Factory Reset Vulnerability in Netgear ARLO

Netgear Arlo

Update: CVE-2016-10115 and CVE-2016-10116 have been enlisted by MITRE.  Refer to the following CVE entries: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10115 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10116 In our ongoing curiosity of IoT products, we took a look at ARLO, a home security camera system from Netgear. ARLO is Netgear’s competing product to the Google Nest Dropcam. When I first researched network security cameras last summer ahead…

Case Study: Hacking Smart Lock Security

Kwikset Kevo Smart Lock

Update: This case study was presented at the CanSecWest 2016 conference held in Vancouver, British Columbia, Canada. The presentation is available as a PDF from this link.   Exponential growth of smart technology and Bluetooth Smart With the booming of Internet of Things (IoT), Bluetooth Smart, or Bluetooth v4.0 (aka Low Energy or BLE), has…