Presentation -- Hacking the IoT: A case study

hi I'm Nancy snow I'm Phoenix nope Wow yeah we really love them okay and our clock is packing the IOT case study so first how this talk is organized so we're gonna do our contact information at the end for anyone's know but we have some candy you left over from another event with our contact information if anyone would like it so I was going to pass it around now then we're going to do a little introduction and then we're going to do a brief look at IT security standards yes we'll talk about our methodology and our results and then how we you can set up your own is he hacking laugh no jerk contacted fun questions

would anyone else over here live candy nobody was passing it yeah it's chocolate

okay all these new stories about people being concerned about insecure devices the pricker back vigilante burn botnet there are people believe violent Jimmy I see everybody's secure in terms of whether that ID and insecure I'm sure who would be however at this point at a minimum it seems like there's kind of an entire generation of devices that are already out there that the support for them is questionable at best so there's already a lot of insecure devices out there begin with additionally this is a really really large market and it's been expanding very quickly so there are actually some concerns without trying to sound paranoid but there are concerns of these companies getting people's data

and whether the companies are using them for bad purposes or not they're not storing the data in secure in secure manner so it could be somebody entirely on the laid into the company by stating your you know access to this data and using it for malicious purposes and we thought everyone else is hacking at a few devices why should you win so then we had to decide what type of device to hack and we just one day went out and bought egg smart light bulb not this one I will say this is just the picture I chose the one we bought I couldn't find a picture of because it totally didn't work when we got home I

mean it's a nice light bulb but the whole internet part didn't work we have found out after the fact that apparently it hasn't problems with it and they decide to patch out Internet access with the Apache namekians later yeah a secure we do use it for that to do a little research before buying another IOT device the next great smart egg tray you have to remove your eggs from the carton and actually puts a minute for it to work in that was a little too annoying for us then there's person s there was that February we've done to that my husband's favorite yeah Wi-Fi enabled crock-pot I'm not entirely sure what the safety protocols on that are we what regards

the heating element and uh there's kind of a part of me that had a galleon see all kinds of a burning house now I'm hearing normally relish that stop there yeah we need to trying to break the heating element on that so we decided we should get something else then there was [Laughter] uncomfortable medical analogies and that would be smart waterboxx in case you needed something that told you when you were thirsty it would glow when I thought you're thirsty but yeah this often seemed like a bit of a stupid idea so we ended up going with a baby monitor so why a baby monitor well I gave life here every one certain thing we could

buy one for some reason because they have this little guy and we're like why do we need a baby monitor oh yeah there we have much here and we were like well we go and hack it so we're like sure I'll get one so I got this one no we're out some yelled inane because we did responsibly disclose what we found and they didn't respond in any way this was months ago so we decided it was okay to present as long as we didn't let people have new the device was so we served about the name the company changed names like three times I think since we bought this if you really look for it you could

probably figure it out a figure but yeah where this figure try to be a little bit more responsible here like to do this oh it was the number one bestseller so another reason to look at this device so we're we jumped into this guy's our group look at our key security standards all the to mention there's 20 threats without the Internet of evil things report basically ported last one quick summary was everyone knows there's tons of problems on the Internet of Things who don't expending any money to do anything about it I think that's probably the two-seven sorry last July think it was this big it out there's special subpage in 800 183 called the network of things which is a

basis for talking about the Internet in terms of security it doesn't even get into security but it sort of starts dividing things out so you can talk about and they divided it into five sections similar to what we did except what we can limit the dispenser which was like the hardware the aggregator which was soft and hold that to communication channel obviously network the external utilities which are like the mobile and web app and the decision trigger which is more software and then Microsoft that's um yeah Microsoft is apparently attempting to do some stuff for secure Internet of Things devices in their case though I know that they're not done with it but it was

supposed to be that they're actually do we need that the I manufacture a little third-party vendors so I don't really want to say anything about it because I mean it might be wonderful it might be bad but it's not done so the market not judge it but uh Microsoft is won't be companies working on it again I know until its workouts on some of the standards up to you well I will judge the Microsoft a little bit it was very Microsoft centric so you can extrapolate it out generally what I saw yeah yeah the thing with the Microsoft stuff was that they were actually trying to control the entire process so while there might be third-party vendors that

Microsoft was controlling they for more aspects of it all right so before we started testing the first thing we did was we take a look at this packaging and I read the manual that came with it instead of a segregated test network and we bring some some ideal attacks and I was going to help us move it through testing this was our goal so we know what we were looking forward to try to gave you ten things together that we found to reach what you like yes okay so what about the packaging obviously it makes you think it's very in securing there can you get this up login ID and password box note the password is admin but it's not quite

as bad as you think if the first time you do log in and with the device it makes you change this not because it's the first time you log in because they require these six characters per catch it so but let the command you all had some other nice information in it about agent authorization which was interesting like you had two accounts so you have your account and you've added your cameras to it this is the camera specifically that you can log into and there are no forgot password mechanisms so if you forgot your password you have to create a new account and so you could obviously add cameras to many accounts that we've never looked suspicious since that was

for a password mechanism if you forgot your camera password you have to do a hardware reset so sort of back in its default configuration so it provides some information about guest accounts and authorization which was interesting to terms of testing now for the up we split our customer base level we're workers sitting so I took the parts that I was interested initiative reports and she was interested in I did the networking stuff on it and poured the first part of it obviously they have segregated test network you know I guess on how secure or insecure this device is so I don't want to hook it up to my hundred year so just

it is a random picture so my mind is much more modest but this works pretty easy I mean we just bought a router and you know ran it off the other ones so they have both networks of course segregated but you can swap internet access in terms of the ideal attacks that we were doing I'll let hurt the pictures I'm on here but I wanted to do was insert fake pictures and videos into the page because I thought it would be fine and so she wanted to do the vice bearing yeah I just thought the device pairing of the camera when he apps was an image things got to dry and obviously with it about ideal attacks you're gonna going

to numerate all the bugs and mobilities try to see how we could put together knowledge of the facts so we came up with five areas of the IOT device the local apps the networks the web apps API in the hardware and my husband is talking up the network and the hardware and I'm going to cover the mobile web apps in the API and the way back from the API sort of merged the you know it's hard to differentiate exactly one begins MIT and yes we were trying not to break any laws and so everything about balling the external web application and guys make turtle network was lightly tested mostly its passive observation we didn't want to do anything wrong

all right so the mobile app so basically there are three parts to testing a mobile app for both Android and iOS you have your static testing your dynamic testing and your network testing and for Android the static is really useful obviously because going to speak compile it you know and get your java code and it's go through it if you're good at coding and really easy to look at for iOS it's more of a reverse engineering IO hopper after you extract the encrypted app from memory so it's a bit more complicated first there are tools that will do that extraction for you but it's fun to walk through once on your own you're going know iOS anyway to

manually go through that but dynamic testing on Android that's mostly using the Android debug bridge and for iowa's I must need separate to you know get in and do things from yak psyche running and I did all my network test me from first week now I don't look at any of the network results on in these lives well this mentioned that neither mobile app did any certificate validation whatsoever so I could just use groups we didn't have to import the CA okay so just a few of my results I not going to go into everything in detail 7kq long but yeah I found integer data stored in certain occasions in Commission probably extraneous functionality and for proper platform

uses and just five of the top 10 mobile so what was it about high finance I'm Way too up but some mobile app findings just a couple things like on the Java credit sort of interesting here's where it validated if you have a good camera ID and you can see it just look to see if it was 15 characters and started with that so you can probably enumerate all the cameras out there here's a developer options pass the validation would use just this hard coded string let's see now this would get some cryptography that I saw that they were using and anyone clearing guess what algorithm it was no lightly better actually yes and unfortunately I've seen this in at least

three places in the past two years when I've been looking at things which is like the first time I almost had asthma attack and started laughing hysterically and that was like what again yeah they did have other cryptography I'll mention do they use it in several places into several different names here somewhere in the N word after the sorts of the economies amazing passwords so in plaintext on the device there's a mother anything they manage their parents file including more usernames and some settings for the turn-on developer we setting friction on it off I hid the IP addresses as you can see again trying to cut this a bit but other way and look yes okay and let's see oh yeah it's

really easy to get into the developer options they're going in about three different ways it is the same record pastures both iOS and Android absolutely nothing they actually didn't have to forgot password phones no remote it's City so there isn't any and I'm just going to stop there now we actually previously did something going on and one of the things that we got a lot of feedback on was the hardware part so we're trying to cut the other parts shorter so we can talk more about the hardware some doesn't give something more people are interested in that and I mean the network of ethology we really didn't do a lot of cool things with it

just wasn't necessary using that for words you just you know different numbers and then and for as far as about serving the internal internal traffic Wireshark and their crack the one finding that I had with it is that I mean you know there's all that the Astrix thing I thought was weird so I made a note of it look for it later because uh well I did looked it up on Google came up as a rugged multiple air traffic control towers and I was pretty sure that that wasn't right additionally you could go and you could eat it open till that sessions with it now on this there was a setting to turn the device

itself up on the web app to turn it into an access point additionally it would go through and tell you of every network it was in range oh that you can see this is beyond the scope of this talk but there are attacks that you can take that information and coordinating roughly saw use physical location and the other nice my name on it is that there's no password or encryption if you set this as an access point initially there was no encryption video or sorry it's still image beats so you could find out where somebody lived and it is word I love to demonstrate until you hit it obviously that's really since these devices are for physical security and

have a significant problem now for the up I get something to this oh sorry alright so just quickly the web application methodology because everyone's know or this most people are familiar with this it's just like testing anywhere that you wanna be your authentication your authorization session management with the injection client-side code all the normal things well the first thing I discovered on accident as a joke I named the device script alert 1 / script and yes it wasn't described by scripting I didn't want to be a funny name for my device I'm not even really touching as I said we're trying to be careful about the external website and not really do too much but I did notice going through

looking at the HTML that they had it was the weirdest HTML there was because it was like it told you about all these other sites inside it so it was like it was a shell basically saying that they use for lots of different sites and so you found all these other versions of this web app throughout online including some test versions and debug versions things that were literally called that that you were all out there he went and browse to them and it was all just in the basic HTML and so on one of the best ones they haven't thought where you can download any windows of Android - and a Mac version of a tool for this camera as

well as more documentation and yeah a test version of the app that you can just walk into online I didn't really like doing that even that what the videos passively observing so we think Google get so I thought that was very odd also and when we meet you may notice when we do some networking in writing there was an internal web app 480 was open so we look at that locally and so there you could do more in my opinion and so there it also brought them out very similar to the one that was on line here and that's where I would look at the client-side code for those atomic JavaScript and also flash but the flash juggling was actually

interest because it was what they used to the live stream of the cameras and basically it was an RSTP based protocol with some built-in authentication with the authentication with only one way so a client would odd often indicate with the server and just got back that it was ok from the server but the server being authentically fine it was great commitment and and this was an unencrypted web traffic so you could get the credentials and say oh yeah I'm Makenna you know this is totally legit the other thing about it - what the web app was that we noticed what she was braids up about the multiple pages there were about 25 or so before I stopped

turning out identical portals on different IP addresses for just the main app there was also something the JavaScript about if camera equals x brained go to this page it equals this brand go to this page apparently they like to change their names very frequently for some reason yep all right so now I'm going to go into the API methodology which is a sort of just pardon web app in a way so it's a little different because you can't browse to it so but it's very similar to the web app except no out and basically the first step was driving numerate on the API calls their work and Jeffrey earlier common problems was like for transport security

ID or ActiveX control problems sensitive data exposure of working ankling are the common things with it yes so I've found the complete and in writing the API in two places it was actually completely in the JavaScript on the web if it had basically the JavaScript made all the API calls so you can see them it was also in the Java code of the mobile app so you can completely enumerate everything they've got and so then I've been doing that I tried replaying all the API commands and what we could get int there's no session on any of this and so you've got a week later all the agency actions to work so then I started doing it I reach

I ain't see if we could change up parameters and sometimes that works sometimes do I think that the ones who do work it was probably due to some malfunction you know code more than anything else so yes some of them work some of them just random as far as I can tell there a note of it also when going through all the API you can find some interesting information right here where it was asking about the interview server it also tells you obviously but telnet which I didn't go to at all but it's very techie right yeah and some other random servers with the device and all that wonderful I first yelled at YouTube oh I want to go see what's there

possibly anyway now in terms of the hardware I kind of wanted to preface this what I don't really have a strong parkour background I knew the sort of thing so I can figure this stuff out pretty much all you should be able to do it's you you guys came up here so obviously you're wanting to learn how to do things so I mean don't let the fact that you might be afraid of setting something on fire or anything bad like bad you dissuade you from your dreams anyhow what we wanted to do initially was up just basically take the device apart so I can see what he would have was like you know say it like that down by the

floor of the Wi-Fi card I've looked for any sort of nut long ability score also I did this last obviously because you know I wasn't really showing us anything on fire but include my multiple devices in theory I'm kind of grabbing in cheap so I want to do this bit of lesson set what you want to do is you want to look for you need luckily our theme for and then you also want to look at how the firmware updates you know so you can see if you can get a copy of the firmware if you can install your own and then does have any sort of integrity checking I signed up on this the web app had a

process of updating the firmware but you could only do it if you were going from in your own network you couldn't do it remotely in terms of the hardware mind him month look would you vote for I'm not the smartest guy in the world but it was kind of we do fine so what I did was I just took some random jumper cables that we had from an electronics get soldered them to the uart port after using a multimeter to determine which portals which and then just shine it through to alt del to USB and then hook the record time since I didn't want to have anything I soldered myself up in my own gear it was surprisingly not now but

here's what we had on the web app for the online update to where he could do the through the neural network braided update the up firmer I in terms of it any sort of checking there actually was one you couldn't see it through the web app you can see through the hardware though but the CRC or bail every time however within the boot boot is long additionally without doing anything at all the CRC failed so you didn't touch the device in any way shape or form and CRC fails every time for whatever reason and then just goes on dates so he what the thing was when you click the Upgrade button here you could get a copy of the file but it was

a little roundabout young to be monitoring your whole network you did send a request out to one of those outside servers and that web server would contact your camera with the file so you had your whole network theme under you could grab the file right it didn't sound like a exe or bin it wasn't sending like an exe over bin pile that you could run further computer to actually send the strips of the camera and additionally obviously if you're a couple the hardware like that was able doing that in my case eager this rotted straight up the other thing about it was that in terms of uh well let me see if we have enough time I'll

heart go did a little bit more but we have enough hardball I came out okay but when I greeted the device up or after I did the hardware and brought it it was really hard to get into there was a thing that says press any key to stop it from booting I figured that part out pretty quickly once you were able to do that it's give up the boot sequence then you go I need to download the firmware if you want to have that blanket output into something that you put feed yourself or disorder around the files you could do that there wasn't any short blocking that you needed to do the one big thing I noticed

with this which might have been one of the reasons that had all this flakiness in terms of some of the application stuff is there was a lot of extraneous code it looks like and for my understanding this is a semi common practice that they basically just cut and pasted a lot of code from random devices so there were their drivers were network parts that aren't for this camera there was some supper cameras that like for the actual camera hardware that isn't part of this and there was actually some stuff with the control work that again it was or something that they were just completely random as far as I could tell which might be why some

of the things would be tried to die out to them didn't necessarily respond that reliable this was really like that oh yes there's also on the internal web app you didn't have to go through the when I upload button so you can just give it any time we want to it would upload it to the firmware but I wanted it to do it through the wires on I saw her now in terms of seeing if we could screw it with the video feed that is obviously not my pleasant one additionally this is from the web portal additionally the I didn't take it's a kind of date screenshot there but the only time in dates that you have if you

have that option enabled it was through the web portal itself that shows you the current time data on the web portal so you're going through and taking that in or something to practice our place in it if somebody was looking at it the time would tell them the current time I'm sure you can see what this is a huge security vulnerability because there'd be no way for someone to never put it that they're looking at one last week were to get out it was actually occurring so this was really a combination of the fact that they pretty much no security on their network stuff no encryption handshaking SOTA stuff going on with that in the

device and the fact that we had reverse engineered the flash files know what it was expecting so we sent the flash player that was in the stream exactly was expecting in the packets and it just up it was basically a man-in-the-middle sort of pack that did this so all right so our conclusion I see devices are using a high surprised further is there a way to use this device we wanted to as a baby shower well not on any network that's connected to the Internet you can in log into the internal web app and you can view images only you can't move the camera around or do some of the functionality about internet access actually and it's a

still image for when you log into the camera it doesn't ever update so I actually think that this part is a long you're able to if you refresh it and real aughh in it would update the picture but other than that I doesn't update the still intact so I think that that was actually walnut let you see that so yes they don't like you using this without internet which totally it's not shade so about setting up your own IOT lab so we'll just go through some of the things we use for all of our different step and together you have an i/o to that for Android obviously you want a computer I mention that because

you really would like an Intel processor for the Margaret acceleration modules for the emulators it's a really slow without the Harvard flourish you're probably going to use Android studio get some cake you'll get an Android emulators and get lots of versions downloaded both arm and x86 and every time you do an arm one it will yell at you about how this is slow but sometimes you need them for when the apps that you're trying to go through have architecture specific libraries and that's unless you want to do it off your devices if you have a lot of those devices that's fine you can do that instead obviously you're gonna use other tools to do it Android studio like eat

Android debug bridge to get shell in caves and getting the case with the bug thing and this is the Android devices are really nice to have but you don't actually have to hack them although what I always do that all your family know that whenever they order their old phones you want them that that's what I always do everyone in my family knows if they'll give me a new iPhone you Android give me their own file paperwork they get for it from school notes so Purvi reverse engineering part I use next ajar ap caid's / JV Yui I know there's something that combines all that but I got used to doing it and it really

takes what 15 seconds throw is sweet a min so I'm not sure what the use of the combine tool is piloting spot and I use verb sweet generally for all the web stuff for iOS you always need on that can't look at any of that stuff online and she you need Xcode your iOS SDK to give you a tool really need an iPhone or two or three several and different versions and you really have to jailbreak them although that is illegal in some countries you need a way to get your files off with iPhone box was great until I was eight four when it stopped working I D be a good tool again I use

Burt for the network stuff I mean I didn't hop her to you go reverse engineering of the apps back rift is great for doing things dynamically inside and I sometimes like you miss move it but there are a lot of other tools like an iPhone so I'm sure that some of you watching this and great once yeah with the network lab that we set up and there's no 1x go router he just it doesn't really matter you just want something that works additionally though I you might want to verify that it's ace if there's security issues better-known down router because some things you can't execute tax through the universal park employee and for the network

traffic you want to get like necessarily goes the adapter I know that they make ones that are not office but I've never actually seen one additionally you want to make sure they're cracking notable if you're using that so you go with aircraft website they'll actually have a list of one site that will run there so again that's probably why a lot of people use out this for the supper part that I just used wire start aircrack-ng and TCP dump which those are all built in tally tools just like what she was saying there are lots of ways to do some of this stuff so if it works for you then it's obviously the best way even if it's something

different than what we did for the web tools this one everyone already has their favorites use what other things you like I like you for sweet I generally make two velvet tools in Prior I will use Firefox and I'm doing web testing as opposed to Chrome although I use Chrome for all my personal robbery I like some of the things like that they're faster cool and still nap backward is a perfect session I enjoy using obviously that comes up web tools and those people are favorites for a vacuoles they're going to be very similar to the web except you don't have some specific extensions depending on what your ABI is there are perfect sessions revealing this building JSON

that and such so depending on what the API is sending something specific and you have to wait you identify what the Agera format is first now in terms of the partner tools I was trying to do this as cheaply as possible so and you know what you want is a screwdriver set if you get one a try to find one that has the precision screwdrivers the smaller size ones because sometimes they're going to be very small screws additionally a lot of nowadays have the little nylon there's a like a pledget or whatever it's called like will not grow bar do you use we're opening like phone cases or things like that you're going on a soldering iron solder solder

remover my case I just went use the regular LPL USB cable they're like an box there are lots of nice things to have like the starch raspberry PI's etc the thing is that I would caution you that if you're not really sure why do you need something I probably wouldn't buy it I don't want you getting mad at me about it because you've got something never even took it out the box but I mean just feel like it's probably better to sort of if you're gonna get something get something with a purpose additionally in terms of soldering if you've never soldered anything before and you probably want to find something then you don't really care about to do

first soldering is sort of a a skill sets are like in your drawing you might have a really good idea in your head but your hands and the device might not necessarily walk right and then bad things happen we also used with a multimeter which we get to ACTU the slide when we noticed it last night 15 we have a baby who just got me beat so yeah there's a little bit of a distraction but in terms of the multimeter play instead of going through it with I see we got election time so I could turn today on this instead of using like a logic road or an oscilloscope to determine which works for which on the UART based a multimeter

you're able to determine in the case of the one I have there they're all in 3/4 so you know that one's going to be ground you know one of those can be transmitted along with some of your receipt if you kind of figure out what about those voltages it should look like it's pretty easy to guess at that morning but and again I mean you know I'm sure I was trying to do it at a certain point it was kind of turning into a weird thing a pride about trying to want to do this cheaply as possible sucker a ten dollar multimeter versus also scope or Logic Pro was really the way to go alright so some things I would

recommend for further reading if you're into hockey the Internet of Things there's a really good book by Brian Russell called practical Internet of Things security obviously is a link to be a special publication and number 183 that I mentioned earlier which is worth of reading probably a basis for further this papers on security they're going to publish later maybe this year they're lucky then there's a link to the internet I think people report and hacker world blog actually was a great site for starting hardware hacking because we we yeah I actually I consulted this as I was working on this because they actually have in this example where they walk through given this was a router

unfortunately the one that they were using was a lot easier to solve than the device I thought it was um I thought that I'd be able to get one and by normal size meant and just push here there and apparently it was actually very very close together and said so it was a little bit more difficult but yeah it's a great sight in terms of about learning how they do use all that stuff if you're just sore starting to zero right and so we have our contact information and they're ones that I have Twitter he does not be exact so and besides I we looked answer any questions and we really talked a little fast but yeah additionally in terms of

if any one one job you can't go on the edge of the hardware process on that is that okay with everybody okay so let's see like one picture here yeah could you do that for me please but uh so once I took the multimeter and there is but once I took the multimeter on there for the idea are keyboards and determine that that was the ground that one was transmitted not always receive I ran through the jumpers and then soldered the ends off into there so that I could want to do TTL cable to it I just ran that through a Raspberry Pi and used mini-com gon pick up the device like I was saying earlier during the

boot sequence there's just that you know in order you need to pause that press the ending key so I did that and then it just drops you into shop so I mean this was yeah this there wasn't any anything to it so I mean like I was trying to say if you find sell this stuff in him--as dating I mean I wouldn't really spare to you I saw or something because you know fire but um you know I mean obviously people did this number come so I you know don't feel like that there's anything anything that

[Music] yeah that's another reason why when you use a multimeter verify if you're looking at a three year old Ricardo because yeah again that could also be at a very unpleasant surprise my case not a little blessed in certain public controls in a power cable but yeah that's definitely the book that thinks about that but uh yeah I mean again I mean I thought it was really intimidating it really wasn't what you actually get started that's the hardest sort of thing sometimes do this or get over the inertia and get started in the first place does anybody have any questions isn't people do just watch the usage of device like walking the network company yeah

just like let's let's sit there and watch it grind for day or two start asking you know why is this big calling out at three o'clock morning yeah really that's actually how we determined it was violent up all those random about cloud rolls but I just let it run for two days and you know went through with Wireshark and look at the draft net boards yes sir [Music]

I'm sorry we'll be here oh okay the problem is that it doesn't seem like anybody gotten far enough along the process to really have an opinion about it I mean I like the idea but I also see you know I mean given some the players involved I see where things might go a little weird I mean ideally it does the more open that these you know it's like with what they've got for us is saying I'm sorry I didn't catch your name earlier but um it's like they're saying about the open so the open source stuff if you can see what's going on that's great you know if things are actually getting things that's great

the problem that I have is that since somebody's completed that I don't know if those things are being done yes ma'am

I'm not really sure about the legal issues there and they don't really let being sued and tons of that I mean I'm not really sure we can do because it kind of seems like they change the name of the company fairly frequently on a lot of these one thing that like I actually did not do any looking at how people hardware have these specific devices until after I was done because I don't want to have anything sort of you know prejudice what I've done I do want it and after doing it a lot of research on it they're actually so this is one of the more severe laws there are a lot of them actually have hard-coded passwords

of one two three four classics and is there any precedent maybe you know in for Amazon about this maybe they'll quit selling it yeah it probably works work will people have a lot of friends that you do it here but

yeah we tried setting not X to them we got no reliable tool and we tried more than once that's what you say use the ones yeah yeah I figure that's probably that's also something that probably works better you're sort of well-known in the community or got a lot of friends and yes it was like it was just a generic but it's up was a busy box but it was just a regular generic site about the board itself was Green and I can say I mean it's on the picture but they make a lot of hardware they're not they weren't the manufacturer of the camera but they make a lot of underlying work where for a lot of devices in general it

turns maybe there's nothing out there the problematic it was the the Linux lot you know the Lexus drove a set up of the dental records about the problem personal non-security thing the rapid7 has a lot of your baby monitors yeah it does seem like baby monitors there's being a lot between baby monitors and I teach young campers in general and yeah there just seemed to be a lot of significant security issues with the money yeah a lot of them that we were seeing we're looking into they have percolo passwords of one month or six

[Laughter]

[Music] [Applause] big club great great and it's on to the power 3 which has providing a server that provides prime server and although that works for businesses would be they don't they're not even Valley yeah you see the picture on this one but this board the board itself is kind of generic or that green comes out that a lot of people use but no they're actually what they can or even have function but there wasn't anything plugged into it so you can access or something to like you yeah great that functionality I didn't look for the specific launch of in but uh it wouldn't surprise me I mean I figured I knew the device was insecure

so I just didn't really see it was looking at at that point the sourcing not cheating well thank you everybody for having us this is I've ever actually fought anyone before so they're writing for me I not know I'm not used to being invited to places [Applause]