011 - Making Too Many Assumptions

An interview with Mike Ryan, Bluetooth Expert


This week Mike Ryan ( @mpeg4codec ) joins us to talk about how he went from hacking games for stronger characters (we don’t reveal which ones; you’ll have to listen) to revealing big weaknesses in Bluetooth products.

Mike gives us the rundown on how he ended up working on UbertOOth ,  using wireshark , and how many UbertEEth you should use.  We discuss some of the biggest mistakes developers make in their Bluetooth and BLE products. He shares some examples of this through his prior work including credit cards and skateboards. We also learn about CVEs including the one Mike has for the Skateboard .

If after this, you are worried that your next IoT product needs a security review or at least getting started with Ubertooth, you can go to the Ubertooth , CrackLE and wireshark sites. If you want some serious hands on, you can contact Mike here .

A few more tools came up to add to your list:

NOTE: Sorry about the rough audio, we had some technical difficulties that we resolved about 15 min in.

Have comments or suggestions for us? Find us on twitter @unnamed_show ,  or email us at show@unnamedre.com .

Music by TeknoAxe ( http://www.youtube.com/user/teknoaxe )