A Crazy Toaster: Can Home Devices Turn Against Us?

Presented at DEF CON 15 (2007), Aug. 4, 2007, 10 a.m. (80 minutes)

Home networking devices, wireless equivalents, hardware and technology raise new privacy and trust issues. Can home devices turn against us and spy on our home network? Do we care if our toaster sees us naked? This talk will cover a scenario of "Crazy Toaster". Trojan device under Vista and XP environment, or software with TCP/IP capabilities like routers, media players or access points, that joins a local area network and thus becoming a security hazard. This "Crazy Toaster" presentation will discuss the steps needed to conduct a Trojan device that exploits users trust in technology. Flaws associated with home networking protocols such as UPnP and SSDP would be presented. The primary goal of the "Crazy Toaster" presentation is to present a new offensive technique by demonstrating the security hazard and design flaws. As home networking becomes more ubiquitous, the scope of this problem becomes worse.


Presenters:

  • Dror Shalev - Security Expert, Check Point Software Technologies
    Dror Shalev is working as a Security Expert for Check Point SmartDefense Research Center, focusing on Browser & Windows Security. He has worked as Senior Security Researcher at finjan.com, Malicious Code Research Center, as well as having found several major security vulnerabilities in various major web mails systems such as Hotmail, Yahoo! Mail, and in Microsoft products. SOC Manager at DATA SEC, developed and designed Internet Security Systems, Conducted penetration tests for e-Banking systems in Europe. CTO & Co-Founder at BmyPC, developed R&D methodology and software for virtual Web desktop service, enabling web devices to receive computing services via the internet. Dror has run a Security Workshop that deals with recent Browser Exploits security & privacy, online threats at http://sec.drorshalev.com.

Links:

Similar Presentations: