Theoretical attacks on a Sex Robot: Roxxxy

Posted on July 1, 2014 by Simon Roses

The True Companion company markets for the last few years the first robot to have sex with: Roxxxy. Unfortunately it is not possible to find too much information about the technical features of the robot on the company website, but with the available information a few conclusions can be drawn, so I thought it would be fun to do a post about possible attack vectors.

Disclaimer: everything described here is based on information obtained from the company website and my imagination, no attack has been tested in real (yet) because I do not have this robot, but if any reader wants to send me a pair of robots to make reverse engineering, I will be happy to inform you first of all the 0day I find :)

Roxxxy-Poupee-Robot-Sexuel-True-Companion-01

You can choose different customizable versions: hair color, personality (up to 5 profiles that you can customize even more!), and according to the model it/she can even talk, have some understanding and respond to touch. These features make me think that the robot must have different types of sensors and microprocessors. Also it has USB port, Ethernet and Wi-fi so it also has the ability to communicate (can receive updates via the Internet). The USB must be connected to a Windows computer so that the robot can talk to us.

An interesting concept is that we can give our custom robot personality to other users registered at the company Forum (aka Swingers for robots) temporarily, this means that the robot can replace its personality for a limited time with another one created by other users.

Now with this information, we propose different theoretical/fictitious attack scenarios:

  1. The robot could bring from manufacture some malware implant to compromise the user computer via USB.
  2. It could include a malicious AP, Wifi Pineapple style, inside the robot to carry out further attacks on the network/systems.
  3. An attacker could steal the robot profile (personality) to resell it to the customer (Ransomware).
  4. An attacker could modify the internal engines of the robot to do damage to the customer when “having sex” (although I doubt that the robot has sufficiently powerful engines in the current version).
  5. Nothing is said of the sight (vision) of the robot, but if does have it, you could use the cameras to spy on the user (Hello, NSA!)
  6. Also the robot could be used to record the voice of the customer.
  7. And, with all this information, blackmail the customer to not make public their sexual tastes/tendencies.
  8. An attacker could send a malicious personality to the forum so victims install it on their robots with different purposes.
31400

We talk much about the risks to critical infrastructure, the Cloud, Big Data and the Internet of Things (IoT), but in the coming years the security and risks of robots will become more relevant when they are more and more present in our personal and professional lives…

What additional attacks can you think of? ;)

— Simon Roses Femerling / @simonroses

Posted in Security, Technology, Uncategorized | Tagged , , | 2 Comments

Heartbleed: pain, blood and code

Posted on April 16, 2014 by Simon Roses

All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software.

As it could not be otherwise, the conspiracy theories claim this bug was introduced or abused for some time by the NSA. Anyway, this bug proves that Open Source software isn’t safer if nobody looks at it (it has taken two years to identify this bug!) and if secure development practices are not followed.

I do not know if the OpenSSL team follows any secure development framework but the fact that a single programmer can make changes to the code without any kind of validation ¿? is a much more serious mistake than the bug itself.

It is certainly a severe blow to the Open Source community that is often presented as safer since everyone can read the code. This bug makes clear that just being Open Source isn’t enough.

I will not get tired of repeating it: it doesn’t matter if you are Open Source software or commercial software, if your company only develops software for internal use or has an ISV that develops for you, it will never be secure software if not developed following a secure development framework such as MS SDL, BSIMM or OpenSAMM.

We hope that this bug is a wake-up call for anyone who develops software about the importance of security and investing in it.

I can also confirm that this bug works like a charm ;)

What do you think about this bug?

— Simon Roses Femerling

Posted in Pentest, Security, Technology | Tagged , , , | Leave a comment

Spaniards in the Black Hat ASIA

Posted on March 31, 2014 by Simon Roses

I’m back from Black Hat ASIA 2014 in Singapore, where I had the pleasure of giving a talk on the security of cross-platform mobile technologies for developing mobile apps. The last Black Hat ASIA was in 2008 and the last time in Singapore was in 2003, time flies!

srf_bhasia2014_1

In the event there were several Spaniards such as Jose Miguel Esparza with its workshop on PDF analysis, Leonardo Nve with DNS attacks and finally Alberto García Illera and Javier Vázquez Vidal on hacking cars.

The event took place at the amazing Marina Bay Sands hotel (I recommend you to google it), and it was a success with around 1000 attendees. At the speaker dinner the organization took us to a Chinese restaurant where we could taste different specialties and drink red wine from the la Rioja (Argentina ;) ; then, as it could not be otherwise, we explored Singapore nightlife!

srf_bhasia2014_2

My talk was the first on the first day of the event and was a great success, a roomful of people even standing (no chairs for everyone) and many questions, somewhat atypical in the Asian culture, so I would like to thank all attendees!!

My first time in Singapore but it certainly won’t be the last, perhaps next year 

My presentation available on VULNEX website.

— Simon Roses Femerling

Posted in Conference, Pentest, Technology | Tagged , , , , , , | Leave a comment