Monday, June 24, 2019

Reverse Engineering of a Not-so-Secure IoT Device #IoT #InternetOfThings #ReverseEngineering #EE #Wireless @McuOnEclipse

Via McuOnEclipse, when people build “smart things” and “wireless things”, is security a primary consideration? This article focuses on looking at a strange monitoring device found by employees under desks and in meeting rooms, placed there by their employer. What does it do? Erich Styger finds out.

IoT Device attached under a working desk

Looking inside:

The analysis of the board component revealed following components:

  • Microchip RN2483 LoRa module with antenna
  • STM32L031F6P6 ARM Cortex-M0+ microcontroller
  • AMSYS HTU20 I2C humidity/temperature sensor
  • RGB LED indicating connection status
  • Unknown device 8743 (I2C), probably a magnetometer/accelerometer

Using the logo found on the device, a Google name/image search reveals the company behind this device. The examples on the web site shows that these devices are used for office space monitoring.

The law in many countries is very strict if electronic devices are used to monitor a workplace. The information (or lack of information) what a device can and cannot do very likely will cause lots of employee concerns.

The article goes in depth analysing the device, it’s firmware and more to see what it can do and how the lack of security puts people at risk.

Continue reading om MCUonEclipse.com

 

No comments:

Post a Comment