Discus Systems PLC - IT Support Company in Birmingham West midlands
0800 880 3360
Purism CTO: The day I hacked my hotel room - and next door's as well
Posted by Damien Biddulph on Wed 11th May 2016


  Business IT Support (4 hour response)
Server Support £166.00 + VAT per month
Workstation Support £20.00 + VAT per month
Cloud Service Support £66.00 + VAT per month
On-site Technican £680.00 + VAT per day

Please call 0800 880 3360 (01675430080) for more information or email u2us@discus.co.uk

Arrange A Callback
Your Name:
E-Mail Address:
Tel Number:
Mobile Number:

Click 'Call Me' to request a callback.

"If I can hack my lights I can probably do the same for my neighbour's room..."

Purism CTO Zlatan Todorić: 'The Internet of Things is really horrible'

Hacking a website is so 1990s. Today, hacking Internet of Things (IoT) devices is where the cool hackers are hacking.

And, in many cases, it's almost an open door. A short while ago, while staying at a London hotel, security developer Matthew Garrett hacked the light controls in his room, then blogged about it.

He's not the only, though. "I did the same thing," said Zlatan Todorić, chief technology officer at Purism, a developer of laptops and open source software, speaking to V3.co.uk sister publication Computing at the Privacy Advantage event in London last week.

"I noticed that there was this sort of smartphone to control all the lights and I thought 'ah, this is some sort of IoT device'. If it can send and receive signals it must have a network interface, and if it has a network interface then awesome, it's exploitable."

With a little effort Todorić hacked the system and succeeded in controlling the lights in his room from his laptop.

"Then I thought, if I can hack my lights I can probably do the same for my neighbour's room and I gave him a special light show and I could hear him shouting and complaining ‘what the hell's going on?'" he laughed.

"So, then I thought let's take it to the next step. The servers must be on the same network, so I looked around and found them in the clear, unprotected. So I hacked their servers and then I went down and told them what I'd done and said 'you really need to change this'."

So far, so geeky hi-jinks, but what this shows is just how vulnerable such systems are to those with a bit of technical know-how if they are not properly secured. As "smart" devices proliferate, they open up a huge range of potential entry points for hackers.

"The Internet of Things is really horrible," Todorić said. "Everyone's excited by their toaster being smart, but it's not smart, it's stupid. There's no such thing as a smart device. [A human being] creates software that says computationally how that thing will work, and that's all it does. It's stupid.

"Don't give information to your fridge. Don't give your information to a toaster. If I hack your toaster and it's connected to your phone I'm going to hack your phone. If I hack your phone I can get to your inbox and I can create fake data about you if I want to."

In Computing's latest research, device and data security (or the lack thereof) and a need for proper data protection and privacy frameworks were found to be the chief impediments to the wider adoption of connected IoT devices

Source: v3.co.uk



corner spacer corner

Veeam Specialist Microsoft Small Business Specialists Birmingham Microsoft Gold Certified Partner Birmingham Siemens Solution 1 Reseller Birmingham Sonicwall Specialists Birmingham Business Link Approved Birmingham Fujitsu Primergy Certified Partner Birmingham Facebook Follow us on Twitter ESET NOD32 VMWare
IT Support
IT Services
IT Solutions
Get Support Now
© 2018 Discus Systems plc. All rights reserved. Content Management by Verve Digital