AirBnBeware: Short Term Rentals, Long Term Pwnage

Presented at Black Hat USA 2016, Aug. 4, 2016, 12:10 p.m. (50 minutes).

What's scarier, letting HD Moore rent your house and use your home network for day or being the very next renter that uses that network? With the colossal growth of the vacation rental market over the last five years (AirBnb, HomeAway), travellers are now more vulnerable than ever to network based attacks targeted at stealing personal information or outright pwnage. In 2006, the security industry desperately warned of the dangers of using public Wi-Fi at coffee shops. In 2010, we reshaped the conversation around the frightful security of Internet provided at hotels. And now, in 2016, we will start a new battle cry against the abysmal state of network security enabled by short term rentals. Both renters and property owners have a serious stake in this game. Whether you're renting a room in a foreign city to attend a conference or you're profiting off of your own empty domicile, serious risks abound: MitM traffic hi-jacking, accessing illegal content, device exploitation, and more. Common attacks and their corresponding defenses (conventional or otherwise) will be discussed, with a strong emphasis on practicality and simplicity. This talk will contain demos of attacks, introduce atypical hardware for defense, and encourage audience participation.


Presenters:

  • Jeremy Galloway - Atlassian
    Jeremy Galloway has been active in the security scene since 2002, focusing on dark corners of the internet, network security, hacktivism, penetration testing, intelligence gathering, privacy technologies, and hacker anthropology. When he's not making artisanal hacks or dreaming in 7-bit ASCII, his time is spent cycling, hiking, meditating, making street art, and studying various branches of science, philosophy, and psychology. Although he aims to protect the internet at large, his dream is to become Beyoncé's personal cyber-bodyguard. Jeremy is a proud member of both the Electronic Frontier Foundation and The Satanic Temple.

Links:

Similar Presentations: