Be sure to look at the Blackboard Module for this week for various hand-in mechanisms!

C33 In Class Exercise: Peer Review

This is a group assignment that should be completed in class.

Each student in the group should present the detailed design and code for their turtle as a peer review exercise.

When you are done upload all three peer review logs for the in-class exercise. Either export them as a single acrobat file or make multiple tabs in the same spreadsheet file and upload that.

Homework #38: Security Topics

Research and create a writeup of a security incident, security vulnerability, or other similar probelm according to an assigned topic. The hand-in format requirements are slightly different for this assignment, so please pay close attention!

Writeup must cover the following items and fit onto ONE wide-format (16:9 aspect ratio) slide:

You should plan to present your topic in about 1-2 MINUTES in class. Yes, that's pretty quick, but it will let us get through all the topics in a single class meeting. This means that you should rehearse giving your presentation, which should follow the outline given above for slide contents. If you want to have written notes to work from that's perfectly fine.

If desired you can have a second slide with more detailed references and any additional notes. However, only the FIRST slide will be shown in class. Everything you want to show in class MUST fit on that one slide! All students will be presenting this homework in class, and you'll only be able to talk to your one primary slide.

The hand-in format MUST be an Adobe Acrobat (.pdf) format as a SLIDE IMAGE (not a microsoft word style document). "Slide image" means 16x9 aspect ratio with large fonts legible in the classroom when projected full screen. Ideally just the one single slide. An optional second slide can be included. This means no separate name slide, no multi-slide substantive presentations, and no animations. It MUST be in Acrobat so that the instructor can put all the presentations into a single file before class to avoid wasting time opening a new file for each presentation. Make sure that the acrobat file is cropped so that the image substantially fills the entire page. (If it has large margins around the slide nobody will be able to read it when on the screen). For example, the acrobat format of the the web version of course slides for this course is what we're after. Be sure to embed fonts so it displays properly.

Topics: Select the topic corresponding to your attendance number. If your attendance number is higher than the highest topic number, do appropriate modular arithmetic to wrap around down to a defined topic number.

  1. Miura M010 Reader (2018)
  2. Strava fitness app/military (2018)
  3. Triton malware/Schneider Triconex attack (2018)
  4. Amazon Key technology (2018)
  5. Aldi store credit card skimmers (2018)
  6. TSMC chip fab shutdown (2018)
  7. Diqee robot vacuum (2018)
  8. Satcom passwords on commercial shipping (PTP) (2018)
  9. Tapplock (2018)
  10. VingCard electronic locks (2018)
  11. BMW Security report (Keen Secuirty) (2018)
  12. Volkswagen Harman MIB attack (2018)
  13. Pet trackers (Kaspersky) (2018)
  14. POS Terminal card hacks (Kaspersky) (2018)
  15. I-SIG traffic lights (2018)
  16. CalAmp/vehicles (2018)
  17. Fish Tank thermometer/casino hack (2018)
  18. Fender guitar amp (2018)
  19. Dell EMC VMAX (2018)
  20. Hanwha SmartCam (2018)
  21. Prilex ATM malware (2018)
  22. Aadhaar (2018)
  23. UK School CCTV (2018)
  24. Gas pump fraud / Russia (2018)
  25. iPhone unlocking by FBI (2017/2018)
  26. Hospital smart pens (2017)
  27. UK school heating controls (2017)
  28. Lexmark Printer misconfigured (2017)
  29. AMAG keyless entry locks (2017)
  30. Furby (2017)
  31. Vaultek VT20i handgun safe (2017)
  32. Oneplus phones (2017)
  33. Mercedes relay box (keyless entry) (2017)
  34. LogicLocker (2017)
  35. Alex the casino hacker (2017)
  36. Romantik Seehotel ransomware (2017)
  37. LG SmartThinQ (2017)
  38. Mantistek GK2 (2017)
  39. NHS WannaCry (2017)
  40. Ethereum Parity Wallet (2017)
  41. Brickerbot (2017)
  42. Samsung TV (2017)
  43. Vizeo ACR (2017)
  44. Boeing 757 (2017)
  45. Cloudpets Teddy Bear (2017)
  46. Circle with Disney (2017)
  47. St. Jude cardiac devices (2017)
  48. Smiths Medical syringe infusion pump (2017)
  49. Fitbit (2017)
  50. LockState smart locks (2017)
  51. Hikvision cameras (2017)
  52. Subaru key fob (2017)
  53. AdUps (2016)
  54. Voting machine hack (Andrew Appel) (2016)
  55. Frantic Locker on smart TVs(2016)
  56. MUNI fare system (2016)
  57. Mirai attack (2016)
  58. Lappeenranta attack (2016)
  59. Owlet baby monitor (2016)
  60. Levin SQL injection (2016)
  61. Hello Barbie doll (2015)
  62. VTech hack (2015)
  63. Progressive Snapshot dongle (2015)
  64. Samsung smart fridge hack (2015)
  65. Martel body cams (2015)
  66. XCodeGhost (2015)
  67. Trendnet Webcam (2013)
  68. Nest thermostat (2014)
  69. Mifare classic (2008)
  70. Keeloq (2007)
  71. Siberian gas pipeline explosion (1982)

Hint, add "hack" or "security" to these phrases to start your search for references. As always, Wikipedia might be an OK starting point but we'd like to see you take your material from a primary reference if at all possible. News stories and reputable on-line reporting sources are OK, but use the most credible source you can find. Using multiple sources is fine if appropriately cited. If you want to use a second slide JUST for sources that's OK, but keep the presentation itself to a single slide.

Selected Additional items (there are plenty more not on the list):

If you get stuck, many entries in the list are part of the IoT Hall of Shame. There are WAY too many stories there for us to hit them all. Which is a problem...

Additional Reading: