Saturday, September 30, 2017

TeamViewer and Ninebot mini pro by Sagway = All Terrain Connected Robots platfrom

Sometime we need to create, hacking is part of it
As some of you realized, I'm testing many use cases of Sagway robot platform recently.

In Israel UMI, are lunching this days the new line of Sagway. included what called Sagway robot, and Ninebot Plus.

The revolution is here, and so are the hackers :)

In my opinion,the robots are coming and we better join the forces, secure them and find something good to do with them.

I have tried the use of Sageway in wedding, as a party pal, a dog trainer, and even tested it for feeding animals understanding that it will help them to hunt again and go back to the nature.

I was making my robot, a navigator for blind people - replacing dogs, it was tested as a carrier in the nature and I had so much fun, mostly.

Some people were trying to force me to shot it down, other were trying to take it, or just talk to it like a dog.

Actually it's much better then Tinder since it's a proactive magnet for girls with curiosity, so it's a win win situation..

I made many people smile, thinking  - much more then whom who didn't like it
In high tech area, I got less positive impression then traditional, so basically people in Mea Sheaarim or Jaffa were mostly much more friendly then the people who supposed to build our startup nation.

My ritual uses is basically shopping, it's so great to have a robot who can carry 100kg.

However, I lost many things because of it, I fall down so many times and felt like going back 25 years, being super active person with tons of creativity, imagination so I like it, I like robots, and so many people around.

Some people told me that I'm insane, other said - wow we want one of this.

This days I'm opening a new platform called RAAS - Robots As A Service under Cybermoon, my company.

I think robots can be used as ultimate recon tool for hackers, and red teams worldwide can use them to simulate attacks.

According to my basic tests, Sagway were built with security by design, but basically I'm addicted to it so I cant be objective, others will do this job this time.
I can said that having limitation of numbers as a password, its something which has been seen before in other company, and this is something to change.

The ability to make a DDOS attack is out there, and having Bluetooth as a connection, should be change to something stronger.

As long as a person is on the device, it's loosing most of the abilities to control it, but some option are open.

Sagway Robot

 Shopping time


First POC of using TeamViewer in lab mode


 Using TeamViewer in field operation

A wake up call - Last mile security

Due to my recent finding in verity of automotive last mile devices, I think we must wake up and start to secure the new era of transportation.

There are missing ISO, no regulation and no defense line.
Government are loosing control, and there is no legal way to secure the streets.
People are buying exposed devices, with anti thief mechanism which is in fact the best Trojan horse, backdoor.

Others are having full control of their bikes, and it's so cool so they don't see the side effect the new risk. 

Simple VIN number is all needed for some of the devices, and sometime it's even shown in the SSID.

I like this revolution, I love robots but we must do something before it will be too late. 

This is black flag 

Some companies made good devices, but the amount of conversion wireless kits out there, being operated with BMS/RTU/PLC must be taken care ASAP.
Connected scooters
Connected Bike
Connected Robots
Connected OneWheel
Connected  Skateboard
Connected Drones

I think the word Internet of things, is totally wrong, the focus should be any wireless connection, WIFI/BT/BLE/2.4/GSM/GPS/etc.

 The internet it's not a necessary needed in order to deploy attack, it's time to protect bikes and scooters


Tuesday, May 16, 2017

Who Targets Me - Track which entities are targeting you with adverts

 This project is something to adopt in another countries..
Israel can be one of them.

"During the 2015 general election and 2016 referendum, campaigns spent millions of pounds purchasing highly targeted Facebook adverts. Voters were bombarded with messages tailored to their interests, location, age, gender and more. For the good of our democracy, it's time to throw some light on dark ads."

In the run-up to the general election, the Bureau is investigating how political parties and groups are using targeted advertising on Facebook to try to influence votes.

There has been a huge rise in political advertising on social media, which offers a much bigger audience for a much cheaper price than ads in newspapers or on billboards. A quarter of the last general election's total advertising spend was on Facebook, and social media is thought to have played a significant role in the victories of Donald Trump and the Vote Leave campaign.

The reams of personal information held by Facebook on its users means messages can be individually tailored for people with particular interests, who care about certain issues, or who live in marginal constituencies. The problem is that this type of advertising is in large part not subject to public scrutiny. Only Facebook knows what users are being shown what adverts - and privacy obligations combined with commercial interests mean that information is not publicly accessible.

A new project called Who Targets Me is attempting to address this, by recruiting social media users to share information on what adverts they are seeing. The Bureau’s new data journalism team the Bureau Local will analyze the data collected in an attempt to shed light on an opaque and rapidly growing industry.

The more people who get involved, the more detail we'll get about the scale and detail of the targeted messaging being used. Help us by signing up here - and read our story introducing the project and outlining our initial findings"

Chrome Extension