the tactics and psychology of attackers, so you can learn not only how to protect yourself, but
also how to help design secure IoT products.
How to Use This Book
This book is organized into the following chapters:
Chapter 1: Lights Out—Hacking Wireless Lightbulbs to Cause Sustained Blackouts
The book begins with a deep dive into the design and architecture of one of the more pop-
ular IoT products available in the market: the Philips hue personal lighting system. This
chapter presents various security issues in the system, including fundamental concerns
such as password security and the possibility of malware abusing weak authorization
mechanisms to cause sustained blackouts. We also discuss the complexity of internet-
working our online spaces (such as Facebook) with IoT devices, which can lead to security
issues spanning multiple platforms.
Chapter 2: Electronic Lock Picking—Abusing Door Locks to Compromise Physical Security
This chapter takes a look at the security vulnerabilities surrounding existing electronic
door locks, their wireless mechanisms, and their integration with mobile devices. We also
present actual case studies of attackers who have exploited these issues to conduct
robberies.
Chapter 3: Assaulting the Radio Nurse—Breaching Baby Monitors and One Other Thing
Security defects in remotely controllable baby monitors are covered in this chapter. We
take a look at details of actual vulnerabilities that have been abused by attackers and show
how simple design flaws can put the safety of families at risk.
Chapter 4: Blurred Lines—When the Physical Space Meets the Virtual Space
Companies like SmartThings sell suites of IoT devices and sensors that can be leveraged
to protect the home, such as by receiving a notification of a potential intruder if the main
door of a home is opened after midnight. The fact that these devices use the Internet to
operate has increased our dependency on network connectivity, thereby blurring the lines
between our physical world and the cyber world. We take a look at the security of the
SmartThings suite of products and explore how they are designed to securely operate with
devices from other manufacturers.
Chapter 5: The Idiot Box—Attacking “Smart” Televisions
Televisions today are essentially computers running powerful operating systems such as
Linux. They connect to the home WiFi network and support services such as watching
streaming video, videoconferencing, social networking, and instant messaging. This chap-
ter studies actual vulnerabilities in Samsung branded TVs to understand the root causes
of the flaws and the potential impacts on our privacy and safety.
xiv PREFACE