Embedded devices often serve as an entry point for an attack on a private or corporate network. The infamous attack on HackingTeam, for example, followed exactly this path as was revealed here. Although the attack may have been for the greater good (refer also to this great keynote), such incidents demonstrate that it is important to properly secure your embedded devices. In a recent blog post, Niklaus presented how he analyzed the security posture of a MAX! Cube LAN Gateway. Moreover, Brian reported a few weeks ago on the security posture of IoT devices (and in particular on one of his cameras). With this post I would like to share my experiences with analyzing another embedded device: the IC-3116W IP camera by Edimax. Continue reading “Setting up a Research Environment for IP Cameras”
Last month the annual USENIX Security Symposium with its co-located workshops (WOOT, CSET, FOCI, ASE, and HotSec) was held in Austin, Texas. The program of the conference together with the published papers can be found here and information on the workshops can be found here.
The research topics were quite diverse and included subjects such as low-level attacks, cryptographic attacks, and vehicle attacks. To give you an impression on the research that has been presented at the conference, let us discuss some of the talks in the following:
Recently I had the pleasure to attend the 24th USENIX Security Symposium and its co-located Workshop on Offensive Technologies (WOOT) in Washington, D.C. The workshop has received quite some attention this year, 57 submissions of which 19 have been accepted, so that the organizers decided to double its length from one to two days. Continue reading “24th USENIX Security Symposium & WOOT Workshop”