Friday, May 19, 2017

"11-Year-Old Shocks Cybersecurity Experts: Anything on Wi-Fi Can Be Weaponized"

"11-Year-Old Shocks Cybersecurity Experts: 
Anything on Wi-Fi Can Be Weaponized"
by IWB

"This kid from Austin, Texas, just stunned a crowd of cybersecurity experts at a conference in the Netherlands by demonstrating how just about anything can be “weaponized” when it’s connected to the Internet. American wunderkind Reuben Paul, may be still only in 5th grade at his school in Austin, Texas, but he and his teddy bear Bob wowed hundreds at a timely cyber security conference in The Netherlands. "From airplanes to automobiles, from smart phones to smart homes, anything or any toy can be part of the" Internet of Things (IOT)," he said, a small figure pacing the huge stage at the World Forum in The Hague. "From terminators to teddy bears, anything or any toy can be weaponized."

The 6th grader, who also excels in gymnastics and is the youngest-ever American to earn a Shaolin Kung Fu black belt, put his money where his mouth was. To back up his claims, he presented a teddy bear that connects to wi-fi using Bluetooth technology. Paul then plugged a small device known as a “Raspberry Pi” into his laptop. The 11-year-old scanned the room for Bluetooth devices, then - “to everyone’s amazement,” according to Agence France-Presse - he downloaded dozens of phone numbers from the cyber security experts gathered in the room. Then, using a computer language program called Python*, Paul hacked into the teddy bear’s system using one of the collected numbers. To hammer his point home, he turned on the toy’s light and recorded a message from an audience member.

"Most internet-connected things have a blue-tooth functionality. I basically showed how I could connect to it, and send commands to it, by recording audio and playing the light," he told AFP later.

"IOT home appliances, things that can be used in our everyday lives, our cars, lights refrigerators, everything like this that is connected can be used and weaponized to spy on us or harm us. They can be used to steal private information such as passwords, as remote surveillance to spy on kids, or employ a GPS to find out where a person is. More chillingly, a toy could say "meet me at this location and I will pick you up," Reuben said.

His father, information technology expert Mano Paul, told how aged about six Reuben had revealed his early IT skills correcting him during a business call. Using a simple explanation from dad on how one smart phone game worked, Reuben then figured out it was the same kind of algorithm behind the popular video game Angry Birds. "He has always surprised us. Every moment when we teach him something he's usually the one who ends up teaching us," Mano Paul told AFP. 

But Paul said he been "shocked" by the vulnerabilities discovered in kids toys, after Reuben first hacked a toy car, before moving onto more complicated things. "It means that my kids are playing with timebombs, that over time somebody who is bad or malicious can exploit."

Now the family has helped Reuben, who is also the youngest American to have become a Shaolin Kung Fu black belt, to set up his CyberShaolin non-profit organization. Its aim is "to inform kids and adults about the dangers of cyber insecurity," Reuben said, adding he also wants to press home the message that manufacturers, security researchers and the government have to work together. Reuben also has ambitious plans for the future, aiming to study cyber security at either CalTech or MIT universities and then use his skills for good. Failing that maybe he could become an Olympian in gymnastics -- another sport he excels in."

“Sometimes paranoia's just having all the facts.” 
- William S. Burroughs



Click images for larger size.
* Python, you say? These graphics are from StatCounter, showing visitor information. And these fine law-abiding NSA Good Citizens visit our little blog every day, 3 or 4 times... checking up on all you scary terrorists that visit, no doubt... So if I suddenly "disappear", or worse, lol

 Ashburn, VA, USA. No thanks for stopping by.
By the way, that's them, top building left, below parking lot. Hi guys!
Click image for larger size.

 Host Name: pool-74-96-72-66.washdc.fios.verizon.net
"Verizon Business’ new headquarters sits on a large tract of open land in Ashburn, Va., primed and ready for expansion to meet the next generation of government communications. The connecting buildings- which resemble a giant convention center or a major international airport’s departure terminal- house the managed network services that Verizon Business provides to many federal agencies, including the intelligence and defense communities. For that reason, much of the center is off-limits to visitors.

The heart of the Verizon facility is the 30,000-square-foot, highly secure Verizon Government Network Operations and Security Center. Photography is not permitted, and press visits, such as the one arranged for Washington Technology, are limited. Access to the top-secret center is controlled by thumbprint and card biometrics identification and monitored by an array of video surveillance devices and motion detectors. All employees in the complex must have at least a secret clearance. The company can compete for work from the Defense Department and intelligence agencies up to the top-secret level, Starks said."
Verizon Online LLC
OrgId: VRIS
Address: 22001 Loudoun County Parkway
City: Ashburn
StateProv: VA
PostalCode: 20147
Country: US
- http://cryptome.org/eyeball/verizon-spy2/verizon-spy2.htm

IP Address: 71.241.241.96
Host static-71-241-241-96.washdc.fios.verizon.net
Location: US, United States
City:  Washington, DC 20002
Organization: Verizon FiOS
ISP: Verizon FiOS
AS Number: AS701 MCI Communications Services, Inc. d/b/a Verizon Business
- http://cqcounter.com/whois/

And YOU, Good-Law-Abiding-Taxpayer-Citizen, are paying for all this...
- CP

No comments:

Post a Comment