CWTV
Internet of Telemetry: I Know What You Did Last Lockdown
An exploration of the available data discovered worldwide by probing MQTT endpoints. MQTT is a popular IoT protocol which, due to configuration, oversight or error (or all three), can be found open globally with at times highly personal data published for all to see. This talk encompasses the speaker's journey through developing a framework of parsing and exploring large datasets and building data collection and monitoring automation, showcasing the sheer lack of attention given to protection of such data
The Message Queueing Telemetry Transport (MQTT) protocol is a standard protocol for Internet of Things implementations. Issues arise when users of products and software utilising MQTT (and IoT generally) are unaware that the data they store might not be as safe as they would assume. From singular, residential IP addresses for a given home automation setup, to cloud services managing IoT products, to public brokers which can be used to aggregate vast quantities of data (popular and free for developers to use in testing), MQTT endpoints beacon data across the globe which sometimes can be as sensitive as live GPS co-ordinates and personal details of entire families as they go about life. From tracking Teslas to surveying Supermarkets, this talk will cover a 2 year journey from first discovering the goldmine of MQTT data, through being able to interact sanely with and search through such large datasets, to the technical difficulties (and moral repugnance) of building data collection automation. Included: MQTT, Python, geoJSON, Shodan, Censys
Additional information
| Type | Talk |
|---|---|
| Language | English |
More sessions
| 12/27/20 |
Die Corona-Warn-App (CWA) verkörpert ein Novum von (einigermaßen) agilem staatlichen Handeln im Bereich Software. Wie kam es dazu? Dieser Vortrag erzählt die Geschichte der Entstehung aus einer Innenperspektive.
|
| 12/27/20 |
A quick dive into best practices including but not limited to semantic HTML and aria attributes and how they can make your website usable by a wider audience with relatively low effort.
|
| 12/27/20 |
This talk explains why audits are a useful method to ensure that machine learning systems operate in the interest of the public. Scripts to perform such audits are released and explained to empower civic hackers.
|
| 12/27/20 |
Was war das C-Netz? Was ist eine C-Netz-Basisstation? Was ist die Funkvermittlungsstelle? Wie bringt man damit die Basisstation wieder zum Laufen?
|
| 12/27/20 |
Gute Autismusrepresentation in Medien ist wichtig, aber auch schwer. In diesem Vortrag möchten wir uns angucken, wie autistische Menschen in Medien dargestellt werden und, was wir selbst an schlechten Beispielen über Empathie lernen können.
|
| 12/27/20 |
Noch nie war gemeinsammes Waffeln backen und verzehren so kompliziert wie dieses Jahr. Doch davon lässt sich das Chaos nicht aufhalten. Überall haben Hacksen, Hacker und alle Wesen des Chaos sich versammelt um unter dem Motto “Waffeln everywhere” gemeinsam eine wohlschmeckende remote Waffel Erfahrung zu haben.
|
| 12/28/20 |
If you pop out into space, you die. No oxygen to breathe, no ambient pressure makes your bodily fluids boil, UV radiation burns your skin to a crisp. It's not a good place to be for humans. So in order to survive, you need to bring a number of things along, commonly called the "life support system". This talk explains how this works!
|
