Iot devices are easy to hack and here is why...

By -

Today we are living in internet age and many things are already connected and many are waiting to be...

Market is flooded with cheap iot devices like smart speaker smart watches etc. Yes they are very portable and useful but as we know "great power comes with great responsibility"

And it's the manufacturer whose responsibility is to make sure that their product is secure enough but here is the things get worse...

Companies are competing with each-other to launch so many smart devices at affordable prices And make them susceptible to bugs, because now their engineering department work on multiple projects, and it leads to human error, in the worst scenario their product may have vulnerabilities.

Hackers love vulnerabilities, and on the top of that those devices often doesn't come with a fast processor so forget about Encryption...

Those iot device's os coded in C/C++ or ASM language which are extremely efficient but they let the code security responsibility to devloper.

And because of cheap low spec hardware they often don't have exploit mitigations like ASLR, DEP, CANARY because these mitigations requires fast processor and meaningless in such short address space, so hackers don't need to bypass any filters.

So make code bug-free is our last hope but those overworked engineers often do mistakes and intentionally or unintentionally end product are easier to hack than regular pc or smartphone.

Here i can say only purchase a well reputed company's smart devices because they test their device very extensively so there will be less chance to be prone to hack.


Hi, i am Gautam kumar. I am computer science and engineering graduate, i work in security field. I love computer science. That means each and every subdomain like hacking programming i love that stuff.

Comments

Post a Comment

Popular posts from this blog

Programming languages required for Hacking

By -
Image
Many people find it very confusing to choose which programming language to learn for Hacking, Always remember "you can't hack the system that you don't know how it's built"... But it's not that confusing if you understand what ethical hacking actually is... Means if you wanna find vulnerabilities in a target system, first you have to understand how it's built or working, for that you should know the language in which it's coded, Otherwise you won't be succeed. Like if you only know C/C++ and Assembly then you can't hack a webapps. And also if you only know PHP or JavaScript then you can't hack kernel or application. My recommendation is learn atleast one scripting language like Python3 or perl or Bash... but don't stop here because they only help you in scripting not in finding vulnerabilities. So here is my recommendation... For system or application software hacking "C/C++, ASM (x86-64 and ARM), python3, (java is plus point but n
Read more

Is it really that easy to hack iphone 13?

By -
Image
Recently we were witness of hacking the iphone 13 running ios 15 fully updated at tianfu hacking contest (china). The Chinese version of the Pwn2own  hacking competition called Tianfu Cup took place from 16 to 17 oct. 2021 in Chengdu, China. Windows 10, ios 15, Ubuntu, Chrome and many apps or system's security were broken at that contest. One of exploits demonstrated got attention alot, it was  0 click Remote code execution exploit against fully patched iphone. And it was narrated by media as anyone can hack your iphone within 15 seconds which is bad thing. First of all: An actual devlopment of exploit script from finding a loophole to creatively bypassing all mitigation. It definitely took months of hard work from reading binaries to thinking out of the box. And don't forget that they were lucky to find any loophole in security otherwise they couldn't even start. And all that they showed was the execution of that exploit script executing their creative plan that hacked iph
Read more