Abusing the Internet of Things

(Rick Simeone) #1

victim’s premises through the video camera attached to the TV (if present). These types of
attacks can therefore compromise the privacy of an entire household. Smart TV and other IoT
device manufacturers must take these issues seriously and strive to implement security meas-
ures the industry has already learned about from correcting past mistakes.


Inspecting Your Own Smart TV (and Other IoT Devices)


There is a good chance that you own or have access to a Smart TV. In addition to being aware
of the research presented so far, it is a good idea to dive deeply into inspecting the network
traffic from and to the TV. This promotes greater understanding of the topic of Smart TV
security and gives you the opportunity to tinker with the system and perhaps find a new vul-
nerability to report to the manufacturer.


Say Hello to the WiFi Pineapple Mark V


The WiFi Pineapple Mark V is a wonderful little device (Figure 5-6). Capturing network traffic
is often cumbersome, because it requires you to download various pieces of software such as
tools and virtual machine images. Additionally, you need to specifically configure these tools,
and this can take a lot of time and money. The WiFi Pineapple is an all-inclusive product in
the form of a WiFi access point that lets you easily capture network traffic and execute various
types of network-related attacks. It is available for purchase online.


FIGURE 5-6. The WiFi Pineapple Mark V


146 CHAPTER 5: THE IDIOT BOX—ATTACKING “SMART” TELEVISIONS
Free download pdf