IoT

326 Articles

Half Baked IoT Stove Could Be Used As A Remote Controlled Arson Device

April 20, 2017 by 37 Comments

[Pen Test Partners] have found some really scary vulnerabilities in AGA range cookers. They are connected by SMS by which a mobile app sends an unauthenticated SMS to the AGA to give it commands for instance preheat the oven, You can also just tell your AGA to turn everything on at once.

The problem is with the web interface; it allows an attacker to check if a user’s cell phone is already registered, allowing for a slow but effective enumeration attack. Once the attacker finds a registered device, all they need to do is send an SMS, as messages are not authenticated by the cooker, neither is the SIM card set up to send the messages validated when registered.

This is quite disturbing, What if someone left a tea towel on the hob or some other flammable material before leaving for work, only to come back to a pile of ashes?  This is a six-gazillion BTU stove and oven, after all. It just seems the more connected we are in this digital age the more we end up vulnerable to attacks, companies seem too busy trying to push their products out the door to do simple security checks.

Before disclosing the vulnerability, [Pen Test Partners] tried to contact AGA through Twitter and ended up being blocked. They phoned around trying to get in contact with someone who even knew what IoT or security meant. This took some time but finally they managed to get through to someone from the technical support. Hopefully AGA will roll out some updates soon. The company’s reluctance to do something about this security issue does highlight how sometimes disclosure may not be enough.

[Via Pen Test Partners]

A Smart Switch Board For The ESP8266

April 17, 2017 by 20 Comments

With a plethora of IoT projects and inexpensive commercial smart light fittings and mains switches appearing, you might be forgiven for thinking that another offering in this crowded marketplace would be superfluous. But there is always room for improvement in any field, and in this particular one [Xose Pérez] has done just that with his Espurna board.

This board is a very well executed ESP8266 mains relay, with an on-board mains power supply and power monitoring. It was designed with his Espurna (“Spark” in Catalan) custom firmware in mind, which offers support for Alexa, Domoticz, Home Assistant and anything that supports MQTT or HTTP REST APIs.

Best of all, it’s a piece of open source hardware, so you can download everything you need from his GitHub repository to create your own. For the ultimate in convenience you can even order the PCB ready-made from OSH Park.

As a demonstration of the Espurna board in a real application, he’s produced a smart socket project neatly enclosed in a wall-wart style box with an inbuilt Euro style plug and socket.

We’ve featured [Xose]’s work several times before here at Hackaday, he’s something of an IoT wizard. Most recently there was his work with Alexa and the ESP8266, but before that was his MQTT LED array for his laundry monitor.

Hackaday Prize Entry: Another Internet Button

April 17, 2017 by 7 Comments

It’s long been a staple of future-gazing, the idea that we will reach a moment at which all of life’s comforts can be summoned at the press of a button. Through the magic of technology, that is, without the army of human servants with which wealthy Victorians surrounded themselves to achieve the same aim.

Of course, to reach this button-pressing Nirvana, someone has to make the buttons. There are plenty of contenders for the prize of One Button To Rule Them All, the one we’ll probably have seen the most of is Amazon’s Dash. Today though we’re bringing you another possibility. [Hendra Kusumah]’s A.I.B. (Another IoT Button) is as its name suggests, a button connected to the Internet. More specifically it’s a button that connects to IFTTT and allows you to trigger your action from there.

Hardware wise, it couldn’t be simpler. A button, a Particle Photon, some wires, and a resistor. Then install the code on the board, and away you go. With a small code change, it also works with an ESP8266. That’s it, it couldn’t be simpler. You might ask where the fun in that lies, but you’d be missing the point. It’s the event that you trigger using the button that matters, so why make creating the button a chore?

We’ve shown you many IoT buttons, just a couple of posts are this ESP8266 button and a look at  the second-generation Amazon Dash.

The HackadayPrize2017 is Sponsored by:

BrickerBot Takes Down Your IoT Devices Permanently

April 8, 2017 by 69 Comments

There is a new class of virii in town, specifically targeting Internet of Things (IoT) devices. BrickerBot and its variants do exactly as their name says, turning your smart devices into bricks. Someone out there has gotten tired of all the IoT security flaws and has undertaken extreme (and illegal) measures to fix the problem. Some of the early reports have come in from a security company called Radware, who isolated two variants of the virii in their honeypots.

In a nutshell, BrickerBot gains access to insecure Linux-based systems by using brute force. It tries to telnet in using common default root username/password pairs. Once inside it uses shell commands (often provided by BusyBox) to write random data to any mounted drives. It’s as easy as

dd if=/dev/urandom of=/dev/sda1

With the secondary storage wiped, the device is effectively useless. There is already a name for this: a Permanent Denial-of-Service (PDoS) attack.

Now any card carrying Hackaday reader will know that a system taken down like this can be recovered by re-flashing through USB, JTAG, SD, other methods. However, we’re not BrickerBot’s intended audience. We’ve all changed our devices default passwords, right? RIGHT?

For more IoT security, check out Elliot’s excellent article about botnets earlier this year, and its follow-up.

IOT Startup Bricks Customers Garage Door Intentionally

April 5, 2017 by 202 Comments

Internet of Things startup Garadget remotely bricked an unhappy customer’s WiFi garage door for giving a bad Amazon review and being rude to company reps. Garadget device owner [Robert Martin] found out the hard way how quickly the device can turn a door into a wall. After leaving a negative Amazon review, and starting a thread on Garadget’s support forum complaining the device didn’t work with his iPhone, Martin was banned from the forum until December 27, 2019 for his choice of words and was told his comments and bad Amazon review had convinced Garadget staff to ban his device from their servers.

The response was not what you would expect a community-funded startup. “Technically there is no bricking, though,” the rep replied. “No changes are made to the hardware or the firmware of the device, just denied use of company servers.” Tell that to [Robert] who can’t get into his garage.

This caused some discontent amoung other customers wondering if it was just a matter of time before more paying customers are subjected to this outlandish treatment. The Register asked Garadget’s founder [Denis Grisak] about the situation, his response is quoted below.

 It was a Bad PR Move, Martin has now had his server connection restored, and the IOT upstart has posted a public statement on the matter.– Garadget

This whole debacle brings us to the conclusion that the IoT boom has a lot of issues ahead that need to be straightened out especially when it comes to ethics and security. It’s bad enough to have to deal with the vagaries of IoT Security and companies who shut down their products because they’re just not making enough money. Now we have to worry about using “cloud” services because the people who own the little fluffy computers could just be jerks.

2017: The Year Of The Dishwasher Security Patch

March 28, 2017 by 101 Comments

As if Windows Update wasn’t bad enough, one has to deal with a plethora of attention-hungry programs and utilities all begging for a continual stream of patches from the Internet. It’s exhausting, but unfortunately also par for the course. Many of these updates are to close security vulnerabilities that could otherwise expose your computer to undesirables. The Internet of Things will only expand the amount of hardware and software you need to keep updated and protected on a daily basis. Now, it’s your dishwasher that’s under attack.

The Register reports that Jens Regel discovered the bug in a Miele dishwasher with a webserver. It’s a basic directory traversal attack that can net the intruder the shadow password file. Armed with this, it’s simple to take over the embedded Linux system and wreak havoc on your local network.

It’s not particularly surprising – we’ve talked about IoT security and its pitfalls before. The problem is, a dishwasher is not a computer. Unlike Microsoft, or Google, or even the people behind VLC, Miele don’t have infrastructure in place to push out an update to dishwashers worldwide. This means that as it stands, your only real solutions are to either disconnect the dishwasher from your network, or lock it behind a highly restrictive firewall. Both are likely to impede functionality. Of course, as always, many will ask why a dishwasher needs to be connected to the Internet at all. Why indeed.

Hacked IoT Switch Gains I2C Super Powers

March 27, 2017 by 50 Comments

Economies of scale and mass production bring us tons of stuff for not much money. And sometimes, that stuff is hackable. Case in point: the $5 Sonoff WiFi Smart Switch has an ESP8266 inside but the firmware isn’t very flexible. The device is equipped with the bare minimum 1 MB of SPI flash memory. Even worse, it doesn’t have the I2C ports extra pins exposed so that you can’t just connect up your own sensors and make them much more than just a switch. But that’s why we have soldering irons, right?

Continue reading “Hacked IoT Switch Gains I2C Super Powers”