As the acronym implies, IoT devices are exposed to the local network and the web, making them susceptible to attacks by malicious actors. In the past few years, most high-profile attacks in the IoT space have been used to either achieve a political goal (such as with Stuxnet) or to achieve an illegal commercial goal (such as the Mirai botnet).
This guest article is a detailed guide to the Dropbear SSH service, intended for technical readers. It is meant to be one of the first in the VDOO Library, a collection of in-depth technical articles and guides which would provide practical advice to device makers, administrators and users.
Our guest writer, Donald A. Tevault, is a Linux security expert, instructor and consultant, and the author of the book “Mastering Linux Security and Hardening”.
On May 16, 2018 The U.S. Consumer Product Safety Commission conducted a public hearing to receive information from all interested parties about potential safety issues and hazards associated with internet-connected consumer products. VDOO’s written response is below.