Global ETD Search

151	Hacking a Commercial Drone Höglund Gran, Tommie, Mickols, Erik January 2020 (has links) Obemannade luftfarkoster, även kallade drönare, är del av IoT-revolutionen och har uppmärksammats de senaste åren på grund av integritetsfrågor såväl som flygplats- och militär säkerhet. Då de kan flyga samt har implementerat en ökande mängd teknologi, särskilt kamera och annan övervakning, är de attraktiva måltavlor för hackers och penetrationstestare. Ett antal attacker har genomförts i närtid. I detta examensarbete utforskas och attackeras drönaren Parrot ANAFI genom att använda hotmodellering ur ett black box-perspektiv. Hotmodelleringen inkluderar hotidentifiering med STRIDE samt riskvärdering med DREAD. Inga stora svagheter i systemet hittades. Rapporten visar att tillverkaren har en stor säkerhetsmedvetenhet. Exempel på denna medvetenhet är att tidigare rapporterade svagheter har åtgärdats och programkoden har förvrängts. Metoderna och de funna resultaten kan användas för att vidare utforska svagheter i drönare och liknande IoT-enheter. / Unmanned aerial vehicles, commonly known as drones, are part of the IoT revolution and have gotten some attention in recent years due to privacy violation issues as well as airport and military security. Since they can fly and have an increasing amount of technology implemented, especially camera and other surveillance, they are attractive targets for hackers and penetration testers. A number of attacks have been carried out over the years. In this thesis the Parrot ANAFI drone is explored and attacked using threat modeling from a black box perspective. The threat modeling includes identifying threats with STRIDE and assessing risks with DREAD. Major vulnerabilities in the system were not found. This report shows that the manufacturer has a high security awareness. Examples of this awareness are that previously reported vulnerabilities have been mitigated and firmware code has been obfuscated. The methods used and results found could be used to further explore vulnerabilities in drones and similar IoT devices. Computer and Information Sciences Data- och informationsvetenskap
152	How Secure is Verisure’s Alarm System? Hamid, Lars-Eric, Möller, Simon January 2020 (has links) Security is a very important part of today’s society.Verisure is the leader in home alarm systems with 30 years ofexperience. In this project, we aim to evaluate how secure theiralarm system is from a software perspective. The system wasbought in January 2020. After an initial threat modeling, followedby penetration testing it turns out that the alarm system is not assecure as Verisure markets. We could find several security flawsin the system. Some of them let an attacker block the system,and others yield full control without the user’s knowledge. Thereare also a couple of vulnerabilities that could be exploited bypeople without any special knowledge regarding hacking or thesystem in general. / Säkerhet är en mycket viktig del i dagens samhälle. Verisure är ledande inom hemmalarmsystem med 30 års erfarenhet. I det här projektet utvärderar vi hur säkert deras larmsystem är från ett mjukvaruperspektiv. Systemet köptes i januari 2020. Efter en inledande hotmodellering och följande penetrationstester visar det sig att larmsystemet inte är lika säkert som Verisure marknadsför. Vi kunde under projektets gång hitta flera säkerhetsbrister i systemet. Några av dessa gör att en angripare kan blockera systemet och andra ger full kontroll utan användarnas vetskap. Det finns också ett par sårbarheter som kan utnyttjas av människor utan någon speciell kunskap om hacking eller systemet i allmänhet. / Kandidatexjobb i elektroteknik 2020, KTH, Stockholm Alarm system Cross-site request forgery Cyber-security Denial of Service Hacking Internet of Things Verisure Elektroteknik och elektronik
153	Etisk hackning av en smart kattlucka : Sårbarhetstestning av en smart kattlucka / Ethical hacking of a smart cat flap : Vulnerability testing of a smart cat flap Kastrati, Adrian January 2024 (has links) Många hem köper produkter som är internetuppkopplade, sakernas internet (IoT), det gäller allt från lampor till kattluckor. Detta öppnar upp för möjligheten att styra sitt hem på nya sätt men det medför nya hot mot hem och samhället. Detta är ett kritiskt problem för många företag, särskilt på IoT-marknaden där det finns incitament som driver låga kostnader och snabb marknadsintroduktion. Litteratstudien visade en brist på tydliga värderingar av investeringar och att även om produktivitet påverkas negativt och förlänger tiden från idé till marknad undviks framtida svårigheter vid lyckade cybersäkerhethetsåtgärder. Trots de betydande hoten kan många företag välja att acceptera risken för cyberattacker på grund av att kostnader vid säkerhetsbrister inte alltid hamnar hos dem.Sårbarhetstestningsmetoden PatrIoT följdes för att grundligt testa IoT-produkten Microchip Cat Flap Connect. Attacker som utfördes var bland annat ping-flooding och MiTM. Produkten visade sig vara säker och vanliga svagheter som öppna nät- verkstjänster och avsaknad av kryptering var frånvarande. Produkten visade sig vara sårbar mot överflödesattacker (DoS) i form av ping-flooding. Med det går det att säga att produkten följer ett flertal principer för utveckling mot säker IoT men servern som används för webbapplikationen bör implementera krav på att endast lita på certifikat av betrodda certifikatutfärdare. / Many households purchase internet-connected products, Internet of Things (IoT), which includes everything from lamps to cat flaps. This opens new ways and possibilities of controlling one's home, but it brings new threats to home and society. This is a critical issue for many companies, especially in the IoT market where there are incentives that drive low costs and quick time to market. The literature study showed a lack of clear valuations of investments and that even if productivity is negatively affected and the time from idea to market is extended, future difficulties are avoided with successful cyber security measures. Despite the significant threats, many companies may choose to accept the risk of cyber-attacks because the costs of security breaches do not always end up with them.The PatrIoT vulnerability testing methodology was followed to thoroughly test the IoT product Microchip Cat Flap Connect. The product proved to be secure and common weaknesses, such as open network services and lack of proper implementation of encryption, could not be identified. The product was found to be vulnerable to denial-of-service (DoS) attacks in the form of ping-flooding. With that, it can be said that the product follows several principles for development towards secure IoT, but the server used for the web application should implement requirements to only trust certificates from trusted certificate authorities. Ethical hacking vulnerbility testing PatrIoT smart homes internet of things threat modelling cybersecurity Etisk hackning sårbarhetstestning PatrIoT smarta hem sakernas internet hotmodellering cybersäkerhet Computer and Information Sciences Data- och informationsvetenskap
154	Ethical hacking of a premium robot vacuum : Penetration testing of the Roborock S7 robot vacuum cleaner / Etiskt hackande av en högkvalitativ robotdammsugare : Penetrationstestande av robotdammsugaren Roborock S7 Dahlberg Sundström, Tobias, Nilsson, Johan January 2022 (has links) With the advancements made in the field of data science, smart IoT devices are be-coming increasingly common. Consequently, this creates an increased number of targets for hackers to potentially exploit. This is a study about ethically hacking a robot vacuum, the Roborock S7, and evaluating the security of the target system. The DREAD and Stride threat models are used in order to find potential exploits. These exploits are then tested on the vacuum. Four tests were done on the system: scan-ning, denial-of-service attack, man-in-the-middle sniffing and man-in-the-middle tampering. The study found that the vacuum is relatively secure against web threats with weaknesses found surrounding its handling of its own network and lack of re-sistance to denial-of-service attacks on the DHCP protocol. / Med de framsteg som sker inom datavetenskap och teknologi blir IoT-enheter allt vanligare i hemmen. Detta medför en ökad mängd enheter med potentiella sårbar-heter som hackare kan utnyttja. Denna rapport handlar om att etiskt hacka en ro-botdammsugare av modell Roborock S7 och utvärdera dess säkerhet mot internet-hot. DREAD och STRIDE används som hotmodeller för att hitta sårbarheter. Sår-barheterna testas sedan på dammsugaren. Fyra tester utfördes på system: scanning, denial-of-service-attack, man-in-the-middle-avlyssning och man-in-the-middle-av-lyssning med manipulering. Rapporten hittade att dammsugaren är resonabelt säker mot internethot men med svagheter i hur enheten hanterar sitt egna nätverk samt ett bristande motstånd mot en denial-of-service-attack genom DHCP-protokollet. Ethical hacking IoT DREAD STRIDE Grey-box testing Robot vacuum Etiskt hackande IoT DREAD STRIDE Grey-box testande Robotdammsugare Communication Systems Kommunikationssystem Computer Engineering Datorteknik
155	Learning from biometric distances: Performance and security related issues in face recognition systems Mohanty, Pranab 01 June 2007 (has links) We present a theory for constructing linear, black box approximations to face recognition algorithms and empirically demonstrate that a surprisingly diverse set of face recognition approaches can be approximated well using a linear model. The construction of the linear model to a face recognition algorithm involves embedding of a training set of face images constrained by the distances between them, as computed by the face recognition algorithm being approximated. We accomplish this embedding by iterative majorization, initialized by classical multi-dimensional scaling (MDS). We empirically demonstrate the adequacy of the linear model using six face recognition algorithms, spanning both template based and feature based approaches on standard face recognition benchmarks such as the Facial Recognition Technology (FERET) and Face Recognition Grand Challenge (FRGC) data sets. The experimental results show that the average Error in Modeling for six algorithms is 6.3% at 0.001 False Acceptance Rate (FAR), for FERET fafb probe set which contains maximum number of subjects among all the probe sets. We demonstrate the usefulness of the linear model for algorithm dependent indexing of face databases and find that it results in more than 20 times reduction in face comparisons for Bayesian Intra/Extra-class person classifier (BAY), Elastic Bunch Graph Matching algorithm (EBGM), and the commercial face recognition algorithms. We also propose a novel paradigm to reconstruct face templates from match scores using the linear model and use the reconstructed templates to explore the security breach in a face recognition system. We evaluate the proposed template reconstruction scheme using three, fundamentally different, face recognition algorithms: Principal Component Analysis (PCA), Bayesian Intra/Extra-class person classifier (BAY), and a feature based commercial algorithm. With an operational point set at 1% False Acceptance Rate (FAR) and 99% True Acceptance Rate (TAR) for 1196 enrollments (FERET gallery), we show that at most 600 attempts (score computations) are required to achieve 73%, 72% and 100% chance of breaking in as a randomly chosen target subject for the commercial, BAY and PCA based face recognition system, respectively. We also show that the proposed reconstruction scheme has 47% more probability of breaking in as a randomly chosen target subject for the commercial system as compared to a hill climbing approach with the same number of attempts. Modeling face recognition algorithms Face template reconstruction Multi-dimensional scaling Distance based embedding Hill climbing approach Hacking face recognition systems Face template indexing American Studies Arts and Humanities
156	Vers le Design hacké : la nécessité d’une nouvelle posture épistémologique Alvarez, Juliana 03 1900 (has links) Face aux mutations sociales, environnementales et technologiques de notre société, la capacité de résoudre les problèmes complexes devient un incontournable. Les nouvelles philosophies du « faire » et l’élan collaboratif au sein du milieu de travail hypermoderne ne se reflètent pas systématiquement dans le design. En essayant de suivre le rythme d’un monde en transformation constante, le design d’aujourd’hui peine à se mettre à jour. Les théories portant sur l’innovation collaborative présentent des réponses pour répondre aux problèmes complexes en prônant la pratique d’une conduite à projet fluide, ou autrement dit, éco-auto-ré-organisationnelle. Or, faute d’outil opératoire, l’innovation collaborative reste encore au stade conceptuel, voire utopique. Cette thèse a comme objectif d’apporter une réflexion sur les conduites de et à projet en design dans le monde d’aujourd’hui. Partant d’un exemple précis, à savoir le Hackathon, elle explore les nouvelles façons de penser, de faire et de créer des solutions à partir d’une dynamique tout à fait innovatrice, basée sur une éthique et une pratique propre à la nouvelle société du « faire » inspirée, notamment, des hackers. Le Hackathon est ainsi analysé à travers une grille d’analyse nommée le Gyroscope du projet qui permet de souligner les principaux éléments constitutifs de la conduite à projet en relation les uns avec les autres et de saisir les spécificités requises pour que la conduite puisse répondre aux indicateurs théoriques de l’innovation collaborative. L’analyse démontre non seulement que le Hackathon est effectivement une application concrète d’une nouvelle éthique de travail, mais que sa force se trouve dans les premières étapes de la conceptualisation du projet. La question que cette analyse soulève est donc : Est-il possible d’envisager de l’étendre sur l’ensemble du processus de développement, soit de l’idéation à l’implantation ? Cette recherche présente une lecture archéologique de la discipline du design qui permet de souligner des figures emblématiques du projet à travers les périodes historiques qui ont marqué le design. La proposition d’une nouvelle figure, le Hacking design, souligne l’impact des transformations engendrées par l’hypermodernisme sur la pratique de cette discipline et le rôle du praticien, concluant ainsi que la pensée du design (Design thinking) est dorénavant dépassée par une éthique de travail qui va au-delà d’une pensée, mais implique une nouvelle posture épistémologique. De nombreuses disciplines contigües au Design, dont la Gestion, l’Entrepreneuriat et l’Ingénierie, présentent ainsi un intérêt marqué pour le Design qu’ils perçoivent comme une réponse tributaire au succès de l’innovation collaborative au sein des organisations. Les attentes envers le Design, de sa théorie à sa pratique, sont donc grandes. / Today’s hypermodern working environment is experiencing important social, environmental and technological changes pressing actors to acquire the know-how to solve complex problems. The new philosophy of "doing" and the rise of working collaboration strategies arising in our hypermodern society are not systematically reflected in design’s practice. Indeed, by trying to keep pace with a world in constant change, today's design discipline is struggling to keep up. The theories on collaborative innovation present some answers to develop this know-how by advocating a practice that deploys fluidity in projects or, in other words, an eco-auto-re-organisational strategy. However, in the absence of a practical and operational tool, collaborative innovation is still at the conceptual and utopian stage. This thesis aims to rethink project management in our hypermodern world. Starting from a specific example, the Hackathon, it explores new ways of thinking, doing and creating solutions based on an entirely innovative dynamics, grounded on an ethic and a practice specific to the new society of "doing" and inspired, in particular, by the hackers. The Hackathon is thus analyzed through an analytic grid called the Gyroscope of the project through which the actors, the actions and the organisation of the project are evaluated. The Gyroscope makes it possible to identify the project’s components in relation to each other and to understand the requirements needed to carry out each project according to the theoretical indicators of collaborative innovation. The analysis not only demonstrates that the Hackathon is indeed a concrete application of a new work ethic, but that its strength is in the early stages of the project’s conceptualization. The question that this analysis raises is: Is it possible to consider extending it to the whole development process, from ideation to implementation? This research presents an archaeological reading of the discipline of design which allows to identify the emblematic figures of the project through the historical periods that marked the design. The proposal of a new figure, the Hacking design, highlights the impact of hypermodernism's transformations on the practice of this discipline and the role of the practitioner, thus concluding that Design Thinking is now overtaken by an ethic of work that goes beyond a way of thinking, but involves a new epistemological posture. Many disciplines contiguous to Design, including Management, Entrepreneurship and Engineering, have therefore a strong interest in Design, which they perceive as a response to the success of collaborative innovation within organizations. The expectations towards the discipline of Design, from its theory to its practice are, therefore, very high. Archéologie du design Innovation collaborative Conduite à projet Fluidité Gyroscope du projet Hackathon Éthique du hacker Design hacké Design archeology Collaborative innovation Project management Fluidity Gyroscope of the project Hacker’s ethic Hacking design
157	Technoethics and Sensemaking: Risk Assessment and Knowledge Management of Ethical Hacking in a Sociotechnical Society Abu-Shaqra, Baha 17 April 2020 (has links) Cyber attacks by domestic and foreign threat actors are increasing in frequency and sophistication. Cyber adversaries exploit a cybersecurity skill/knowledge gap and an open society, undermining the information security/privacy of citizens and businesses and eroding trust in governments, thus threatening social and political stability. The use of open digital hacking technologies in ethical hacking in higher education and within broader society raises ethical, technical, social, and political challenges for liberal democracies. Programs teaching ethical hacking in higher education are steadily growing but there is a concern that teaching students hacking skills increases crime risk to society by drawing students toward criminal acts. A cybersecurity skill gap undermines the security/viability of business and government institutions. The thesis presents an examination of opportunities and risks involved in using AI powered intelligence gathering/surveillance technologies in ethical hacking teaching practices in Canada. Taking a qualitative exploratory case study approach, technoethical inquiry theory (Bunge-Luppicini) and Weick’s sensemaking model were applied as a sociotechnical theory (STEI-KW) to explore ethical hacking teaching practices in two Canadian universities. In-depth interviews with ethical hacking university experts, industry practitioners, and policy experts, and a document review were conducted. Findings pointed to a skill/knowledge gap in ethical hacking literature regarding the meanings, ethics, values, skills/knowledge, roles and responsibilities, and practices of ethical hacking and ethical hackers which underlies an identity and legitimacy crisis for professional ethical hacking practitioners; and a Teaching vs Practice cybersecurity skill gap in ethical hacking curricula. Two main S&T innovation risk mitigation initiatives were explored: An OSINT Analyst cybersecurity role and associated body of knowledge foundation framework as an interdisciplinary research area, and a networked centre of excellence of ethical hacking communities of practice as a knowledge management and governance/policy innovation approach focusing on the systematization and standardization of an ethical hacking body of knowledge. Cybersecurity Ethical Hacking AI Governance Higher Education Technoethics Technoethical Inquiry Theory Sociotechnology Rocci Luppicini Mario Bunge Science & Technology Studies (STS) Qualitative Exploratory Case Study In-depth Interviews Technology Assessment Policy Innovation Karl Weick Sensemaking
158	RISKS AND CONSEQUENCES OF CYBER- ATTACKS AFFECTING DSO'S AND ELECTRICAL SUPPLIER’S BUSINESS PROCESSES IN THE SUPPLIER CENTRIC MODEL Gonzalez Hernandez, Rodrigo January 2016 (has links) There has been a motivated desire from different power system operators to have more systems embedded in computing and networking due to the great advantages of adding new capabilities that wasn't before possible. These advantages increased the power system’s up-time, performance and reduced its maintenance but opened a world of possible cyber-attacks. In January 2016, the Ukrainian electricity infrastructure suffered the first power outage caused by destructive malware that left hundreds and thousands of end-users without electricity during the Christmas holidays. Malicious malware are starting to cover cyber-physical systems that connect the physical technical equipment with the networked computational resources. One of these resources, which are currently being further developed, involves futuristic procedures for the electrical billing process. This means that data corruption could lead to both economical and physical consequences, leading to a decrease of the public's trust on metering equipments, the overall smart grid concept and the electricity market actors. The Nordic and Swedish electricity market is under transition to the Supplier Centric Model (SCM), a new market model, which facilitates the billing and payment towards the end-users and the interactions between electrical suppliers and Distribution System Operators (DSO). This model uses a centralized data service hub for information exchange that is owned and operated by the Swedish Transmission System Operator (TSO). Vattenfall IT has thus jointly with the department of Electric Power and Energy systems (EPE) at KTH launched this master thesis that focuses on the risks and consequences caused by cyber-attacks in the SCM. An adversary may cause unwanted actions by business process hacking or knowledge-based hacking by analyzing the business processes maps within the SCM One of the aims of the thesis was to identify the business process vulnerabilities and events of the DSO's and supplier’s business processes in the SCM if the system was under attack and when the power system operator was unaware that the presented data was corrupted. The outcome of the thesis will help improve the business process resilience against cyber-attacks thus leading to an increased trust in the SCM from the general public. Different related attack-scenarios (AS) were investigated to provide a generic solution for improvements to all relevant business service actors. The risks and consequences were found, analyzed and used for developing suggestive improvements for the Billing Business Process (BBP). / Det har funnits ett motiverat önskemål från olika elkraftsoperatörer att flera system inbäddas i datoranvändningen och nätverken på grund av de många fördelar och nya förmågor som inte var möjliga förut. Dessa förmågor ökade elkraftsystemens tillgänglighet, prestanda och minskade dess underhåll men öppnade en värld av möjliga cyber-attacker. Den Ukrainska elektriska infrastrukturen upplevde det första strömavbrottet orsakad av destruktiva skadeprogram som lämnade tusentals användare strömlösa under julen 2015. Skadeprogrammen har börjat täcka cyber-fysiska system som kopplar det fysiska tekniska utrustningen med de nätverskopplade beräkningsresurserna. En av dessa resurser, som för närvarande är under utveckling, involverar framtida procedurer åt faktureringsprocessen för elektricitet. Detta betyder att data korruption kan leda till både ekonomiska och fysiska konsekvenser vilket leder till en förminskning av det allmänna förtroendet på mätningsutrustningen, det generella smarta elnätskonceptet och på elmarknadsaktörerna. Den nordiska och svenska elmarknaden är under övergång till Elleverantörs Centriska Modellen (SCM), en ny marknadsmodell som underlättar fakturering och betalningen gentemot användarna och växelverkan mellan elleverantörerna och elnätsföretagen (DSO). Denna modell använder en centraliserad tjänstehubb för informationsutbytet som ägs och drivs av den svenska systemansvariga myndigheten (TSO). Vattenfall IT har således tillsammans med avdelningen Energi och Elkraft (EPE) på KTH lanserat detta examensarbete som fokuserar på riskerna och konsekvenserna orsakade av cyber-attacker i SCM. Motståndaren kan orsaka oönskade handlingar via hackning av affärsprocesserna eller kunskapsbaserat hackning genom att analysera affärsprocesskartorna inom SCM. Ett mål av examensarbetet var att identifiera affärsprocessernas sårbarheter och händelser av en DSO och elleverantörs affärsprocesser i SCM om systemen var under anfall och elkraftsoperatören är ovetande att det presenterade data är korrumperat. Examensarbetets resultat kommer hjälpa att förbättra affärsprocessernas spänstighet mot cyber-attacker vilket kommer leda till ett ökat förtroende på SCM från allmänheten. Olika relaterade cyber-attack scenarion undersöktes för att förse en generisk lösning för förbättringar åt alla relevanta verksamhetsaktörer. Riskerna och konsekvenserna var funna, analyserade och användes för att utveckla förbättringsförslagen åt faktureringsprocessen (BBP). Data service hub Process resilience Supplier Centric Model Business Process hacking Tjänstehubb Process spänstighet Elleverantörs Centriska Modellen Process hackning Cyber-Säkerhet och Nordiska elmarknaden Elektroteknik och elektronik
159	Investigating Potential Strategies Used by Climate Change Contrarians to Gain Legitimacy in Two Prominent U.S. and Two Prominent U.K. Newspapers from 1988 to 2006 Herman, Tess P. 01 June 2021 (has links) No description available. Environmental Science History International Relations Journalism Science History World History Climate change media global warming misinformation disinformation source hacking journalism science communication bias opportunity structures fake experts fake news conservative think tanks manufacturing doubt
160	Etisk hackning av en smart foderautomat / Ethical hacking of a Smart Automatic Feed Dispenser Lokrantz, Julia January 2021 (has links) Sakernas internet (IoT) syftar till det nät av enheter som samlar och delar data över internet. De senaste åren har användandet av konsument-IoT ökat explosionsartat och åtföljts av en ökad oro kring säkerheten i dessa enheter, då många system visat sig ha bristande säkerhetsimplementeringar. Denna studie undersöker säkerheten i en smart foderautomat för husdjur och redogör för ekonomiska orsaker till förekomsten av sårbarheter. Metoden bygger på att hotmodellera foderautomaten med STRIDE- och DREAD-modellerna följt av en penetrationstestningsfas för några av de allvarligaste hoten. Resultatet visar på att foderautomaten Trixie TX9 har otillräcklig kryptering av nätverksnamn och lösenord till Wi-Fi, är sårbar mot flödesattacker och att analys av trafiken till/från enheten kan avgöra vilket tillstånd den är i. Vidare har foderautomaten flera öppna nätverkstjänster, där bland annat en Telnettjänst som kan nås genom svaga, hårdkodade inloggningsuppgifter som finns publicerade på internet. Ekonomiska orsaker till förekomsten av sårbarheter är främst asymmetrisk information och motstridande incitament. Det är idag svårt för tillverkare att ta betalt för säkerhet då marknaden drivs av snabba lanseringar och utökade funktioner till ett pressat pris. / Internet of things (IoT) refers to the web of connected devices that collect and share data through the internet. The use of consumer-IoT has increased dramatically in recent years, accompanying an increasing concern about the security of these devices as many systems have proven to have insufficient security measures. This study aims to investigate the security level of a smart food dispenser for pets, and account for the underlying economic reasons for the occurrences of vulnerabilities. The method used in this study consists of conducting threat modeling of the food dispenser using STRIDE as well as DREAD models. This is then followed by a penetration-testing phase for some of the more serious threats. The results indicate that the food-dispenser Trixie TX9 has insufficient encryption of network names and passwords, is susceptible to flooding-attacks, and analysis of the incoming/outgoing data traffic from the device can deduct which state it is currently in. Furthermore, the food dispenser has several open network services, Telnet is one among them, which can be accessed through weak, hardcoded credentials that are published on the internet. The economic reasons for these security weaknesses are asymmetrical information and misaligned economic incentives. Manufacturers struggle to charge consumers for an increased level of security as the main market driving factors are swift and regular product launches as well as an expansion of new features available at competitively low prices. Ethical hacking Internet of things Penetration testing Thread modeling STRIDE DREAD Smart food dispenser Security Vulnerabilities Etisk hackning Sakernas internet Penetrationstestning Hotmodellering STRIDE DREAD Smart foderautomat Säkerhet Sårbarheter Computer and Information Sciences Data- och informationsvetenskap

Search results