Now unmount the micro SD card and insert it back into the cloudBit. Once the cloudBit
powers on, hold down the setup button for a few seconds until the LED light blinks blue, and
then let go; the light will stop blinking. Join the temporary littleBitsCloud... WiFi network
and browse to http://10.0.0.1/set-wifi/shell.cgi. You will see the output from the ps and netstat
commands, as shown in Figure 7-21!
FIGURE 7-21. Successful execution of the ps and netstat commands
This is a crafty way to execute live commands on the cloudBit to analyze more details
about the device’s operation at runtime. The designers of the cloudBit do not want people to
directly execute local commands on it, since that may destroy the integrity of the product. As
such, it does not come with any way to remotely log into the Linux system running on it. In
this case, however, we have found a way to circumvent their intentions and execute local com-
mands. This is yet another example of the types of security issues we need to think about dur-
ing the prototyping stage: is it important that external parties be unable to tinker with the live
system? In this case, the issue is that the filesystem is accessible by mounting the memory
SECURITY EVALUATION 209