Hack a lock and get free rides! (No free beer yet though...). This talk will explore the ever growing ride sharing economy and look at how the BLE "Smart" locks on shared bicycles work. The entire solution will be deconstructed and examined, from the mobile application to its supporting web services and finally communications with the lock. We will look at how to go about analysing communications between a mobile device and the lock, what works, what doesn't.

Previous talks on attacking BLE targeted the protocol itself using various hardware and software such as Ubertooth and Wireshark, which could be potentially difficult for someone new wanting to explore BLE and the ever connected IoT world. I'll simplify and stupidify the entire process such that anyone with a mobile phone and basic experience with Frida can go about breaking locks and hacking BLE the world over.

Speakers:


Vincent Tan, Senior Security Consultant, MWR InfoSecurity


Vincent is a Senior Security Consultant at MWR Labs (the forefront of innovation and research in cyber security). He has a passion for all things"mobile" and anything"wireless". Vincent spends most of his free time focused on reverse engineering esoteric protocols, mobile devices and all things IOT to make the real(cyber)world a better and (where possible) a safer place to be for all. (All this while trying to survive by getting free rides.) Singaporean by birth, Vincent defies the local stereotype of accepting "cannot" for an answer and lives in a world of only pure possibility.

Detailed Presentation:

(Source: DEF CON 26)
  
8669803288?profile=original
E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

CISO Discussion Conference

  • Description:

    The sessions will explain the Security Market Ecosystem, Problems that CISOs face when trying to purchase a product in that segment, the architecture, business impact & more.

  • Created by: pritha