Presented at
Black Hat Europe 2014,
Oct. 16, 2014, 11:45 a.m.
(60 minutes).
We all know that connected devices are uprising, and this enables more overall control over them. But what happens when that control is used against you? How can a device, which is supposed to make your life easier, be used against you? Does it really mean, when you read "AES, Triple DES, RSA, etc..." in a device specification, that it is really secure?
We will talk about a device that is present in all houses, a smart power meter. This model is being installed in all houses and buildings, and it's already present in the 65% of the "paella" country. We will show the process necessary to rip off any device, taking the meter as "demo hardware," and the possibilities that this procedure could bring, including firmware and hardware reverse engineering.
As a small preview, these smart meters are capable of cutting down the power supply by receiving remote commands. Oh, and by default, they are not able to "talk" between them.
Presenters:
-
Alberto GarcĂa Illera
as Alberto Garcia Illera
Alberto Garcia Illera (@algillera) is passionate about hacking and social engineering. Alberto studied mathematics and computer systems in Spain and has spent the past several years working as a professional penetration tester. Alberto has presented at several seminars where he has helped teach hacking techniques to large companies such as Microsoft, the Spanish government, and the cyberterrorism Spanish police department. At DEF CON 20 in Las Vegas, Alberto has presented a talk titled "How to hack all the transport networks of a country" that had a great repercussion. He has also spoken at ZeroNights in Moscow, Black Hat in Abu Dhabi, Infiltrate in Miami, DEF CON21 and Black Hat Arsenal in Vegas.
-
Javier Vazquez Vidal
- Honey Badger
Javier is passionate about technology and specializes in hardware and embedded systems security. He studied Electromechanics and Telecommunications, developing a passion for electronics and technology since his youth.
He has been part of several projects that involved well known hardware, but his first public work was released on Black Hat Arsenal USA 2013, the ECU tool. He also presented the CHT at Black Hat Asia 2014, a tool to take over the CAN network.
He is currently working as Security Consultant for CarIT, and has worked for companies such as Airbus Military and Visteon.
Links:
Similar Presentations: