Backdooring the Frontdoor

DEF CON 24

Presented by: Jmaxxz
Date: Sunday August 07, 2016
Time: 13:00 - 13:50
Location: Track Three

As our homes become smarter and more connected we come up with new ways of reasoning about our privacy and security. Vendors promise security, but provide little technical information to back up their claims. Further complicating the matter, many of these devices are closed systems which can be difficult to assess. This talk will explore the validity of claims made by one smart lock manufacturer about the security of their product. The entire solution will be deconstructed and examined all the way from web services to the lock itself. By exploiting multiple vulnerabilities Jmaxxz will demonstrate not only how to backdoor a front door, but also how to utilize these same techniques to protect your privacy.

Jmaxxz

Jmaxxz works as a software engineer for a Fortune 100 company, and is a security researcher for pleasure. His FlashHacker program was featured in Lifehacker's most popular free downloads of 2010. More recently he has contributed to the node_pcap project which allows interfacing with libpcap from node. His other interests include lock picking and taking things apart. Twitter: @jmaxxz


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats