This talk will explore vulnerabilities resulting from insecure design patterns in internet-connected embedded devices using real-world examples. In the course of our research, we have observed a pattern of manufacturers incorporating design choices that make an attacker’s job easier. We will explore in technical detail how these design flaws resulted in vulnerabilities in three popular devices.