Questions tagged [iot]
Questions about the Internet of Things: network-connected devices whose core functions do not include general-purpose interactive computing (e.g. cars, home appliances, consumer-grade routers) and whose potential software vulnerabilities are often overlooked by both users and manufacturers.
149 questions
2votes
0answers
90views
Pros and Cons of implementing custom certificate provisioning for IoT devices
I`m working on a project for improving security of IoT devices by using per device X.509 certificate for authentication. The company uses IoT sensors, created inhouse, to gather data for analytics. ...
- 21
1vote
0answers
68views
Sony tv is sending udp packets to my firewall [closed]
I've noticed that the sony bravia tv is sending udp packets to my ip and they are blocked by ufw (firewall) Jan 09 16:56:09 my_host kernel: [UFW BLOCK] IN=wlp58s0 OUT= MAC=4c:1d:96:8b:8a:44:e8:6f:38:...
- 11
0votes
0answers
115views
HTTPS and TLS for IoT devices
I have a Raspberry Pi-based device running an ASP.NET Core API. Each user can set up their device's IP address. I'm looking to implement authentication and authorization to enhance security. To ...
1vote
0answers
51views
self-healing key management in iot-based wsn
I’m a student currently working on a project involving designing a new key management for iot-based Wireless Sensor Networks, with a focus on developing a self-healing mechanism and integrating AI in ...
2votes
0answers
95views
Possible attacks againts head unit of contemporary cars
I purchased a new car this week. It has multimedia unit (sometimes called head unit of car). It has FM/AM/DAB radio functions (with its radio antenna) ,bluetooth 5.0,Wireless CarPlay – Android Auto, ...
9votes
3answers
3kviews
What techniques are there for preventing radio-signal replay attacks?
I am now researching RF security on IoT devices such as doors, cars, etc. I have a HackRF device for performing RF-signal manipulations such as replay attacks. It is very easy to record the signals ...
1vote
1answer
176views
Why does AWS strongly recommend a non-self-signed, code-signing certificate?
I am developing a hardware device that utilizes AWS IoT OTA via FreeRTOS. On this AWS web page, it says We recommend that you purchase a code-signing certificate from a company with a good ...
- 113
0votes
0answers
121views
AWS IoT - Use a temporary certificate created at build time to authenticate a device for self-enrolment
Let's say we produce IoT devices and want them to access AWS IoT Core. The best solution is something like: every device has a (unique) private key and a public X.509 certificate signed by a valid ...
- 101
0votes
1answer
2kviews
How can one use HTTPS without a domain name, or on a local network?
I was looking at the LXI Device Specification 2022 Version 1.6. For those not familiar with LXI, it is a standard for lab instruments like oscilloscopes, function generators, LCR meters and many more ...
- 103
0votes
1answer
164views
How to resolve an issue with potential mismatch between device certificate and CA certificate?
I have an IoT device which is failing to establish a connection with the cloud. The problem is related to the device X509 certificate (to the best of my understanding). I've posted a version of this ...
- 113
1vote
1answer
134views
Write message that can be verified by any member of a group
I am trying to develop a scheme for publishing a message to a group of recipients. Any recipient needs to be able to verify who the message was sent by. There may be tens of messages generated each ...
- 111
0votes
2answers
250views
Hosting a Honeypot to collect data [closed]
I want to collect IoT botnets in order to analyze them. Are there any good VPS providers who allow to do that? - I'm a little cautious about this because of possible misconfigurations that could ...
- 103
3votes
1answer
382views
Next movement in IoT pentest when you have restricted information
I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker ...
0votes
1answer
783views
Can a simcard's public IP be accessed?
I am in a discussion with someone about IoT devices. We use private IPs for simcards, but the other organisation is using public IPs. I think it is possible for a hacker to access these public IPs to ...
0votes
0answers
172views
Providing encryption and password for an IOT device over gRPC
I've been breaking my head over how to do this, as it doesn't seem to fit any example I could find online. My IOT device servers will run on the client network and may be accessed over it or over the ...
- 101
