搜索
Search
新闻中心
/
/
/
Invade the smart home network, so dark that it makes you doubt the world
Check category

Invade the smart home network, so dark that it makes you doubt the world

  • Categories:Industry News
  • Author:
  • Origin:
  • Time of issue:2017-04-01 08:00
  • Views:

Invade the smart home network, so dark that it makes you doubt the world

(Summary description)"Security comes from trust, and hackers break trust." This is the topic of a speech last Sunday (March 25) by Wang Xin, deputy dean of the Anheng Information Security Research Institute, at the Yundun Prophet White Hat Conference. He tried to analyze the security problems caused by the “excessive trust” of smart homes from the perspective of an attacker. Through a few examples of smart devices being hacked, he let Leifeng.com editors understand a truth-excessive trust in smart homes may really make you hacked to the point where you can't take care of yourself!

  • Categories:Industry News
  • Author:
  • Origin:
  • Time of issue:2017-04-01 08:00
  • Views:
Information

Security, in fact, is sometimes a question of trust.

A girl asked her boyfriend: "Who is that woman in WeChat?" "Din with friends, men and women?" "Why can't you show me your phone?" The boyfriend felt that she was not trusted, and the girl said she was No sense of security. This is the relationship between security and trust.

  Network security is essentially a trust issue. A phishing email defrauded the company's data, a phishing website stolen account passwords, and a fake WiFi hijacked communication traffic. These are all related to the victim's too much trust in the other party and too strong "sense of security".

   "Assuming that all people, equipment, and the environment are untrustworthy", this has actually become a regular concept in network attack and defense. An individual’s “excessive trust” in his surrounding environment may cause himself to be hacked, and the “excessive trust” of a service provider will not only pit himself, but also pit users. Once a smart home provider is hacked, its users may not even be able to take care of themselves.

   "Security comes from trust, and hackers break trust." This is the topic of a speech last Sunday (March 25) by Wang Xin, vice president of the Anheng Information Security Research Institute, at the Yundun Prophet White Hat Conference. He tried to analyze the security problems caused by the “excessive trust” of smart homes from the perspective of an attacker. Through a few examples of smart devices being hacked, he let Leifeng.com editors understand a truth-excessive trust in smart homes may really make you hacked to the point where you can't take care of yourself!

1

  Most of the general smart home devices have such a process

1

 

[Simplified smart device interaction process]

   In the local area network, the smart gateway and the terminal device use Bluetooth, WiFi and other methods for wireless communication. In the same local area network, the mobile phone can directly issue instructions to the smart gateway and then to the terminal device. The relevant information of the terminal device is then transmitted back to the user's mobile phone through the smart gateway for the user to view.

   If it is necessary to remotely control the equipment at home, the smart gateway will use the wireless router to send the data to the cloud, communicate with the mobile phone in the cloud, and then perform the same work flow similar to the above.

   Each link involves the issue of mutual trust, and "excessive trust" may make any link a breach for attackers. Wang Xin explained this point of view through several examples of hacking smart devices at the scene:

  1. Smart home gateway's trust in the cloud

   When a smart gateway needs to upgrade its firmware, the user’s mobile phone will receive an upgrade prompt. As long as the user clicks on the phone to upgrade, the cloud will send an update instruction to the specific smart gateway.

  The problem is that some smart devices and gateways completely trust the cloud IP address, and smart devices do not verify the updated firmware.

1  

 

By observing the control and storage chips of the device, you can understand the chip type. Through the relevant information, you can understand the operating system it uses, the storage path of the firmware and other related information. Then you can compile it according to its operating system, so as to observe the memory partition of the operating system, and understand the length of the memory partition, the startup code, and the codes of various functional areas such as WiFi and music playback.

1

After completing the preliminary preparations, the attacker can do a DNS resolution on the LAN, forge network requests, and flash a firmware with a malicious backdoor into the device. Once the victim's gateway firmware is flashed into the malicious firmware, it is equivalent to a time bomb at home, and the attacker can detonate it at any time.

  2. Smart home's trust in self

   Wang Xin said that when he analyzed another smart gateway, he found that it had opened a port, which was originally intended for technical personnel to debug. Under normal circumstances, many manufacturers will use the same or regular passwords for the convenience of later maintenance.

   So Wang Xin used Binwalk (a firmware analysis tool) to read its memory chip, loaded some content in its file system, and then obtained its password by unpacking and reverse engineering.

  Because the passwords are the same or regular, as long as you get the password of one device, you can log in to all devices of this series of products at will. This is the security problem caused by the manufacturer's excessive trust in self.

  3. The trust of smart home gateway to users

   In addition, Wang Xin also found some practices that lack security considerations: some manufacturers will directly open ssh remote login to users, and then set the ssh password to a unified weak password such as 12345678.

   "Perhaps manufacturers feel that there are more good people than bad people in the world." Wang Xin expressed his helplessness. Because as long as there is a "bad guy", he can

   Use this problem to easily fix other users’ devices.

  4. The trust of smart devices in APP

   Wang Xin introduced an example he saw on the Internet: When a foreign researcher analyzed a drone, he found that the device had opened some ports for interacting with the mobile APP. Then the problem reappeared. The drone over-trusted the mobile APP. By reversing the APP, it was discovered that it had a fixed password hidden in the APP.

  By downgrading the device firmware, the drone can be restored to a firmware version with security issues, so as to successfully obtain the control authority. The most critical problem is that the smart device defaults to the mobile APP to be safe and “too much trust” in the APP.

1

5. The trust of the smart gateway to the smart terminal

   When smart gateways communicate with smart terminal devices, many wireless protocols are used. Among them, ZigBee protocol is widely used due to low cost and low power consumption.

   Wang Xin said that the key to testing ZigBee's security is to find its encryption key. It can usually be acquired through passive and active monitoring during authentication or transmission. Some manufacturers worry about problems in the transmission process, and may set the encryption key when the device leaves the factory. It is also possible to obtain the encryption key by reversing the firmware of the terminal device. In short, for the smart gateway, the terminal device is not necessarily completely trusted.

   In short, smart home security involves a wide range of things. But the issue of "trust" is always the most critical. For security researchers, every link involving "trust" is worth questioning and scrutinizing, because any "excessive trust" may lead to security problems.

1

Keyword:

Welbell | Face recognition temperature measurement terminal, science and technology help prevention and control

Welbell | Face recognition temperature measurement terminal, science and technology help prevention and control

"Face Recognition" Smart Cloud Access Control--Welbell Helps the Construction of Smart Community

"Face Recognition" Smart Cloud Access Control--Welbell Helps the Construction of Smart Community

Welbell attended the 2019 China Security Expo with many smart products

Welbell attended the 2019 China Security Expo with many smart products

这是描述信息

Telephone:0755-86006635
E-mail:sales@welbell.com

Address: High-tech South Seven Road, Science and Technology Park, Nanshan District, Shenzhen Area B, 3rd Floor, Building B2, Technology Park

Copyright: Shenzhen Welbell Intelligent Technology Co., Ltd.    粤ICP备09032168号  Powered by www.300.cn

Shenzhen Laiji Electromechanical Equipment Co., Ltd.