Abusing the Internet of Things
Blackouts, Freakouts, and Stakeouts
Publisher: O'Reilly Media
Final Release Date: August 2015
Pages: 296

This book is a marvellous thing: an important intervention in the policy debate about information security and a practical text for people trying to improve the situation.

— Cory Doctorow
author, co-editor of Boing Boing

A future with billions of connected "things" includes monumental security concerns. This practical book explores how malicious attackers can abuse popular IoT-based devices, including wireless LED lightbulbs, electronic door locks, baby monitors, smart TVs, and connected cars.

If you’re part of a team creating applications for Internet-connected devices, this guide will help you explore security solutions. You’ll not only learn how to uncover vulnerabilities in existing IoT devices, but also gain deeper insight into an attacker’s tactics.

  • Analyze the design, architecture, and security issues of wireless lighting systems
  • Understand how to breach electronic door locks and their wireless mechanisms
  • Examine security design flaws in remote-controlled baby monitors
  • Evaluate the security design of a suite of IoT-connected home products
  • Scrutinize security vulnerabilities in smart TVs
  • Explore research into security weaknesses in smart cars
  • Delve into prototyping techniques that address security in initial designs
  • Learn plausible attacks scenarios based on how people will likely use IoT devices
Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyAbusing the Internet of Things
 
4.9

(based on 8 reviews)

Ratings Distribution

  • 5 Stars

     

    (7)

  • 4 Stars

     

    (1)

  • 3 Stars

     

    (0)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

100%

of respondents would recommend this to a friend.

Pros

  • Well-written (7)
  • Accurate (6)
  • Easy to understand (6)
  • Helpful examples (6)
  • Concise (4)

Cons

No Cons

Best Uses

  • Intermediate (6)
  • Expert (5)

Reviewed by 8 customers

Displaying reviews 1-8

Back to top

 
5.0

This book are usefful for internet security

By José

from Petrópolis - State of Rio de Janeiro - B

Verified Buyer

Comments about oreilly Abusing the Internet of Things:

I read only some pages of the book. Now I'm learning
C/C++ basics for after read this book and others relative to IOT.
Thank you

 
4.0

An excellent technical coverage of security issues with IoT

By K. Brian Kelley

from Columbia, SC

About Me Sys Admin

Pros

  • Accurate
  • Concise
  • Helpful examples
  • Well-written

Cons

  • Deeply Technical

Best Uses

  • Expert
  • Intermediate

Comments about oreilly Abusing the Internet of Things:

Abusing the Internet of Things covers well significant security issues in a myrial of devices and systems we commonly refer to the Internet of Things (IoT). For instance, the book starts with a brand of light bulbs which can be controlled remotely and then moves on to electronic locks, baby monitors, and even cars. In each case the author, Nitesh Dhanjani, presents the technical details of each security issue and how can it be attacked. Many of these problems reveal a fundamental lack of security knowledge in the design of each item and it's not surprising how often the same problems crop up across multiple, disparate products.

I enjoyed this book because the author does a great job laying out the technical information and covering each issue sufficiently. This isn't a book where you have to "take the author's word for it." For instance, the author gives the communications between the light bulb and the controlling device. If the reader is familiar with the protocol used in that communication, it's easy to see what the security issue and how it's exploited. The author provides this level of detail in each case. Because there is so much detail, if one doesn't have the technical background to understand this information, the book may prove a bit difficult to get through.

The publication of the book is especially timely. As I was preparing the review for this book, a story broke about how researchers hacked a pacemaker wirelessly in such a way that had it been in a real person, they would have had the ability to case the person's death. Therefore, the warning given in the preface, "Attacks targeting our online spaces will put our physical security at risk" is well-founded. This is especially true in areas that we take for granted in everyday living, areas we've never considered open to a hack previously. The general public is becoming more aware of these issues, especially after the recently reported hacks on multiple car brands and the subsequent recalls by the respective automotive manufacturers.

Finally, the author doesn't just cover the issues, but he also walks through a prototype of a typical IoT device (a doorbell that can be made from a kit), what may be done with it, what we should be considering security wise, and how we attack the potential security issues. We aren't just left the problems, but we're given a model on how to do things right.

(1 of 1 customers found this review helpful)

 
5.0

A must have IOT security resource!

By Sridom

from San Jose, CA

Verified Reviewer

Pros

  • Accurate
  • Concise
  • Easy to understand
  • Helpful examples
  • Well-written

Cons

    Best Uses

      Comments about oreilly Abusing the Internet of Things:

      Nitesh is one of my favorite technical authors and I'm extremely pleased that "Abusing the Internet of Things" is finally here. I can positively say that this is a must-have, must-read book for professionals trying to understand / investigate core security and privacy issues affecting consumer grade IOT products.

      I had the chance to read the book cover to cover prior to the final release and would like to say that the technical contents in this book is fantastic. I would like to highlight few of the concepts that Nitesh helped me understand:

      a) The feasibility and impact of cross device attacks in this age of "digitally syncing" all our devices
      b) Secure prototyping of IOT products using easily available DIY HW/SW kits
      c) Fundamental security issues affecting specific implementations of popular IOT protocols (Z-Wave and BLE (Bluetooth Low Energy))
      d) How to systematically dissect any given IOT product to identify "hard to find" HW/SW attack surfaces

      The examples in this book are elegant and very well sequenced. I especially liked the detailed deconstruction of specific attacks with code examples, HTTP requests and response snippets and relevant screenshots. That being said, this book is an easy read and like his previous books, the topics flow smoothly. If you are a builder or breaker of IOT products or just a curious security researcher, don't hesitate, just buy this book. It serves as a solid primer to IOT security.

      Thank You, Nitesh for writing this book. I look forward to your next book!

       
      5.0

      Fantastic. Enjoyed readin this book.

      By Avi

      from New York, NY

      About Me Educator

      Verified Reviewer

      Pros

      • Accurate
      • Easy to understand
      • Helpful examples
      • Well-written

      Cons

        Best Uses

        • Expert
        • Intermediate

        Comments about oreilly Abusing the Internet of Things:

        The topic of IoT and security is hot. The literature in this book addresses the issue spot on. The chapters flow rationally from the introduction to the conclusion. The table of contents seems to be carefully produced to start with popular devices and end with forward thinking thoughts. The examples and details are easy to follow. Enjoyed this book.

        (2 of 2 customers found this review helpful)

         
        5.0

        Great Book, Don't understand that other review...

        By NoSlack913

        from Boston, MA

        About Me Cto, Developer

        Verified Reviewer

        Pros

        • Easy to understand
        • Helpful examples
        • Well-written

        Cons

          Best Uses

          • Expert
          • Intermediate
          • Novice
          • Student

          Comments about oreilly Abusing the Internet of Things:

          One of the reasons I specifically chose to write this review is because I was puzzled by the 2 rating review by Simon. I felt the book did a fantastic job of opening up a conversation on how to secure devices now and in the future by preparing and teaching the reader how to learn from mistakes in actual IoT objects that exist today. I think this is a better way of teaching the reader how to fish for themselves compared to having a 'general' conversation about the topic that every other self professed "IoT expert" is out there doing. I like that the book is focused on specific products because the author has picked popular products whose architecture is likely to show up in future generations of products. The table of contents shows the names of the products so if readers want a general book talking about basic things everyone already knows, this is not the right book for them.

          (1 of 1 customers found this review helpful)

           
          5.0

          Great resource on IOT security

          By apopli

          from Seattle

          About Me Educator

          Verified Reviewer

          Pros

          • Accurate
          • Easy to understand
          • Well-written

          Cons

            Best Uses

            • Intermediate

            Comments about oreilly Abusing the Internet of Things:

            Had the opportunity to review the book before public release. Excellent resource for those looking to understand the IOT security landscape. Author walks you through basics and makes you 'see' the impact. Very timely release as the news around automobiles and their safety is taking headlines. Highly recommended.

            (1 of 1 customers found this review helpful)

             
            5.0

            5 Stars

            By KTRIN

            from Seattle, Wa

            About Me Developer

            Verified Reviewer

            Pros

            • Accurate
            • Concise
            • Easy to understand
            • Helpful examples
            • Well-written

            Cons

              Best Uses

              • Expert
              • Intermediate
              • Novice
              • Student

              Comments about oreilly Abusing the Internet of Things:

              I throughly enjoyed this book. The first chapter is a good walk through of security issues to consider as we install equipment such as light bulbs that are remotely controllable. I like that the examples and code are to the point. This book does a good job of also including things like the IFTTT platform so that the threat landscape is presented in a holistic sense.

              I was stunned to read the "saga" surrounding the Foscam baby monitors and the countless vulnerabilities. Actual references to families that were mentally affected by the incidents shows how real the problem of IoT security is.

              Also very appreciative of the style of writing. I chuckled at The "You Call That Encryption?" heading followed by "I Call it Encraption". Some of the dry humor gave a personality to the book and I found it engaging.

              (1 of 1 customers found this review helpful)

               
              5.0

              Timely and full of great insights

              By Mark Horton

              from Austin, TX

              About Me Maker

              Verified Reviewer

              Pros

              • Accurate
              • Concise
              • Easy to understand
              • Helpful examples
              • Well-written

              Cons

                Best Uses

                • Expert
                • Intermediate

                Comments about oreilly Abusing the Internet of Things:

                One of the first things I found refreshing about this book is the style of writing. Most security hacking books are bland and end up being reference material. I felt the author did a fantastic job of walking through why each chapter covered what it did and why it is worthwhile.

                I particularly enjoyed the chapters on lighting and car security (timely).

                The table of contents and witty titles are also fun.

                There is a lot of literature on vulnerabilities that have been found on IoT products and this information is scattered around the web. This book brings all of those insights into one place and I found this useful.

                Displaying reviews 1-8

                Back to top

                 
                Buy 2 Get 1 Free Free Shipping Guarantee
                Buying Options
                Immediate Access - Go Digital what's this?
                Ebook:  $42.99
                Formats:  DAISY, ePub, Mobi, PDF
                Print & Ebook:  $54.99
                Print:  $49.99