dostępne formaty:: ePub

Mobi

+160 pkt

Ebook (152,15 zł najniższa cena z 30 dni)

~~189,00 zł~~ (-15%)
160,65 zł

Dodaj do koszyka lub Kup na prezent
Kup 1-kliknięciem

( 152,15 zł najniższa cena z 30 dni)

Przenieś na półkę

Do przechowalni

This book is a marvellous thing: an important intervention in the policy debate about information security and a practical text for people trying to improve the situation.

— Cory Doctorow

author, co-editor of Boing Boing

A future with billions of connected "things" includes monumental security concerns. This practical book explores how malicious attackers can abuse popular IoT-based devices, including wireless LED lightbulbs, electronic door locks, baby monitors, smart TVs, and connected cars.

If you’re part of a team creating applications for Internet-connected devices, this guide will help you explore security solutions. You’ll not only learn how to uncover vulnerabilities in existing IoT devices, but also gain deeper insight into an attacker’s tactics.

Analyze the design, architecture, and security issues of wireless lighting systems
Understand how to breach electronic door locks and their wireless mechanisms
Examine security design flaws in remote-controlled baby monitors
Evaluate the security design of a suite of IoT-connected home products
Scrutinize security vulnerabilities in smart TVs
Explore research into security weaknesses in smart cars
Delve into prototyping techniques that address security in initial designs
Learn plausible attacks scenarios based on how people will likely use IoT devices

Wybrane bestsellery

Ebooka "Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolnych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts" zobaczysz:

Oceny i opinie klientów: Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts Nitesh Dhanjani (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły ebooka

ISBN Ebooka:: 978-14-919-0292-9, 9781491902929
Data wydania ebooka:: 2015-08-13 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: angielski
Rozmiar pliku ePub:: 39.0MB
Rozmiar pliku Mobi:: 74.1MB

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Hacking

Informatyka » Hacking » Bezpieczeństwo systemów

Informatyka » Hacking » Bezpieczeństwo WWW

Informatyka » Hacking » Bezpieczeństwo sieci

Spis treści ebooka

Foreword
Preface
- Who This Book Is For
- How to Use This Book
- Conventions Used in This Book
- Using Code Examples
- Safari Books Online
- How to Contact Us
- Acknowledgments
1. Lights OutHacking Wireless Lightbulbs to Cause Sustained Blackouts
- Why hue?
- Controlling Lights via the Website Interface
  - Information Leakage
  - Drive-by Blackouts
  - Weak Password Complexity and Password Leaks
- Controlling Lights Using the iOS App
  - Stealing the Token from a Mobile Device
  - Malware Can Cause Perpetual Blackouts
- Changing Lightbulb State
- If This Then That (IFTTT)
- Conclusion
2. Electronic Lock PickingAbusing Door Locks to Compromise Physical Security
- Hotel Door Locks and Magnetic Stripes
  - The Onity Door Lock
  - The Magnetic Stripe
  - The Programming Port
  - Security Issues
    - Microcontroller vulnerability
    - Master keycode in lock memory
    - Unencrypted spare cards
  - Vendor Response
- The Case of Z-Wave-Enabled Door Locks
  - Z-Wave Protocol and Implementation Analysis
  - Exploiting Key-Exchange Vulnerability
- Bluetooth Low Energy and Unlocking via Mobile Apps
  - Understanding Weaknesses in BLE and Using Packet-Capture Tools
  - Kevo Mobile App Insecurities
- Conclusion
3. Assaulting the Radio NurseBreaching Baby Monitors and One Other Thing
- The Foscam Incident
  - Foscam Vulnerabilities Exposed by Researchers
  - Using Shodan to Find Baby Monitors Exposed on the Internet
  - Exploiting Default Credentials
  - Exploiting Dynamic DNS
  - The Foscam Saga Continues
- The Belkin WeMo Baby Monitor
  - Bad Security by Design
  - Malware Gone Wild
- Some Things Never Change: The WeMo Switch
- Conclusion
4. Blurred LinesWhen the Physical Space Meets the Virtual Space
- SmartThings
  - Hijacking Credentials
    - Single-factor authentication
    - Clear-text password reset link
  - Abusing the Physical Graph
  - SmartThings SSL Certificate Validation Vulnerability
- Interoperability with Insecurity Leads toInsecurity
  - SmartThings and hue Lighting
  - SmartThings and the WeMo Switch
- Conclusion
5. The Idiot BoxAttacking Smart Televisions
- The TOCTTOU Attack
  - The Samsung LExxB650 Series
  - The Exploit
- You Call That Encryption?
  - Understanding XOR
  - I call it Encraption
- Understanding and Exploiting the App World
  - Decrypting Firmware
  - Cursory Exploration of the Operating System
  - Remotely Exploiting a Samsung Smart TV
- Inspecting Your Own Smart TV (and Other IoT Devices)
  - Say Hello to the WiFi Pineapple Mark V
  - Capturing credentials and stripping TLS
- Conclusion
6. Connected Car Security AnalysisFrom Gas to Fully Electric
- The Tire Pressure Monitoring System (TPMS)
  - Reversing TPMS Communication
  - Eavesdropping and Privacy Implications
  - Spoofing Alerts
- Exploiting Wireless Connectivity
  - Injecting CAN Data
  - Bluetooth Vulnerabilities
  - Vulnerabilities in Telematics
  - Significant Attack Surface
- The Tesla Model S
  - Locate and Steal a Tesla the Old-Fashioned Way
  - Social Engineering Tesla Employees and the Quest for Location Privacy
  - Handing Out Keys to Strangers
  - Or Just Borrow Someones Phone
  - Additional Information and Potential Low-Hanging Fruit
  - AutoPilot and the Autonomous Car
- Conclusion
7. Secure PrototypinglittleBits and cloudBit
- Introducing the cloudBit Starter Kit
  - Setting Up the cloudBit
  - Designing the SMS Doorbell
  - Oops, We Forgot the Button!
- Security Evaluation
  - WiFi Insecurity, Albeit Brief
  - Sneaking in Command Execution
  - One Token to Rule them All
  - Beware of Hardware Debug Interfaces
- Abuse Cases in the Context of Threat Agents
  - Nation-States, Including the NSA
  - Terrorists
  - Criminal Organizations
  - Disgruntled or Nosy Employees
  - Hacktivists
  - Vandals
  - Cyberbullies
  - Predators
- Bug Bounty Programs
- Conclusion
8. Securely Enabling Our FutureA Conversation on Upcoming Attack Vectors
- The Thingbots Have Arrived
- The Rise of the Drones
- Cross-Device Attacks
- Hearing Voices
- IoT Cloud Infrastructure Attacks
- Backdoors
- The Lurking Heartbleed
- Diluting the Medical Record
- The Data Tsunami
- Targeting Smart Cities
- Interspace Communication Will Be a Ripe Target
- The Dangers of Superintelligence
- Conclusion
9. Two ScenariosIntentions and Outcomes
- The Cost of a Free Beverage
  - Theres a Party at Ruby Skye
  - Leveraging the BuzzWord
  - The Board Meeting
  - What Went Wrong?
- A Case of Anger, Denial, and Self-Destruction
  - The Benefit of LifeThings
  - Social Engineering Customer Support by Caller ID Spoofing
  - The (In)Secure Token
  - Total Ownership
  - The Demise of LifeThings
- Conclusion
Index

pokaż cały spis treści

Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts

Ebook (152,15 zł najniższa cena z 30 dni)

Najczęściej kupowane razem