011 - Making Too Many Assumptions
Unnamed Reverse Engineering Podcast · Alvaro Prieto, Jen Costillo
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
This week Mike Ryan (@mpeg4codec) joins us to talk about how he went from hacking games for stronger characters (we don't reveal which ones; you'll have to listen) to revealing big weaknesses in Bluetooth products.
Mike gives us the rundown on how he ended up working on UbertOOth , using wireshark, and how many UbertEEth you should use. We discuss some of the biggest mistakes developers make in their Bluetooth and BLE products. He shares some examples of this through his prior work including credit cards and skateboards. We also learn about CVEs including the one Mike has for the Skateboard.
If after this, you are worried that your next IoT product needs a security review or at least getting started with Ubertooth, you can go to the Ubertooth , CrackLE and wireshark sites. If you want some serious hands on, you can contact Mike here.
A few more tools came up to add to your list:
- Apk tool
- Hci tool (1) (tutorial)
- Perl
- Jar signer
- Gattool
- Smali - https://github.com/JesusFreke/smali
- Inspectrum
NOTE: Sorry about the rough audio, we had some technical difficulties that we resolved about 15 min in.
Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at [email protected].
Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)