March 2017
Intermediate to advanced
262 pages
5h 26m
Chinese
Content preview from 物联网设备安全
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
电子撬锁
——
滥用门锁危害物理安全
|
47
Cody Brocious
在他的白皮书的附录
A
中介绍了
Arduino
开锁所需代码(也称为
sketch
)。基本上,
Brocious
的
sketch
利用了这个事实:使用
Arduino
可以从编程端口
读取存储器的任何部分。
Brocious
用这个办法读取存储器的站点代码,然后用它调用开
锁命令开锁。
对数以百万计安装在世界各地不同地方的
Onity
锁来说,这是一个严重的安全问题。只
要有在附近电子商店购买的
Arduino
微控制器,任何人都可以走到使用
Onity
锁保护的
门前,打开它。事实上,著名的连锁酒店,如假日酒店、长住酒店、优质酒店、拉昆塔
酒店、红屋顶酒店、汽车酒店六、经济酒店、万怡万豪酒店和舒适客栈报道的盗窃案都
是由这一特殊的安全问题造成的。
锁存储中的主钥匙编码
通过读取锁存储中的主钥匙编码可以制作主钥匙卡。站点代码也可以从存储中读出,这
个值可用来制作主卡。如前所述,酒店可以选择不同区域内的锁使用不同的主卡。因此,
主钥匙可以限定在酒店的特定区域房间使用。
然而,这仍然是一个严重的问题,因为潜在的入侵者可以用一次性创建的主钥匙卡进入
酒店一整片区域的房间。
未加密的备用卡
如前所述,每一个附随的备用卡都是通过增量识别值创建的,是没有加密的。当编码器
故障时可以使用这些卡。因此,如果入侵者可以拿着识别值为
500
的备用卡,那他可以
制作识别值为
499
或
501
的备用卡去尝试打开其他门。
当然,用新制作的备用卡具体能打开哪扇门不太容易确定,这种攻击实施起来有些困难。
2.1.5 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.