Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Insecurity of Cloudless Smart Door Systems

Hack In The Box Security Conference via YouTube

Overview

Explore the vulnerabilities of cloudless smart door systems in this 53-minute conference talk from the Hack In The Box Security Conference. Dive into the complexities of intercom networks in large buildings, including call buttons, access control units, and IP gateways. Learn about typical scenarios where intercom systems interface with IP networks, focusing on two devices designed for larger installations without cloud dependence. Discover the security implications of these systems through technical analysis and live demonstrations. Gain insights from security researchers Sebastian Neef, Julian Beier, and Lars Burhop as they discuss vulnerabilities found in the SG150 device, including command injection and unauthorized read access. Understand the lessons learned from this research and its implications for enterprise and security-conscious users.

Syllabus

Intro
What is a Smart Gateway
Why integrate a Smart Gateway
How easy is it to remove someone
Which devices were tested
Technical Analysis
SG150
First two vulnerabilities
Live demo
Third vulnerability
Second vulnerability
First vulnerability
Read access
Command Injection
Lessons Learned
Questions

Taught by

Hack In The Box Security Conference

Reviews

Start your review of The Insecurity of Cloudless Smart Door Systems

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.