+ All Categories
Home > Technology > WebRTC Global Summit, IoT workshop, Tim Panton

WebRTC Global Summit, IoT workshop, Tim Panton

Date post: 23-Jan-2018
Category:

Technology
Upload: alan-quayle
View: 588 times
Download: 3 times
Download Report this document
Share this document with a friend
24
The (in)Security of Things Tim Panton - Protocol Droid - westhawk Ltd @steely_glint
Transcript
Page 1: WebRTC Global Summit, IoT workshop, Tim Panton

The (in)Security of ThingsTim Panton - Protocol Droid - westhawk Ltd@steely_glint

Page 2: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 3: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 4: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 5: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 6: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 7: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 8: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 9: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

https://www.shodan.io/explore
Page 10: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 11: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 12: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 13: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 14: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 15: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 16: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Page 17: WebRTC Global Summit, IoT workshop, Tim Panton

Security isn’t what it was.

Page 18: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Some common factorsWeak or no encryption

Poor Auth

Open ports

Centralised proprietary services

Unsuitable network topology

Inability to patch once shippedWe in the Telephony world have made all these mistakeslet’s help our IoT friends avoid them

Page 19: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

RTCweb Protocol is Standardized

Secure

Widely deployed

Decentralised (?)

Realtime

Strong on Identity management

Mobile capable (and smaller) ?

User-centric

Page 20: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Components we need

WebRTC (datachannel) app in my smartphone

WebRTC (datachannel) embedded in a device

WebRTC service for rendevous

Some sort of pairing

Page 21: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Components we will use

Chrome on android (well Mac - for easy AV)

Lightweight stack on device

Simple websockets message hub (https://github.com/steely-glint/fingersmith)

QRcode pairing

Page 22: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

Duckling protocol Described by Ross Anderson in 1990s

Device trusts first thing it sees

We flip this and the device shows QRcode

Smartphone then calls this address

First to connect claims ownership

https://www.flickr.com/photos/bunnygoth/14021732859/

https://www.flickr.com/photos/bunnygoth/14021732859/
Page 23: WebRTC Global Summit, IoT workshop, Tim Panton

@steely_glint - Westhawk Ltd

By using webRTC data channel we have

Standardized

Secure

Widely deployed

Peer-to-Peer (NAT traversal)

Realtime

Strong on Identity management

Mobile capable (and smaller)

User-centric

Page 24: WebRTC Global Summit, IoT workshop, Tim Panton

tldr;WebRTC isn’t just for video calls - it can solve Internet of Everything problems too.

Tim Panton - Protocol Droid - Westhawk Ltd@steely_glint


Recommended
WebRTC Workshop - What is (and isn't WebRTC)

WebRTC Workshop - What is (and isn't WebRTC)

Technology

Increased Community-Associated Infections Caused by Panton ... · 59 S. aureus that lacked Panton-Valentine leukocidin. This finding challenges the notion that Panton-Valentine leukoci-

Increased Community-Associated Infections Caused by Panton ... · 59 S. aureus that lacked Panton-Valentine leukocidin. This finding challenges the notion that Panton-Valentine leukoci-

Documents

Communications - WebRTC Strikes Backasteriskafrica.org/wp-content/uploads/2018/03/Communications-WebRTC... · WebRTC WebRTC isn't like the Empire. Its not evil but it could be the

Communications - WebRTC Strikes Backasteriskafrica.org/wp-content/uploads/2018/03/Communications-WebRTC... · WebRTC WebRTC isn't like the Empire. Its not evil but it could be the

Documents

What is WebRTC?hancke.name/webrtc/mozilla-webrtc-munich.pdf · 2015. 1. 9. · WebRTC == Ford Model T of VoIP commoditize. concentrate on UI/UX. WebRTC – the API. GetUserMedia RTCPeerConnection.

What is WebRTC?hancke.name/webrtc/mozilla-webrtc-munich.pdf · 2015. 1. 9. · WebRTC == Ford Model T of VoIP commoditize. concentrate on UI/UX. WebRTC – the API. GetUserMedia RTCPeerConnection.

Documents

Media Streams in IOT via WebRTC

Media Streams in IOT via WebRTC

Technology

WebRTC applications for IoT

WebRTC applications for IoT

Technology

VERNER PANTON HISTORY

VERNER PANTON HISTORY

Documents

Release Notes Version 8.6.1 RealPresence Collaboration Server€¦ · WebRTC Modular MCU with WebRTC support, and WebRTC Service support. WebRTC - VP8 and OPUS - in Mixed Group Browser

Release Notes Version 8.6.1 RealPresence Collaboration Server€¦ · WebRTC Modular MCU with WebRTC support, and WebRTC Service support. WebRTC - VP8 and OPUS - in Mixed Group Browser

Documents

Web Call Server - Specification - Streaming Video WebRTC ... · WebRTC Audio Calls, SIP, Messaging WebRTC Video Calls Flash Video Calls WebRTC Broadcasting Function Description Purpose

Web Call Server - Specification - Streaming Video WebRTC ... · WebRTC Audio Calls, SIP, Messaging WebRTC Video Calls Flash Video Calls WebRTC Broadcasting Function Description Purpose

Documents

Bracknell Forest Councildemocratic.bracknell-forest.gov.uk/documents/s102722/Item 5... · Telehealth IoT NHS Pathways M2M IoT integration Multi-channel self-care Video WebRTC Video

Bracknell Forest Councildemocratic.bracknell-forest.gov.uk/documents/s102722/Item 5... · Telehealth IoT NHS Pathways M2M IoT integration Multi-channel self-care Video WebRTC Video

Documents

Lisboa WebRTC - May 21, 2015 - Intro to WebRTC

Lisboa WebRTC - May 21, 2015 - Intro to WebRTC

Technology

WebRTC IMS SySTeMS and WebRTC PRoPRIeTaRy ISlandS...WebrtC Ims systems and WebrtC Proprietary Islands alCaTel-luCenT WhITe PaPeR 1 InTRoduCTIon WebRTC is a game-changing technology.

WebRTC IMS SySTeMS and WebRTC PRoPRIeTaRy ISlandS...WebrtC Ims systems and WebrtC Proprietary Islands alCaTel-luCenT WhITe PaPeR 1 InTRoduCTIon WebRTC is a game-changing technology.

Documents

Panton Presentation

Panton Presentation

Documents

Prevalence and genotypic characteristics of Panton ...

Prevalence and genotypic characteristics of Panton ...

Documents

WebRTC Standards from Tim Panton

WebRTC Standards from Tim Panton

Technology

Kranky Geek WebRTC Show: WebRTC in the Real World

Kranky Geek WebRTC Show: WebRTC in the Real World

Technology

4831 Brochure Panton Collection 2011 En

4831 Brochure Panton Collection 2011 En

Documents

Extending 4G Communications with WebRTC IMS and WebRTC

Extending 4G Communications with WebRTC IMS and WebRTC

Technology