Presented by:

76839886b5f8822d58ae565d8d559d91

Ben Kero (bkero@bke.ro)

from Ormuco Cloud

Ben is a long-time Linux systems engineer and hacker who focuses on Devops topics, embedded Linux, and free software advocate.

Previously he has held positions designing and administering systems at the OSU Open Source Lab, Mozilla, and Red Hat. He specializes in Linux systems, configuration management, and continuous integration.

When he is not deploying and testing new computers he is riding his homemade electric bike, tuning the free software computer in his car, or rebuilding old ThinkPads.

No video of the event yet, sorry!

Internet of Things devices are becoming increasingly common in our lives and in our homes. Connected sensors and controls are inexpensive and popular to buy online and in stores. Their sleek plastic shells promise a well designed package, but these devices can harbor surprising secrets.

With a 4-star rating from hundreds of reviewers on Amazon, a slick mobile app, and $99 price tag, the Reolink Argus 2 wireless camera seems to tick all the boxes for a savvy shopper. I bought one to use in my home, but after hearing horror stories about IoT devices I decided to open it up to see how it worked, and to investigate if the software was respecting my privacy and security.

This talk will share my discoveries in reverse engineering this device and explore the the implications for their design decisions. I'll go through contacting the vendor and trying to responsibly disclose my discoveries. I'll also share the resources that I've discovered and written to fix the security problems and make it a useful, more secure device.

Date:
2018 November 10 - 15:00
Duration:
50 min
Room:
Room 3184
Conference:
Seattle GNU/Linux Conference 2018
Language:
Track:
Hardware, IoT
Difficulty:
Some experience required

Happening at the same time:

  1. Client Side Video Editing - Lessons in WebAssembly and FFmpeg
  2. Start Time:
    2018 November 10 15:00

    Room:
    Room 3180

  3. You got chocolate in my peanut butter! .NET on Mac & Linux
  4. Start Time:
    2018 November 10 15:00

    Room:
    Room 3179

  5. Open Source DocOps: How Open Data Kit Writes, Tests, and Publishes Documentation
  6. Start Time:
    2018 November 10 15:00

    Room:
    Room 3178

  7. Monitoring and Alerting: Knowing the Unknown
  8. Start Time:
    2018 November 10 15:00

    Room:
    Room 3183