Researchers from Florida Institute of Technology use Binwalk Enterprise to discover multiple vulnerabilities in popular consumer products like smart doorbells and security cameras sold at Walmart, Amazon, Best Buy, and more.
Terry Dunlap, the co-founder of Maryland-based ReFirm Labs, which automates the process of finding security vulnerabilities in IoT devices, sums up the situation succinctly. “There is essentially no security in IoT devices,” he says. “It’s like the Wild West.”
Our guest today is Terry Dunlap. Arrested at 17 while hacking with a Commodore 64, Terry went on to work for the US National Security Agency to help track terrorists. He left the NSA in 2007 to bootstrap Tactical Network Solutions, an offensive-focused cyber company catering to the world’s friendly foreign governments and militaries. Today he’s a co-founder of ReFirm Labs, an IoT-focused cybersecurity company.
Terry Dunlap, chief security officer and co-founder of ReFirm Labs and a former offensive cyber operator for the National Security Agency (NSA), says standards efforts help companies and organizations “check the box” on IoT security, but that they are “meaningless” unless they are also held accountable if something goes awry.
A security expert predicts trouble ahead for IoT device makers and customers due to expired root SSL certificates. Terry Dunlap, is the chief security officer and co-founder of ReFirm Labs, a company that specializes in firmware security analysis.