This year Tony Gee will be talking about “Reverse engineering hardware on DVRs and sex toys”:
Why reverse engineer DVRs? Here’s why:
*Mirai was elegantly simple; using default telnet credentials to compromise large numbers of devices. However, in the quest for simplicity, the author missed numerous more significant vulnerabilities.
*We have spent the last few months researching the security of >30 DVR brands and have made discoveries that make the Mirai telnet issue seem almost trivial by comparison.
*We’ll close by showing remote code execution on a dildo that we’d applied these techniques to.