100 likes | 278 Vues
A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons Tamara Denning, Cynthia Matuszek , Karl Koscher , Joshua R. Smith and Tadayoshi Kohno. Introducing. From left to right: WowWee RoboSapien V2 WowWee Rovio Erector Spykee. Capabilities.
 
                
                E N D
A Spotlight on Security and Privacy Risks with Future Household Robots: Attacks and Lessons Tamara Denning, Cynthia Matuszek, Karl Koscher, Joshua R. Smith and Tadayoshi Kohno.
Introducing... From left to right: WowWeeRoboSapien V2 WowWeeRovio Erector Spykee
Capabilities Prices correct as of late 2008.
Visibility Rovio: Visible to local attacker by SSID, MAC address Visible to remote attacker by unique http interface, port 80 query Spykee: Visible to local attacker by SSID, MAC address Visible to remote attacker by keep alive packets, port 9001 control request RoboSapien: Not visible
Vulnerabilities Rovio Passive adversary can intercept unencoded username and password Audiovisual stream does not require password even when enabled WEP support only, though WPA added in patch. Spykee Co-located mode sends credentials in the clear Video stream unencrypted Remote access more difficult, Diffie-Hellman key exchange vulnerable to MITM WEP and WPA
Vulnerabilities RoboSapien Vulnerable to off-the-shelf controller and IR repeater Compromised computer with IR port Universal remote control with 802.11 wireless Other compromised robots with IR transmitters Other remote attacks possible, eg buffer overflow...
Attacks • Privacy • Security • Vandalism • Psychological
Design Questions • What is the intended function of the robot? • How mobile is the robot? • What sensors does the robot possess? • What actuators does the robot possess? • What communication protocols does the robot support? • Who are the intended users of the robot? • What is the robot’s intended operational environment? • Besides the intended users of the robot, what other people (and animals) will be in the robot’s environment? • What kind of development processes are in place?
Design Questions • Does the robot create new or amplify existing privacy vulnerabilities? • Does the robot create new or amplify existing physical integrity vulnerabilities? • Does the robot create new or amplify existing physical safety vulnerabilities? • Does the robot create new or amplify existing psychological vulnerabilities? • Can the robot be combined with other robots or technologies to facilitate an attack?
What else? What steps need we take to prevent these issues in future?