Breaking the security of physical devices
In this podcast recorded at Black Hat USA 2014, Silvio Cesare, Director of Anti-Malware Engineering at Qualys, discusses the security measures of a number of household devices and things.
His analysis involved not only mathematics and software defined radio, but the building of a button pushing robot to press the keyless entry to capture data sets that enable the mathematical analysis.
Software defined radio is not only used in the kelyess entry attack, but in simple eavesdropping attacks against 40mhz analog baby monitors. But that’s an easy attack. A more concerning set of attacks are against home alarm systems. Practically all home alarm systems that had an RF remote to enable and disable the system were shown to used fixed codes. This meant that a replay attack could disable the alarm.
Silvio Cesare is a researcher, writer, and presenter in industry and academia. He holds a Doctorate from Deakin University in Australia. At Qualys he’s developing next-generation malware protection based on his University research. He has a Bachelor of Information Technology and a Master of Informatics by research from CQUniversity where he was awarded with two academic prizes during his undergraduate degree, a University Postgraduate Research Award full scholarship during his Masters degree and an award for the highest achieving PhD student during his candidature.