Cardinal Peak
Blog Post

More Thoughts on Security and the Internet of Things

By Ben Mesander
Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.
Howdy Pierce
Blog Post

Five Software Tips for Securing IoT Devices

By Howdy Pierce
I’ve got a new blog post up today at EE Times, discussing how to secure devices on the Internet of Things: It used to be academically interesting, perhaps, that an attacker could compromise an unconnected home thermostat. Today, it’s another thing entirely that an attacker can potentially target thousands of home thermostats from afar, determine... View Article
Howdy Pierce
Blog Post

The Internet of Things — and How Those Things Phone Home

By Howdy Pierce
There's a lot of buzz about the Internet of Things — a catchphrase designed to encompass a range of embedded devices that connect to cloud servers to act more intelligently than they could on their own. One problem that comes up is how to design the Thing to connect back to the Cloud Server — how does the Thing phone home? It's tricky, because, usually, we are trying to balance several factors.
By Ben Mesander
Attacks that are initially restricted to the realm of esoteric, government-backed spooks become accessible over time to run-of-the-mill cybercriminals. Take, for example, the Linux.Darlloz worm, which attacks embedded devices and is interesting for a couple of reasons. First, it propagates by exploiting a vulnerability that was patched in May 2012. But the firmware images on many embedded devices are much older than that. The second reason I find it particularly interesting is it targets PHP, a scripting language largely used for web development.
By Howdy Pierce
I’ve got a new blog post up today at EE Times, discussing how to secure devices on the Internet of Things: It used to be academically interesting, perhaps, that an attacker could compromise an unconnected home thermostat. Today, it’s another thing entirely that an attacker can potentially target thousands of home thermostats from afar, determine... View Article
By Howdy Pierce
There's a lot of buzz about the Internet of Things — a catchphrase designed to encompass a range of embedded devices that connect to cloud servers to act more intelligently than they could on their own. One problem that comes up is how to design the Thing to connect back to the Cloud Server — how does the Thing phone home? It's tricky, because, usually, we are trying to balance several factors.
Howdy Pierce
Blog Post

Sniffing iPad Traffic

By Howdy Pierce
Our engineering expert details how to capture and analyze all the network traffic flowing to and from a Wi-Fi-enabled device using a network sniffer.
By Howdy Pierce
Our engineering expert details how to capture and analyze all the network traffic flowing to and from a Wi-Fi-enabled device using a network sniffer.