API Security

Flexible Authentication Methods for Secure IoT Device Connections

by
Flexible Authentication Methods for Secure IoT Device Connections

Introduction: Flexible Authentication/Authorization Mechanisms Provide Efficient Security Assurance EMQX has always placed great emphasis on security, providing continuous enhancement of security guarantees for IoT users through a wide range of out-of-the-box security features, including MQTT over TLS/SSL, transmission encryption and authentication integration based on national cryptography algorithms, as well as various identity authentication functions such … Read more

Integrity Monitoring of IoT Devices Based on MQTT Protocol Extension

by

Article Title: Integrity Monitoring of IoT Devices Based on MQTT Protocol Extension All Authors: Qi Bing, Qin Yu, Li Minhong, Xie Hong, Shang Ketong, Feng Wei, Li Wei First Affiliation: University of Chinese Academy of Sciences Publication Date: 2022, 31(11): 68–78 Abstract Summary With the rapid development of the Internet of Things (IoT), the number … Read more

IoT Security Series | MQTT Protocol Security

by
IoT Security Series | MQTT Protocol Security

1. Introduction MQTT, which stands for Message Queuing Telemetry Transport, is an ISO standard (ISO/IEC PRF 20922) based on the publish/subscribe paradigm. It was released by IBM. Due to its lightweight, simple, open, and easy-to-implement characteristics, it is very suitable for IoT scenarios that require low power consumption and limited network bandwidth, such as remote … Read more

God Mode of IoT Devices: Insights from 2017 Security Developer Summit

by
God Mode of IoT Devices: Insights from 2017 Security Developer Summit

Editor’s Note: Currently, the security issues of IoT devices are mainly limited by hardware and software. Often, if the configuration does not keep up, even if developers want to address security issues, they may feel powerless. On the software level, the built-in protection mechanisms of the system are particularly critical, especially permission-based protections. We know … Read more

How to Gain Local Shell Access on IoT Devices

by
How to Gain Local Shell Access on IoT Devices

This article is a featured post from the KSY Forum by author ID: fengzhidian 1. Introduction The author has recently researched several smart home devices, which have fewer open ports and are generally unable to obtain debugging permissions from the network side. Gaining local debugging permissions on the device has become an important step in … Read more

House of Cat: New GLIBC IO Exploitation Techniques

by
House of Cat: New GLIBC IO Exploitation Techniques

This article is a highlight from the Kanxue Forum Author ID on Kanxue Forum: CatF1y House of Cat A new method of exploiting IO in GLIBC discovered in May, applicable to any version (including glibc2.35), named House of Cat and presented in the 2022 Strong Network Cup. Introduction House of Emma is one of the … Read more

Research on Acoustic Configuration of Embedded Devices

by
Research on Acoustic Configuration of Embedded Devices

1 Introduction A year ago, I researched an embedded device and found its acoustic configuration logic quite intriguing, but later focused on vulnerability exploitation and did not delve deeper. Recently, while studying wireless communications like sub-GHz, Bluetooth, and RF, I became interested again in transmitting information via acoustic signals, which led to this article documenting … Read more

Comprehensive Analysis of Linux Firewall! Securing the Operating System (Part 2)

by
Comprehensive Analysis of Linux Firewall! Securing the Operating System (Part 2)

Linux | Red Hat Certification | IT Technology | Operations Engineer 👇 1000-person technical exchange QQ group Note [Public Account] for faster access 1. Firewall Service Management View current active services firewall-cmd –list-service[root@localhost ~]# firewall-cmd –set-default-zone=publicsuccess[root@localhost ~]# firewall-cmd –list-servicessh dhcpv6-client[root@localhost ~]# firewall-cmd –set-default-zone=homesuccess[root@localhost ~]# firewall-cmd –list-servicessh mdns samba-client dhcpv6-client# This allows for a more intuitive … Read more

Time To Abandon 32-Bit Linux For 64-Bit

by
Time To Abandon 32-Bit Linux For 64-Bit

Introduction:If you want a secure experience, you might not want to continue using the 32-bit Linux kernel.                  This article has 1234 words, reading time is about: 2 minutes We have many Linux distributions tailored for 32-bit systems🔗 itsfoss.com. So, why do I want to discourage the use … Read more