Highest Voted 'iot' Questions - IT Security Stack Exchange

0

votes

1 answer

HDMI with Ethernet: Network Security Risk?

I recently found out that HDMI cables (v1.4 and over) have ethernet capabilities for higher res output, so I want to know one thing: Say I have a PC/laptop connected to the internet, and a monitor (not a smart TV) connected to the PC/laptop via an…

asked Jun 09 '21 at 01:10

BBB

1

0

votes

1 answer

Why would device manufacturer refuse to publish root CA that signs devices but provides the CA via support ticket attachment

Background: We got a few new model SIP phones. Each phone has built-in unique certificate issued by the manufacturer. Previous models had certs issued by a different CA and that CA cert was published, so I could verify the phone's identity as it…

certificates certificate-authority risk-analysis iot

asked Jun 02 '21 at 15:15

AnyDev

103
2

0

votes

1 answer

How to distribute bash scripts to multiple IOT devices securely

Here is the dilemma we're having: we developed proprietary bash scripts that do something, which is meant to be secure and closed source. Our customers however will have to buy separate IOT devices and flash our software (i.e. bash scripts) into…

encryption linux software iot

asked Jan 30 '21 at 17:37

AK_

667
4
14

0

votes

2 answers

Are smart plugs safe? (Xiaomi in particular)

Are smart plugs safe, Xiaomi ones in particular (Zigbee and WI-FI versions)? My main concern is that the plug is connected to Mi account and allows remote management. In case hacker gains access, can he reboot it dozens of times per second, so that…

iot vulnerability-assessment

asked Oct 13 '20 at 11:32

Peter

127
7

0

votes

0 answers

How to secure smart home devices?

I'm interested in how I can secure my IoT devices from hackers. Particularly, I have a Xiaomi hub and a range of child devices for it. Also, how to secure devices that communicate using the Zigbee protocol. I'm looking for some advanced tips. I…

iot

asked Sep 26 '20 at 12:00

Peter

127
7

0

votes

0 answers

How to secure an IoT device

Which is the proper way to prevent users to read sensible information stored inside an IoT device (e.g. source code / private keys...)? Fully disk encryption is of course an option, but is it possible to boot the device without asking the user for a…

disk-encryption ubuntu iot

asked Apr 20 '20 at 14:20

Luca

1

0

votes

0 answers

BLE IoT device as platform backdoor for hackers

I have a IoT device that works with BLE and uses a smartphone as a bridge to connect to a digital platform (cloud). The communication between the IoT device and the platform is based in PKI. The IoT device has only few privileges and services to…

bluetooth iot threats cloud-storage

asked Apr 16 '20 at 07:40

LazyTurtle

93
5

0

votes

0 answers

Which kind of attacks could be done on CoAP protocol?

I'm a student and I'm studying the security of the CoAP protocol. So, thinking on the attack-surface my thought was about internal attacks (i.e inside the network) and the external attack (i.e. outside the network). Regarding them, considering the…

attacks iot

asked Apr 06 '20 at 11:58

furgius

1

0

votes

2 answers

Using unencrypted protocols with IoT devices

Old IoT devices and some low-power devices are not capable of doing encryption or use weak encryption methods like TLSv1.0. What could be the risks of using such devices and unencrypted protocols like HTTP?

encryption tls iot

asked Aug 19 '19 at 14:10

Manasés Jesús

111
1
1
3

0

votes

0 answers

Raspberry Pi with LAN, no WAN - Encryption Key Security - Zymbit/Zymkey

I am setting a up a Raspberry Pi that will be portable and often set up in areas without electricity or internet access and with poor cell service. I'd like to encrypt and decrypt data without retrieving keys from another server. The solution I…

key-management hsm iot

asked Apr 12 '19 at 12:53

superkayrad

1
1

0

votes

1 answer

IOT secure data transfer

I have a question about a monitoring software architecture. Think about 50 different locations in different cities. Assume that these locations are small plants. In every location there are approximately 50 devices which produce small amounts of…

encryption tcp hsm iot

asked Oct 16 '18 at 15:06

bilgehanuk

3
2

0

votes

1 answer

Security Advantages of Azure Sphere vs other embedded OS

I know Azure Sphere is new, and to my understanding Microsoft is targeting the embedded IOT market, but how is Azure Sphere more secure than other embedded RTOS systems like VxWorks or Integrity? Don't many of the embedded security measures…

iot embedded-system

asked Apr 25 '18 at 17:48

9Breaker

121
6

0

votes

1 answer

Does LoraWan protocol's Over The Air Activation run Diffie Hellman?

I am looking at the LoraWan protocol specification and I want to capture the over the air activation of a device. So far I have seen the: https://zakelijkforum.kpn.com/lora-forum-16/over-the-air-activation-otaa-8323 As it seems that it is using…

diffie-hellman iot

asked Mar 22 '18 at 22:59

Dimitrios Desyllas

381
1
2
13

0

votes

0 answers

IoT Device user needs to perform task requiring Windows admin privilege

Our IoT device runs only our application and the device users can not launch additional apps. The IoT device users and IoT device admins both run under normal (non-admin) accounts with identical privileges. Device admin users can launch the admin…

windows iot principle-of-least-privilege

asked Mar 09 '18 at 09:38

Ken

1,091
2
6
5

0

votes

1 answer

Is it safe to use an auto pay feature on my smart watch that stores card info?

(So guess what I got for Christmas...) While I do appreciate the tech and some of the features in the smart watch, I am skeptical of it's biggest feature -- the Pay feature which essentially duplicates your credit card's magnetic info and stores it…

pci-dss credit-card iot

asked Dec 28 '17 at 01:07

whoami

1,366
9
17

Questions tagged [iot]