[personal profile] mjg59
Ikea recently launched their Trådfri smart lighting platform in the US. The idea of Ikea plus internet security together at last seems like a pretty terrible one, but having taken a look it's surprisingly competent. Hardware-wise, the device is pretty minimal - it seems to be based on the Cypress[1] WICED IoT platform, with 100MBit ethernet and a Silicon Labs Zigbee chipset. It's running the Express Logic ThreadX RTOS, has no running services on any TCP ports and appears to listen on two single UDP ports. As IoT devices go, it's pleasingly minimal.

That single port seems to be a COAP server running with DTLS and a pre-shared key that's printed on the bottom of the device. When you start the app for the first time it prompts you to scan a QR code that's just a machine-readable version of that key. The Android app has code for using the insecure COAP port rather than the encrypted one, but the device doesn't respond to queries there so it's presumably disabled in release builds. It's also local only, with no cloud support. You can program timers, but they run on the device. The only other service it seems to run is an mdns responder, which responds to the _coap._udp.local query to allow for discovery.

From a security perspective, this is pretty close to ideal. Having no remote APIs means that security is limited to what's exposed locally. The local traffic is all encrypted. You can only authenticate with the device if you have physical access to read the (decently long) key off the bottom. I haven't checked whether the DTLS server is actually well-implemented, but it doesn't seem to respond unless you authenticate first which probably covers off a lot of potential risks. The SoC has wireless support, but it seems to be disabled - there's no antenna on board and no mechanism for configuring it.

However, there's one minor issue. On boot the device grabs the current time from pool.ntp.org (fine) but also hits http://fw.ota.homesmart.ikea.net/feed/version_info.json . That file contains a bunch of links to firmware updates, all of which are also downloaded over http (and not https). The firmware images themselves appear to be signed, but downloading untrusted objects and then parsing them isn't ideal. Realistically, this is only a problem if someone already has enough control over your network to mess with your DNS, and being wired-only makes this pretty unlikely. I'd be surprised if it's ever used as a real avenue of attack.

Overall: as far as design goes, this is one of the most secure IoT-style devices I've looked at. I haven't examined the COAP stack in detail to figure out whether it has any exploitable bugs, but the attack surface is pretty much as minimal as it could be while still retaining any functionality at all. I'm impressed.

[1] Formerly Broadcom

ntp.org with no valid SSL

Date: 2017-04-12 10:15 am (UTC)
From: (Anonymous)
"This server could not prove that it is www.pool.ntp.org; its security certificate is from a.ssl.fastly.net. This may be caused by a misconfiguration or an attacker intercepting your connection."


Re: ntp.org with no valid SSL

Date: 2017-04-29 05:31 pm (UTC)
From: (Anonymous)
fastly is a CDN which sometimes uses SAN to support multiple customers on a single certificate. look at the cert for https://www.pool.ntp.org/, the Subject CN is "CN = a.ssl.fastly.net", and the "Certificate Subject Alt Name" block is full of stuff for many different customers. "Not Critical DNS Name: a.ssl.fastly.net DNS Name: *.a.ssl.fastly.net DNS Name: fast.wistia.com DNS Name: purge.fastly.net DNS Name: mirrors.fastly.net DNS Name: *.parsecdn.com DNS Name: *.fastssl.net DNS Name: voxer.com DNS Name: www.voxer.com DNS Name: *.firebase.com DNS Name: sites.yammer.com DNS Name: sites.staging.yammer.com DNS Name: *.skimlinks.com DNS Name: *.skimresources.com DNS Name: cdn.thinglink.me DNS Name: *.fitbit.com DNS Name: *.hosts.fastly.net DNS Name: control.fastly.net DNS Name: *.wikia-inc.com DNS Name: *.perfectaudience.com DNS Name: *.wikia.com DNS Name: f.cloud.github.com DNS Name: *.digitalscirocco.net DNS Name: *.etsy.com DNS Name: *.etsystatic.com DNS Name: *.addthis.com DNS Name: *.addthiscdn.com DNS Name: fast.wistia.net DNS Name: raw.github.com DNS Name: www.userfox.com DNS Name: *.assets-yammer.com DNS Name: *.staging.assets-yammer.com DNS Name: assets.huggies-cdn.net DNS Name: orbit.shazamid.com DNS Name: about.jstor.org DNS Name: *.global.ssl.fastly.net DNS Name: web.voxer.com DNS Name: pypi.python.org DNS Name: *.12wbt.com DNS Name: www.holderdeord.no DNS Name: secured.indn.infolinks.com DNS Name: play.vidyard.com DNS Name: play-staging.vidyard.com DNS Name: secure.img.wfrcdn.com DNS Name: secure.img.josscdn.com DNS Name: *.gocardless.com DNS Name: widgets.pinterest.com DNS Name: *.7digital.com DNS Name: *.7static.com DNS Name: p.datadoghq.com DNS Name: new.mulberry.com DNS Name: www.safariflow.com DNS Name: cdn.contentful.com DNS Name: tools.fastly.net DNS Name: *.huevosbuenos.com DNS Name: *.goodeggs.com DNS Name: *.fastly.picmonkey.com DNS Name: *.cdn.whipplehill.net DNS Name: *.whipplehill.net DNS Name: cdn.media34.whipplehill.net DNS Name: cdn.media56.whipplehill.net DNS Name: cdn.media78.whipplehill.net DNS Name: cdn.media910.whipplehill.net DNS Name: *.modcloth.com DNS Name: *.disquscdn.com DNS Name: *.jstor.org DNS Name: *.dreamhost.com DNS Name: www.flinto.com DNS Name: *.chartbeat.com DNS Name: *.hipmunk.com DNS Name: content.beaverbrooks.co.uk DNS Name: secure.common.csnstores.com DNS Name: www.joinos.com DNS Name: staging-mobile-collector.newrelic.com DNS Name: *.modcloth.net DNS Name: *.foursquare.com DNS Name: *.shazam.com DNS Name: *.4sqi.net DNS Name: *.metacpan.org DNS Name: *.fastly.com DNS Name: wikia.com DNS Name: fastly.com DNS Name: *.gadventures.com DNS Name: www.gadventures.com.au DNS Name: www.gadventures.co.uk DNS Name: kredo.com DNS Name: cdn-tags.brainient.com DNS Name: my.billspringapp.com DNS Name: rvm.io " It's a bit sloppy, and maybe even unprofessional to leak customer information like that. I'm guessing that fastly is a little imprecise in making sure all edge nodes have the right certificates. $ dig www.pool.ntp.org +short www-lb.ntppool.org. www-lb-fastly.ntppool.org. a.prod.fastly.net. Also, "valid SSL" is vague, especially with additional standards like HSTS, key & cert pinning, and so on. Vanilla TLS 1.2 is pretty simple compared to where this rapidly evolving space is at today.

Re: ntp.org with no valid SSL

Date: 2017-04-29 05:32 pm (UTC)
From: (Anonymous)
sorry, thought i had the "Don't auto-format" box checked.


Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Page Summary

Expand Cut Tags

No cut tags