How is IoT communication different from normal PC cummunication? - security

These are many articles on internet, researches on the point that their is need to make IoT communication more secure. What are the difference in IoT communication and conventional communication, that there arise need of so much extra research, emergence of new communication protocols etc.. I may be missing some crucial point here.

IoT devices are cheap, small and have limited processing power. Therefore, their software typically doesn't contain the security features of desktop operating systems (implementing an SSL protocol is just not possible on many devices, because they don't have enough capacity). Despite that, IoT devices such as smartwatches transmit highly sensitive information, such as the whereabouts of its wearer and things like his night-time activities...
Additionally, many cheap IoT devices come with one preinstalled, unchangeable software. Or software that never gets any updates after the product is launched. This makes it easy for hackers to abuse these devices once a security leak is found in the code.

Related

How to emulate IoT devices and identify them using active scanning methods?

TASK: I have a task: I need to understand with the help of static network analysis methods which model I am dealing with. I need to try to find out the firmware version, manufacturer, device type. I am interested in solving my problem within the framework of the most popular Internet of Things protocols: LoRaWAN, 6LoRaWAN, Zigbee, Z-Wave.
I found a study Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk that uses ping, nslookup and the web interface of the applications themselves. They had a whole huge network of real smart devices at their disposal. I do not have the opportunity to assemble my experimental stand from real devices. What should I do in this situation?
PROBLEM: How can I emulate the operation of devices, so that later I can communicate with them over the network as with real ones.

Transferring Bluetooth connection via the Internet

I was always wonder what would it be my first question on StackOverflow since everything I'm looking for is already asked. (Find only one similar here Bluetooth data transfer between two countries )
BACKGROUND STORY:
From when it comes I’m a fan of Nokia N-GAGE. It’s a Nokia’s phone from 2003 with dedicated games. In its heyday 2003-2007, it has single-player, multi-player via Bluetooth and using a dedicated internet service N-GAGE ARENA for compete with people all over world.
N-GAGE ARENA servers were disabled about 2008 and as far i understand It isn't even worth trying to resurrect such a infrastructure. Mainly because it requires modifying the code of each game and that's illegal.
Multiplayer mode using Bluetooth work fine, but requires opponent 5m away max.
Nokia sold 1mln copy of this phone, and still are people all over world collecting n-gage games. I have a dream, I want to reactivate the possibility of playing multiplayer with people from all over the world.
PROBLEM DESCRIPTION:
I want to use the Bluetooth multiplayer mode by extending the usual N-GAGE to N-GAGE Bluetooth connection with an additional 3 elements. Two N-GAGEs, instead of connecting directly to each other as host-join, connect via a PC / smartphone applications that communicates with the server that transmits full data sent from the game of one user to game of the opponent.
I admit that I do not have full knowledge of technical limitations. In my opinion, as a software engineer, it is theoretically possible, but I want to consult you, people more familiar with the subject. Maybe someone is working on a similar project and can comment.
WHAT DO I KNOW:
The application would have to transmit all data from the Bluetooth connection so as not to disturb the illusion of a direct connection between N-GAGEs.
The application must enable the selection of an opponent on the basis of the game. The choice itself could be made on the basis of some kind of chat in which users first define what they are playing, who’s the host, and then the connection is made.
WHAT DO I WANT TO KNOW:
Does what I describe is even possible?
Is such capturing Bluetooth connection and forwarding is even possible?
Does the development of technology in these 15 years allow me to transfer Bluetooth connection real time through 2 additional devices and Internet connection?
I WOULD BE GREATFUL FOR:
Any technical tips, literature that can help me to understand my limitations.
Any constructive criticism. Of course before I start doing such a project I have to confirm that isn't a utopia. For me It’s a side project, I’m able to spend years on it, but don’t want to get to dead end after all effort.
Does what I describe is even possible?
Yes, yes it does. Your hardest part will be setting up a tranceiver to interpret the I/O. Your failure point would be super-encrypted messages and making transmission difficult...
If it's clear I/O you can signal this through any server and output it back to the tranciever to output. Confusing but possible just not sure of the design or how bluetooth sends its data.
Is such capturing Bluetooth connection and forwarding is even possible?
If a connection is possible then forwarding it is too. Considering this piping the transports.
Does the development of technology in these 15 years allow me to transfer Bluetooth connection real time through 2 additional devices and Internet connection?
Bluetooth real-time no... with added network latency, you're looking at anything from 1-200ms~. you may be able to improve it?
Overall I think if you can:
Connect the device to PC, and have PC talk back to device through blue-tooth
Read the data that goes in and out
Encryption proves little or none at all to be able to signal the data properly, tricky to explain you'll know though if there's a wall.
All should be possible it doesn't overly go against the grains but do more homework this is very valid.

Getting started with Bluetooth Low Energy (BLE) beacon development

I have a couple of questions concerning BLE beacons:
1) Are beacons based on nRF51822 chip the best solution? Or are there any other chips better than nRF51822? I want to take up BLE beacon development and struggling to find the right hardware for these needs. As a novice developer I want the beacon to be as cheap as possible in order not to waste money in case of a failure.
2) Is it possible to buy pure Eddystone beacon (not iBeacon)? The reason for choosing Eddystone is that Eddystone is capable of broadcasting URLs that are essential for me.
The second question stems from my failed attempts to find a pure Eddystone beacon on Chinese electronics sites like alibaba.com or aliexpress.com where the only firmware available is iBeacon. But iBeacon is not an option because it can't broadcast URL the way Eddystone does.
Apart from the above questions It would be great if someone wrote a quick guide for taking up BLE development with Eddystone and covered basic topics like: chip to use, beacon model, best website to buy beacons at, etc.
Thanks in advance,
Pavel
1) I've worked with Estimote beacons and Chinese beacons from Amazon and in my opinion, they do not differ in terms of accuracy too much. Especially for prototyping, I'd buy cheaper ones to test if your use case can be satisfied with BLE beacons. If it is too inaccurate with Chinese beacons, chances are that it won't work with more expensive ones either.
2) Why do you need the URL broadcast? If the app is going to use the url, it would have to be connected to the internet. Therefore, you can just query the beacon's IDs to a web service to get back an URL and use that. Personally, I think this is a better approach as you can configure the web service from anywhere to change the url for beacons where as if you want to change the URL of the Eddystone, you have to go to the beacon to configure it.
The nRF51822 is a common implementation, is flexible, well understood and can be very inexpensive. Be aware though that development costs, add on circuitry for power and/or peripherals, and packaging can easily eclipse the Bluetooth chip when you get to production cost savings.
If you want to buy an off the shelf beacon, most models supporting Eddystone also support iBeacon, simply because supporting both adds no additional hardware cost. Newer Radius Networks and Estimote beacons all support both. And, yes, cheaper generic Chinese suppliers often have bulk manufactured inventory from before Eddystone existed at only support iBeacon.

circuit component could be a security threat?

I've a question,
If exist some extra component on a electronic circuit, Is it a security thread? for example in a VGA card, If exist a component except its standard component on it, Is it a security threat?
Is there any paper about this? I've searched the web, but up to now, couldn't find a proper paper.
Thanks
There has been some new coverage of examples of something similar being done with routers, such as this article from the guardian:
The NSA routinely receives – or intercepts – routers, servers and other computer network devices being exported from the US before they are delivered to the international customers. The agency then implants backdoor surveillance tools, repackages the devices with a factory seal and sends them on.
(...)
Eventually, the implanted device connects back to the NSA.
(...)
It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices. But the US is certainly doing the same.
There's a little more (and also some blury images purported to be of NSA operatives in action) in this techradar article.
These deal with bigger components though - as in whole routers getting tampered with - not just a small circuit or card, so this may not be exactly what you are looking for(?). Still it gives an indication of not just what is possible, but also of some of the motivations that exist; it's a pretty brazen act for the NSA (or anyone else) to intercept and tamper with hardware in this way, yet it does happen.

Why does Google Cast Chrome extension only search for link-local devices via mDNS?

Chromecast v2 devices announce their presence using mDNS, and they are discoverable when performing mDNS queries for _googlecast._tcp.
DNS-SD / Bonjour also support the concept of "wide-area discovery", which makes use of standard unicast DNS queries to find devices. This can be useful for more complex networking scenarios - i.e your Chromecast devices may be in one VLAN but your sender devices are in another.
However, when trawling Chromium source I found this code in mdns_api.cc which seems to indicate that the Chrome extension will only search for _googlecast._tcp.local - completely preventing wide-area DNS discovery of other Chromecast devices. Based on anecdotal testing, it seems the Chromecast iOS app and SDK also have this behaviour.
Why does the official discovery mechanism for the Chromecast Chrome extension explicitly only discover link-local Chromecast devices?
They probably didn't do "wide-area discovery" because there are a lot of gotchas in implementing it and there isn't much gain to be had.
Let's suppose that they did implement it (from looking at the spec, it doesn't seem to be technically difficult; seems like it is mostly an edge-case problem).
You'd need:
A domain under your control. Could be a local-only domain.
Not many people do this.
Multiple VLANs that you want to use.
Most homes only have a single VLAN.
A DNS-SD server that supports Wide-Area Discovery.
This is probably the easiest thing to have. Even then, most people wouldn't do it.
A UX flow to input the various WAD servers that you want to ping for devices.
This is the hard part for Google since it needs to be consistent across all SDKs and using a WAD-discovered Chromecast would cause all local-media-server Apps to not work (e.g. Plex).
(1) - (3) are why Google wouldn't make this a priority. Chromecast is, after all, a consumer device and consumers tend to have simple networking situations. (4) is why it isn't low-hanging fruit.
You'd also need to solve a few problems:
What happens when you are connected to a Chromecast on a separate VLAN and then remove it's WAD server?
What if the WAD server goes offline?
What happens when you have multiple Chromecasts with the same name?
What if they also have the same IP address (possible since VLANs can have overlapping IP spaces)?
What happens when a Chromecast is discoverable using WAD but not reachable?
Should they attempt a connection to every single Chromecast you discover to test that it is reachable?
How would you scale this out to work with 100s of Chromecasts in VLANs that could be "far" away?
It is these problems that I think would prevent Google from implementing WAD even if they wanted to.

Resources