This talk will explore vulnerabilities resulting from insecure design patterns in internet-connected embedded devices using real-world examples. In the course of our research, we have observed a pattern of manufacturers incorporating design choices that make an attacker’s job easier. We will explore in technical detail how these design flaws resulted in vulnerabilities in three popular devices.
M. Carlton heads the Senrio research team, focusing on product security and development. She brings strong embedded device research capabilities to the team. After graduating from MIT, she worked as a software security analyst in the DC area. Most recently, she was conducting embedded device security research at Draper Laboratory in Massachusetts before joining the Senrio team.