011 - Making Too Many Assumptions

This week Mike Ryan (@mpeg4codec) joins us to talk about how he went from hacking games for stronger characters (we don’t reveal which ones; you’ll have to listen) to revealing big weaknesses in Bluetooth products. Mike gives us the rundown on how he ended up working on UbertOOth ,  using wireshark, and how many UbertEEth you should use.  We discuss some of the biggest mistakes developers make in their Bluetooth and BLE products. He shares some examples of this through his prior work  including credit cards and skateboards. We also learn about CVEs including the one Mike has for the Skateboard. If after this, you are worried that your next IoT product needs a security review or at least getting started with Ubertooth, you can go to the Ubertooth , CrackLE and wireshark sites. If you want some serious hands on, you can contact Mike here. A few more tools came up to add to your list: Apk tool Hci tool (1) (tutorial) Perl Jar signer Gattool Smali - https://github.com/JesusFreke/smali Inspectrum NOTE: Sorry about the rough audio, we had some technical difficulties that we resolved about 15 min in. Have comments or suggestions for us? Find us on twitter @unnamed_show,  or email us at [email protected]. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)