March 2017
Intermediate to advanced
262 pages
5h 26m
Chinese
Content preview from 物联网设备安全
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
62
|
第
2
章
这意味着:基于物联网的设备制造商如
Kevo
,必须力争在其产品的初始版本实现正确的
安全功能。这很不容易,因为安全是很难完美的,所以使用这些设备的用户应该意识到
潜在的风险,正如本节所描述的。
2.4
小结
人类渴求保护财产、隐私和人身安全是可以理解的。我们几千年前就发明了门锁,至今
仍依赖门和锁保护我们的生活空间。
即便是对最好的门锁滥用开锁工具,对我们大多数人来说都不算是新闻了。然而,随着
电子门锁在物联网中的出现,我们必须认识到从安全角度出发作出的决定如何深远地影
响我们的未来。
在
Onity
门锁的例子中,我们展现了一个不良的安全设计如何置百万房屋于危险之中,
这一情况又如何被各种窃贼加以利用。还有一个例子,当人们不得不对数以百万计的门
锁人工进行升级,这将是非常昂贵的安全补丁。另外,
Onity
的例子对门锁制造商来说
是个教训,他们应该对客户更加透明,并与独立安全研究人员合作解决安全问题。
Z-Wave
的例子说明了网络协议设计者是如何在不经意间将门锁至于风险之中的,人们
能够通过简单的硬件和软件工具任意地开门。当考虑到物联网安全问题时,我们应该包
括和检查部署的设计原则,这些设计原则不仅是终端生产商使用的,也是那些提供使这
些设备运行的
SDK
和协议的组织所需要使用的。
最后,在
BLE
的例子中,我们看到
Mike Ryan
的重要研究表明:通过协议暴力破解连接
致使很多设备处于危险之中。另外,我们简述了具有用
iPhone
开锁功能的
Kevo
门锁的
设计问题,这一特性提供了传统的攻击方式,如密码猜测和网络钓鱼攻击。我们也看到 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.