Easter Camp, OBUA followed by MOD-2 exam

Imber Village, Salisbury Plain
The annual Easter camp (Ex. Hydra) was held last week, from Thursday to Sunday, it included some night patrols, OBUA followed by 2 days of MOD-2 exam.

On Thursday night our company was dropped 5km from Imber village on Salisbury Plain at 23:45hrs. We split into our sections and each patrolled to Imber Village where we reccied one of the other company's of our unit, which was a good laugh because their skills and drills were terrible when they thought there was no one watching, the guys on stag were using white light and talking, so it wasn't hard to find them!Wish we could have contacted them!!




The next day (which was about 2 1/2 hours later), we did a good full day of OBUA  (operations in built up areas), it was mainly lessons and practising in the morning, followed by a 2 hour attack in the afternoon.

We then headed back to camp to get our warning order for the Saturdays MOD-2 mock, we also did a lecturette that evening also for MOD 2.
Preparing our models for MOD-2 Exam

The rest of the weekend was filled with battle estimates, giving orders, tests and more, and I am very glad to say that I passed MOD-2 (and 16% pay rise - yay!!)


AB Coy - After MOD-2 

Finished Working at a Raspberry Pi after-school club

For the last few terms I have been helping out at an extra-curricular raspberry pi programming club for 13-15 year old's at the Oxford Academy in Blackbird Leys. It had been great to have seen and helped the kids progress from knowing virtually nothing about programming to being able to write fully functional programs.

In the end everyone worked together to program raspberry pi's to play the xylophone. The xylophone itself was built by kinds in the schools DT department, and the music that is played was composed by the music department. I wrote the program to convert the music written by an electronic keyboard into a multidimensional Python array in a text file, and the members of the club wrote everything else.

It was on display at the Ashmoleans Live Friday event on the 14th of March
(which unfortunately I couldn't attend due to another commitment)

Here's the link to the Raspbery Pi clubs page     

My #BakeNominate Entry

Some of my friends bake-nominated me on Facebook, so I've made some cupcakes on this sunny Sunday afternoon :)





My first Android app - a calculator

I've been meaning to get started with Android for a while, and this weekend I finally did. I set myself the target of making a simple but fully functional calculator.

The two hardest parts of this turned out to be firstly getting the Android AVD to work with a Hello World, and then trying to find and understand the Android error messages. After that was sorted the rest was simple.

As you can see by the image to the right, I made it pink. And now I know why every other calculator on the App Market it a boring shade of grey, the pink just doesn't look as good as I was hoping!!

I don't think this app is quite good enough to put on the app store, (but you can download the APK here), but hopefully this will be the first of many apps to come, and the apps to come will be a bit more useful (and less pink!).

You can view the source code here
Or download the APK here

Robothespian made it onto BBC news

Robothespian is the latest new arrival to the CCT department at Oxford Brookes.

I want to see him a few weeks ago when he was brand new, here's a video of him sinning in the rain!

It did come as a surprise while I was eating my breakfast in front of BBC news at about 7:15 to see the head of the computing department, Nigel Crook and robothespian on the telly. Here's the playback:
http://www.bbc.co.uk/news/technology-26512171

This weekend were on a training exercise at the same place they are filming the new Macbeth


This weekend we were on an exercise practising platoon attacks and planning and leading platoon attacks, it was at Hankley Common, which is near Tilford in Frensham.

Mock Village in the Distance
While we were there there were several large film sets in various locations around the training area, some were mock villages from the 17th century, other locations just had rows of tour buses and catering services. This was for the production of a new Macbeth staring Marion Cotillard and Michael Fassbender.

All this made patrolling and tabbing around the training area very exciting!


New homepage for my website

I created a website a few months ago to allow people to find me online, view my work and contact me. This afternoon I though I'd update the homepage a bit and de-clutter it.

You can view it by clicking here

First version of the Revision Quizzes Revamp Complete!

The Brand New Revision Quizzes
The Brand New Revision Quizzes


The Old Version of Revision Quizzes
The old version of Revision Quizzes
So while I was at college I made a web app for the teachers and pupils to set and complete quizzes and tests. It was the first bit of programming I'd done, so it wasn't amazingly written, but it did take off pretty well, and so I think there's potential for an application like this to do well. That's why I decided to remake it, from scratch, with the aim of making it work SEAMLESSLY!

You can view the original version of Revision Quizzes here - see why I'm remaking it now?!

Okay now for the new version.
The new version will have 6 main pages:
- Homepage - with built in browse and search functions using AJAX
- Start quiz page - displays after you've clicked a quiz but before you've seen the first question
- Quiz page - the actual questions - they mark themselves instantly using AJAX and you can see how many people chose the same answer as you strait away. If there is additional details, images, media or an answer explanation, these will be displayed accordingly.
- The results page - displayed when the quiz is complete. Shows you your score, time and all the important stuff. But it also lets you compare how you did against the averages for this quiz, there's a high score leader board and a rating system as well as social sharing options.
- Create a quiz page - I haven't got this far yet, but yeah I know, it's kind of crucial
- Users page- again haven't done this, but it will have some user management stuff and leader boards. Note:  users won't have to sign in or anything just to do quizzes.

So far I've done 80% of the homepage just got to make the search better, and pretty much finished the quiz pages, but haven't yet started the create quiz page or user page.

Click here to check it out,

Let me know what you think below, I'm open to suggestions.

The Internet of Thins - Risk Analysis - Smart Thermostats

No comments


Introduction
This article talks about the internet room thermostat. This is a home-automation device that regulates the temperature of a room, or building. They usually work by switching the heating either on or off depending on the current temperature of the room detected by a sensor and comparing it with a target temperature set by the user.

The internet controlled thermostat can be operated remotely by the user. This included turning the heating on or off, adjusting the temperature and modifying the thermostats settings. This is achieved by connecting the thermostat to the user’s home network, either with Ethernet or wirelessly, most thermostats are hardwired into the network to increase security as wireless networks can be more susceptible to threats.  It can then be accessed from the internet with a public IP just the same other devices on the network can. It can be remotely controlled by any user who has access to the security credentials, usually a username and password.

Two main functions are accessible remotely to the user. Firstly the user can view the thermostats current status; this includes the current room temperature and the heating status (on or off). Some systems may provide the user with further information, such as estimated heating costs or details of when the heating was last turned on or next due to turn on etc. Secondly the system should allow the user to send information to remotely control the heating via the internet. This may include turning it on/off, up/down or modifying the scheduling or automation settings which control when the heating turns on or off.

Similar devices to this include the manual thermostat that most homes have, or did have a few years ago. This usually allows the user to manually set an ideal temperature and a sensor monitors this and turns the heating on or off accordingly. This however has no connectivity functions. A similar device that does have connectivity functions would be the internet home media system, where speakers are connected to the router, and accessible over the internet allowing the user to remotely control their music on internet enabled device such as a smartphone, tablet or laptop. The connectivity aspect of this works in a similar way to that of the internet thermostat in the way that it is connected to a LAN usually with an Ethernet cable, or possibly wirelessly, it then has access the internet using a public IP the user can log in remotely with a username and password.

In the future these internet thermostats could be even more sophisticated, possible adjusting the temperature according the weather outside combining the heating system with the window opening system, so if it is warm outside the windows will open for a period of time.  However this will open the doors to even more potential threats. A hacker would possibly be able to gain access to your house by remotely opening the windows. Furthermore to this there would be a greater risk of external factors allowing access to the building.




Potential Security Risks
Hackers could potential bypass or crack the authentication stage allowing them to log in and gain access to not just the thermostat but potentially your whole home network, if it’s all connected and not properly secured. The more smart appliances linked in your home network and connected to the internet, the higher your attack surface, meaning that there are more ways and a higher chance that a Black Hat can get into your system. Even if the network has a good firewall, this is no good if the hacker can get access through cracking the login credentials in some way such as bruit force, spying bypassing etc.

 One big problem with the portal for controlling many smart-homes is that so many of them have been made crawlable by search engines. This allows anyone to find them online with a simple Google search, and from there it is usually a simple hack to get access to their portal, which allows not just the thermostat to be controlled, but often the lighting, door locks, security cameras and other devices. Further to this, some companies such as Insteon, by default don’ require a username and password! Even further to this, sensitive data can also be accessed through having an online home-automation system, such as the users IP address.

In late 2013 there were several reports of people saying their Nest thermostats had been hacked, and people had been changing the temperature of their house. Nest says that this is all fixed now, and claims to be secure. Nest is one of the most popular smart thermostat systems, recently bought by Google.

In the future these risks have the potential to increase, as even more of our homes go online, not just our heating system. A hacker or criminal could have the power to do some quite serious damage, more than just increasing the temperature a bit. They could gain control of your own house, allowing access to anyone, declining your access, modifying anything and gleaning personal information that could lead to further fraud.

STRIDE Analysis
Spoofing Identity, as seen above, hackers can pretend to be the home owner if secure login credentials are not implemented. The hacker can quite easily find the login page on the internet and can then either bypass the authentication phase with some clever processes, or alternatively crack the login using techniques such as bruit force or installing malware or keylogers on the user’s computer  to learn about their passwords. Once the hacker has gained access pretending to be the homeowner or user, they will have access to everything that the homeowner would have been able to modify.

Tampering with Data, once the hacker has gained access to the system, they have the ability to tamper with data, potentially causing significant loss of assets for the property owner. They could raise the energy bill out of the roof, they could allow access to the building for unwanted intruders, they could damage or break hardware as well as have the ability to steal further personal details which would increase the amount of damage they could cause.

Repudiation, it is possible for the hacker to remain anonymous. If there log ins are stored along with the IP address, then so long as the hacker uses some form of IP shield to clone their IP to another location, they should remain anonymous and untraceable.   

Information Disclosure, once the hacker has gained access to the control panel for the smart house, depending on which appliances are online the hacker may be able to gain personal information about the victim. If it is just the thermostat which is internet connected, then this is less likely, but if the victim also has CCTV system accessible from the internet and a system to lock/unlock doors then the hacker could potentially do a lot of damage.

Denial of Service, depending on how the system is set up the hacker may be able to change the log in credentials, which would allow them anytime access to the system, but deny the home owner access to their own control panel.               

Elevation of Privileges, there is only one level of privileges in this system, therefore it is not possible for the hacker to gain any further privileges once they have broken in to the system.


Threat Tree Analysis for Logging in to the System
Threat Tree Analysis for Logging in to the System

Threat Tree Analysis for Damage once Logged in to the System

Threat Tree Analysis for Damage once Logged in to the System






DREAD Risk Analysis
Damage Potential, the hacker could potentially gain control of all the users smart-house features, allowing them to increase energy consumption and bills, gain access to their property and even steal further personal details. Therefore the damage potential is 7/10.

Reproducibility, once the hacker has gained access to the system once, they should be able to get in every time. There are no variable conditions which need to be true in order for this to be reproduced, therefore the reproducibility is 9/10.

Exploitability, the hacker will require just knowledge of generic password cracking, therefore there is an exploitability factor of 5/10.

Affected Users, everyone living in the affected house hold would be affected, although this is likely to be a relatively small number of people. If the system was in an office, the only people who will seriously care will be the ones picking up the pieces. Therefore there is a rating of 3/10.

Discoverability, as the vulnerability is likely only to be cause by the hacker using password cracking or bypassing techniques it has a discoverability factor of 6/10.


Risk
From the above information it is possible for us to calculate the risk factor.

Therefore the risk factor for this system is 60%, which is reasonably low compared to the potential of other systems.

Methods of Reducing Risk of Smart Thermostat through Secure Coding
Firstly the programmer must ensure that all code is correct, as this will prevent insecurities, the programmer therefore must understand everything that they have written or included. Testing is vital, it should be done as part of the software development phase by the developer and not all at the end. A number of different methods and techniques should be combined to ensure that all aspects of the program work seamlessly with no loop holes. Programmers with more experience tend to write more secure code, and research is vital, even experienced programmers never stop learning.

A common method that hackers use to maliciously modify the running of a program, is to write a script that runs concurrently with the program to get, modify or remove what is currently on  the stack. It is possible also to get the program to skip a sub routine by modifying the pointer position, for example the hacker could skip the authentication part and gain access to a system.

A very common floor in programs is when not all the input has a thorough validation process. It should be noted that you should never trust a user’s input until it has been proves as safe, it should be revalidated every time it crosses the boundary between unsafe and safe. Presume all sources are untrustworthy until otherwise proven. Reject everything that is not a valid output once you’ve determined a valid patter, regular expressions are good for doing this, and of course have a length limit. Be especially virulent for special characters and punctuation. 

It is essential that you put in place methods to ensure stop buffer overflows as this is an easy way for hackers to break or gain access to your system. They can occur in any memory segment. Mitigation strategies can be used to prevent a buffer overflow.

There is of course the technique of code injection used by many hackers, where they craft a string to create a malicious argument for a method


Secure Design Specification
The biggest danger of the system that showed up during the risk analysis phase was the fact that once someone had bypassed the log in page, which could be reasonably strait forward, they had access to the whole system. Therefore fixing this is the top priority in the new security requirements.

1.       A secure username and password must be used as identification to log in
2.       There is to be no ‘forgotten password’ feature that uses email to verify the user – it will use something more secure such as phone number.
3.       The log in page must not be crawlable by search engines, i.e. it must not show up in Google if the hacker knows what to search for. It should only be able to be accessed if the user knows the direct URL.
4.       There should be restrictions placed on the thermostat both for temperature and time. These may be set up as custom settings by the home owner while installing the system

5.        There should be an admin user with overriding privileges who is notified when another user makes a significant change to the systems settings.

No comments :

Post a Comment