Presented at
BSidesLV 2015,
Aug. 5, 2015, 6 p.m.
(60 minutes).
This presentation will discuss the previously-unreleased firmware distribution called "Intentionally Vulnerable WRT (IV-WRT)". IoT, or more accurately embedded device, security is a train wreck. IV-WRT is an attempt at bringing vulnerabilities to light which exist inside of firmware on embedded systems. While IoT encompasses many more technologies, the crux of the issue is the (in)security of the devices themselves. While the vulnerabilities themselves are not unknown, the repercussions of said vulnerabilities on embedded systems are often overlooked, and the risk (or "So What?") is lost. Now you can experience these vulnerabilities for yourself, first hand.
Presenters:
-
Paul Asadoorian
- Founder - Security Weekly
Paul Asadoorian spent time "in the trenches" implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering several freely available shows on the topics of information security and hacking. As Product Evangelist for Tenable Network Security Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul studies Kung Fu (Shaolin Long Fist) and, of course, watches Kung Fu movies.
-
Nick Curran
Nicholas Curran is a security geek, philosophy geek and producer for Paul's Security Weekly. He enjoys poetry, music and tea. Est culus quod cogos alienum loqui latinae which, roughly translated, means "he is a jerk because he makes strangers speak latin.
Links:
Similar Presentations: