FIGURE 3-5. Authentication bypass vulnerability posted on Foscam’s discussion forum
The Belkin WeMo Baby Monitor
The WeMo Baby monitor (Figure 3-6) can be accessed using a companion iOS app. Unlike
with radio-based monitors, the user of the iOS app can tune in from anywhere in the world
with access to the Internet. IoT products by Belkin have been particularly popular, so our
emphasis on this product is warranted. In this section, we will take a look at how the WeMo
device authenticates connections, to understand what security mechanisms are built in.
In order to connect an iOS device to the WeMo, the user must first download the WeMo
Baby app and launch it as illustrated in Figure 3-7.
CHAPTER 3: ASSAULTING THE RADIO NURSE—BREACHING BABY MONITORS AND(^68) ONE OTHER THING