Skip to content


Browse files Browse the repository at this point in the history
Added trusting-iot-devices.
  • Loading branch information
Silvenga committed Jan 19, 2018
1 parent 8a012de commit 2d520fc
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 0 deletions.
Binary file not shown.
Binary file added input/posts/content/images/2018/sad-cloud.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
22 changes: 22 additions & 0 deletions input/posts/
@@ -0,0 +1,22 @@
Title: Trusting IOT Devices?
Description: Should we really put our trust in all these IOT devices? (Part 1)
Published: 1/18/18

![Sad Cloud](/content/images/2018/sad-cloud.png)

I attended DEFCON a couple years ago ([DEFCON 24]( and I remember a talk by Fred Bret-Mounet about how insecure some of the devices are that we trust connecting to our home networks - in his case, his Tygo solar panels. He talked about finding a way to bypass the rudimentary security found on these devices and something a bit more concerning.

> So anyhow looking around the filesystem, something caught my attention. Actually not the filesystem, the running processes. OpenVPN. You guys know what open VPN is for? A VPN tunnel. Guess what. That VPN tunnel was on at all times on the device. I didn't do it. And I swear this is not a joke. I did not scan that VPN subnet. The manufacturer confirmed that all of its little siblings are on that subnet.
^^^ Fred Bret-Mounet - [All Your Solar Panels are belong to Me]( (00:11:45-00:12:12)
TL;DR - Fred found a huge security hole, that if used, would create a backdoor into likely thousands of home networks.

Just think of all the devices that we trust within our networks - just look at the numbers from last year!

> The current count [of IOT devices] is somewhere between Gartner’s estimate of 6.4 billion (which doesn’t include smartphones, tablets, and computers), International Data Corporation’s estimate of 9 billion (which also excludes those devices), and IHS’s estimate of 17.6 billion (with all such devices included).
^^^ Amy Nordrum - [IEEE Spectrum](
And there's going to be even more devices in the future. With that said, be it rushed or badly designed, we will see more and more devices that aren't secured. The only solution that I see is to simply not trust most IOT devices, plain and simple.

0 comments on commit 2d520fc

Please sign in to comment.