Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts (英語) ペーパーバック – 2015/8/24
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
This book is a marvellous thing: an important intervention in the policy debate about information security and a practical text for people trying to improve the situation.
A future with billions of connected "things" includes monumental security concerns. This practical book explores how malicious attackers can abuse popular IoT-based devices, including wireless LED lightbulbs, electronic door locks, baby monitors, smart TVs, and connected cars.
If you’re part of a team creating applications for Internet-connected devices, this guide will help you explore security solutions. You’ll not only learn how to uncover vulnerabilities in existing IoT devices, but also gain deeper insight into an attacker’s tactics.
- Analyze the design, architecture, and security issues of wireless lighting systems
- Understand how to breach electronic door locks and their wireless mechanisms
- Examine security design flaws in remote-controlled baby monitors
- Evaluate the security design of a suite of IoT-connected home products
- Scrutinize security vulnerabilities in smart TVs
- Explore research into security weaknesses in smart cars
- Delve into prototyping techniques that address security in initial designs
- Learn plausible attacks scenarios based on how people will likely use IoT devices
Nitesh Dhanjani is a well known security researcher, author, and speaker. Dhanjani is the author of "Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts" (O'Reilly), “Hacking: The Next Generation” (O’Reilly), “Network Security Tools: Writing, Hacking, and Modifying Security Tools” (O’Reilly) and “HackNotes: Linux and Unix Security” (Osborne McGraw-Hill). Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and the NSTAC committee. Dhanjani's work has been reported by large media outlets such as CNN, Reuters, MSNBC, and Forbes.
Dhanjani is currently Executive Director at a large consulting firm where he advises executives at the largest corporations around the world on how to establish and execute multi-million dollar cyber security programs. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends, including IoT, Big Data, Cloud, and Mobile security.
Dhanjani graduated from Purdue University with both a Bachelors and Masters degree in Computer Science.
Dhanjani's personal blog is located at dhanjani.com. You can follow him on Twitter here: @nitesh_dhanjani
I'm currently 125 pages into the book and my notes are limited to a couple of margin scratches and one marked page. I'll probably finish it, but only because it is so easy to skim over much of the filler.
In all fairness, many of the issues I have with the book could be related to its (lack of) editing. The book feels like it could be at least 20-25% shorter if the figures were kept to a minimum and large application/device responses were truncated. This book just doesn't meet my expectations for something published by O'Reilly. There is some interesting content in the book, but it's really not worth digging for.
I was stunned to read the “saga” surrounding the Foscam baby monitors and the countless vulnerabilities. Actual references to families that were mentally affected by the incidents shows how real the problem of IoT security is.
Also very appreciative of the style of writing. I chuckled at The “You Call That Encryption?” heading followed by “I Call it Encraption”. Some of the dry humor gave a personality to the book and I found it engaging.