For the past few years, VERT has been running an IoT Hack Lab at SecTor, a security conference in Toronto, Ontario, Canada. Interested attendees (including Expo attendees, who can get a free pass using code Tripwire2019) can visit the Hack Lab with their laptop and learn how to hack various IoT devices from routers and baby monitors to more complex systems like home automation controllers and whatever new surprises we may add each year. Some of these devices have known vulnerabilities; others allow for all-new research. We have had new vulnerabilities discovered at the Hack Lab, and we’ve walked attendees through reporting them to the vendor and submitting for a CVE.
We’re happy to help you work through a vulnerability step by step or guide you on new research. You can also just sit back and enjoy the toys. We know that not everyone can afford to buy devices just to satisfy their research curiosity, and that’s one of the main reasons we do this. We’re also always interested in conversations on IoT Hacking or just security in general. Stop by, say hi and chat with us for a few minutes. We like to think of the Hack Lab as the epitome of hall cons.
In addition to the IoT Hack Lab, we’re running a two-day training course, IoT Hacking – Brainwashing Embedded Systems Deep Dive, created by Craig Young. This will take place on the Monday and Tuesday prior to SecTor; it includes material previously covered in the one-day sessions as well as new material. Craig has offered variations of the training at AusCERT, Black Hat, DEFCON and SecTor, typically to sold-out crowds.
If you’re looking to talk to Tripwire sales people, they have a booth set up (#306) and will be happy to see you. If you have any Tripwire related questions, that is the best place to go. However, if you want to talk the latest technology and research, stop by the IoT Hack Lab. We’re always excited to meet new people.
Hope to see you there!