computing device infected with malware can automate this process by building the attack vec-
tor into the malware code. As IoT devices multiply in our society, malware authors are going
to increasingly design their malware to take advantage of time windows such as these. Mal-
ware may infect a particular device and rely on an already established WiFi connection, the
password to which may be stored in encrypted form. Therefore, obtaining the clear-text pass-
word to the WiFi network can provide an added advantage to remote attackers.
One solution here is to embed a unique private key in each instance of the product, which
may be expensive. Another option is to have a serial number printed on the device that is used
as a private key to encrypt the actual WiFi password. The user will have to supply the WiFi
password as well as the device’s serial number, which will be encrypted by the web browser
(using JavaScript) and sent to the cloudBit, which can then decrypt it using its own serial
number as the key. There are various ways encryption can lower the risk of this issue. The
important thing is for product manufacturers to acknowledge the potential risk, and the
potential consequences, and make informed business decisions about on implementing secu-
rity mechanisms to lower the risk to customers.
Sneaking in Command Execution
In Chapter 5, we discussed various scenarios in which access to the filesystem can help tinker-
ers and potential malicious entities discover how to bypass security controls and uncover
potential vulnerabilities. The cloudBit runs the Linux operating system and includes a Secure
Digital (SD) card that contains the filesystem. In this section, we will attempt to mount this
card and take a look at what’s inside.
Power off the project by separating the cloudBit from the button module. Carefully
remove the micro SD card implanted in the cloudBit, and then insert the card into a laptop
equipped with a micro SD card reader. The card should mount automatically in most modern
distributions. In OS X, you will need to install OSXFuse and fuse-ext2, after which the disk
should automatically mount in /Volumes/littleRoot/.
It’s a good idea to create a list of files that you can scroll through. Run the following com-
mand in OS X:
$ ls -lR /Volumes/littleRoot/* ~/Desktop/littleRoot.txtThen go through ~/Desktop/littleRoot.txt to look for interesting files, such as etc/
wpa_supplicant/cloudbit.conf:
network={
ssid="TOUCHOFCLASS"
#psk="youcann0tguessme!"
psk=3f6380509ca89b4c5506fd39e7a3a8b2d5cda338b51accbad1f1850fefbabd47
key_mgmt=WPA-PSK
}SECURITY EVALUATION 207