An IoT pressure cooker: What could go wrong!?

Presented at BSides Austin 2017, May 4, 2017, 1 p.m. (60 minutes).

This talk goes through several vulnerabilities found in the instapot IoT Pressure Cooker. The speaker will outline various way an adversary can gain control of the device in a humorous manner.

Presenters:

• Ben Actis
  Based in San Francisco, Ben Actis is currently a Sr. Security Research Engineer/Grand General of GIFs at Synack and moonlights at night as the owner of Cyber Merchants of Death. He specializes in Mobile & IoT Security, as well as reverse engineering. Prior to Synack, Ben worked a combined 6 years at Lookout and MITRE in various roles with focuses on research & response, mobile reverse engineering and network analytics - most famous for his primary research surrounding shedun/humming bad and xcode ghost. Ben has also taught introductory college courses, such as "intro to x86" and "intro to flow analysis" - both available on opensecuritytraining.info. When not reversing or participating in bug bounty programs, you'll find Ben searching for Pokemon, taking Krav Maga, and trolling on Twitter and Slack channels.

Links:

• https://bsidesaustin2017.sched.com/event/AP2H/an-iot-pressure-cooker-what-could-go-wrong

Tags:

• IoT

Similar Presentations:

• Still Hacking Anyway (SHA2017) / An autopsy in the IoT - Nabaztag, the Hare
• Black Hat Europe 2019 / Sneak into Your Room: Security Holes in the Integration and Management of Messaging Protocols on Commercial IoT Clouds
• Diana Initiative 2019 / Working Remote Can Be Overwhelming and Lonely, Let's Change That!