All times are in Pacific Daylight Time (UTC-0700).

  • Track: B: Friday 10/11 @ 1400-1450 PDT
  • Video

Every day we hear about weak security of IoT devices, about vendors that don’t take security seriously and how using and not changing default passwords could lead to a leak of important and personal data. GPS trackers made with a default password and predictable serial numbers allow full control of the tracker and leak the user’s position. Due to heavy white labeling and use of the same cloud infrastructure the scale of the problem is huge. I’m going to show and discuss where the weaknesses are, what models and APIs are affected and how they can be exploited. Live demo included. The talk is by itself also a comprehensive guide on analyzing IoT device security, spanning from Android app to HW.

Currently security researcher at Avast. I lead research across various disciplines such as dynamic binary translation, hardware-assisted virtualization, IoT, firmware vulnerabilities and malware analysis. I’m devoted to technology and I’m a true software and hardware reverse engineer, game programmer, tinkerer, AI and IoT mantras practitioner with deep knowledge of OS, CPU...

Read More

twitter @thinkcz

© 2023 ShellCon