Learn, hack!

URL

http://ftp.ccc.de/events/camp2011/video/cccamp11-4439-maching_to_machine_security-en.mp4

File name

cccamp11-4439-maching_to_machine_security-en.mp4

File size

422.7 MB

MD5

a78183330877d19c0bd78d1902f50f88

SHA1

fe3d23bc248bdfcc55d561bb0c1a0c342aa7724a

Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! Due to the wide availability of broadband internet and mobile communication, the number of embedded systems that come with a network connection is constantly increasing. These devices are ubiquitous and used in a wide range of applications: smart grid, building management, surveillance, traffic control and individual vehicles. Those embedded devices are often poorly secured, if at all. But things get a lot worse: Vendors often don't take into account, that a device might get compromised, thus giving the attacker access to their network. This talk will give an overview over general machine-to-machine (M2M) communications and corresponding attack scenarios. In addition to wired systems, wireless systems will be considered. Of the latter, GSM based systems are the most interesting. Several ways to attack an embedded device, extract secret data and gain network access will be shown. Finally, some good and bad attempts to enhance the security of M2M systems will be presented.