Internet of Things – Noise

Introducing AWS IoT Core Device Location integration with Amazon Sidewalk

Channy Yun (윤석찬) — Thu, 13 Nov 2025 19:09:57 +0000

AWS IoT Core Device Location service enables Amazon Sidewalk devices to resolve location data without GPS modules, allowing cost-effective asset tracking solutions using Sidewalk's network infrastructure.

Optimize industrial IoT analytics with Amazon Data Firehose and Amazon S3 Tables with Apache Iceberg

Ashok Padmanabhan — Fri, 25 Jul 2025 16:20:07 +0000

In this post, we show how to use AWS service integrations to minimize custom code while providing a robust platform for industrial data ingestion, processing, and analytics. By using Amazon S3 Tables and its built-in optimizations, you can maximize query performance and minimize costs without additional infrastructure setup.

Process millions of observability events with Apache Flink and write directly to Prometheus

Lorenzo Nicora — Wed, 09 Apr 2025 19:54:00 +0000

In this post, we explain how the new connector works. We also show how you can manage your Prometheus metrics data cardinality by preprocessing raw data with Flink to build real-time observability with Amazon Managed Service for Prometheus and Amazon Managed Grafana.

IoT Devices in Password-Spraying Botnet

Bruce Schneier — Wed, 06 Nov 2024 12:02:18 +0000

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack:

“Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to multiple organizations in a short amount of time,” Microsoft officials wrote. “This scale, combined with quick operational turnover of compromised credentials between CovertNetwork-1658 and Chinese threat actors, allows for the potential of account compromises across multiple sectors and geographic regions.”...

More Details on Israel Sabotaging Hezbollah Pagers and Walkie-Talkies

Bruce Schneier — Tue, 15 Oct 2024 11:06:44 +0000

The Washington Post has a long and detailed story about the operation that’s well worth reading (alternate version here).

The sales pitch came from a marketing official trusted by Hezbollah with links to Apollo. The marketing official, a woman whose identity and nationality officials declined to reveal, was a former Middle East sales representative for the Taiwanese firm who had established her own company and acquired a license to sell a line of pagers that bore the Apollo brand. Sometime in 2023, she offered Hezbollah a deal on one of the products her firm sold: the rugged and reliable AR924...

Deebot Robot Vacuums Are Using Photos and Audio to Train Their AI

Bruce Schneier — Thu, 10 Oct 2024 11:00:59 +0000

An Australian news agency is reporting that robot vacuum cleaners from the Chinese company Deebot are surreptitiously taking photos and recording audio, and sending that data back to the vendor to train their AIs.

Ecovacs’s privacy policy—available elsewhere in the app—allows for blanket collection of user data for research purposes, including:

The 2D or 3D map of the user’s house generated by the device
Voice recordings from the device’s microphone
Photos or videos recorded by the device’s camera

It also states that voice recordings, videos and photos that are deleted via the app may continue to be held and used by Ecovacs...

Build a dynamic rules engine with Amazon Managed Service for Apache Flink

Steven Carpenter — Thu, 03 Oct 2024 17:20:41 +0000

This post demonstrates how to implement a dynamic rules engine using Amazon Managed Service for Apache Flink. Our implementation provides the ability to create dynamic rules that can be created and updated without the need to change or redeploy the underlying code or implementation of the rules engine itself. We discuss the architecture, the key services of the implementation, some implementation details that you can use to build your own rules engine, and an AWS Cloud Development Kit (AWS CDK) project to deploy this in your own account.

Israel’s Pager Attacks and Supply Chain Vulnerabilities

Bruce Schneier — Tue, 24 Sep 2024 11:05:34 +0000

Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts have been warning about for years: Our international supply chains for computerized equipment leave us vulnerable. And we have no good means to defend ourselves.

Though the deadly operations were stunning, none of the elements used to carry them out were particularly new. The tactics employed by Israel, which has neither confirmed nor denied any role, to hijack an international supply chain and embed plastic explosives in Hezbollah devices have been used for years. What’s new is that Israel put them together in such a devastating and extravagantly public fashion, bringing into stark relief what the future of great power competition will look like—in peacetime, wartime and the ever expanding ...

Legacy Ivanti Cloud Service Appliance Being Exploited

Bruce Schneier — Mon, 16 Sep 2024 14:49:15 +0000

CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things.

Hacking Wireless Bicycle Shifters

Bruce Schneier — Tue, 20 Aug 2024 11:08:19 +0000

This is yet another insecure Internet-of-things story, this one about wireless gear shifters for bicycles. These gear shifters are used in big-money professional bicycle races like the Tour de France, which provides an incentive to actually implement t...

Robot Dog Internet Jammer

Bruce Schneier — Wed, 24 Jul 2024 15:25:10 +0000

Supposedly the DHS has these:

The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS’s Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is increasingly worried about criminals setting “booby traps” with internet of things and smart home devices, and that NEO allows DHS to remotely disable the home networks of a home or building law enforcement is raiding. The Border Security Expo is open only to law enforcement and defense contractors. A transcript of Huffman’s speech was obtained by the Electronic Frontier Foundation’s Dave Maass using a Freedom of Information Act request and was shared with 404 Media...

Building a scalable streaming data platform that enables real-time and batch analytics of electric vehicles on AWS

Ayush Agrawal — Wed, 17 Jul 2024 16:53:05 +0000

The automobile industry has undergone a remarkable transformation because of the increasing adoption of electric vehicles (EVs). EVs, known for their sustainability and eco-friendliness, are paving the way for a new era in transportation. As environmental concerns and the push for greener technologies have gained momentum, the adoption of EVs has surged, promising to reshape […]

How PostNL processes billions of IoT events with Amazon Managed Service for Apache Flink

Çağrı Çakır — Mon, 15 Jul 2024 16:55:39 +0000

This post is co-written with Çağrı Çakır and Özge Kavalcı from PostNL. PostNL is the designated universal postal service provider for the Netherlands and has three main business units offering postal delivery, parcel delivery, and logistics solutions for ecommerce and cross-border solutions. With 5,800 retail points, 11,000 mailboxes, and over 900 automated parcel lockers, the […]

The UK Bans Default Passwords

Bruce Schneier — Thu, 02 May 2024 11:05:03 +0000

The UK is the first country to ban default passwords on IoT devices.

On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted.

The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

The UK may be the first country, but as far as I know, California is the first jurisdiction. It ...

Using Amazon Verified Permissions to manage authorization for AWS IoT smart home applications

Rajat Mathur — Tue, 23 Apr 2024 19:37:58 +0000

This blog post introduces how manufacturers and smart appliance consumers can use Amazon Verified Permissions to centrally manage permissions and fine-grained authorizations. Developers can offer more intuitive, user-friendly experiences by designing interfaces that align with user personas and multi-tenancy authorization strategies, which can lead to higher user satisfaction and adoption. Traditionally, implementing authorization logic using […]

Serverless IoT email capture, attachment processing, and distribution

Stacy Conant — Thu, 18 Apr 2024 20:06:38 +0000

Many customers need to automate email notifications to a broad and diverse set of email recipients, sometimes from a sensor network with a variety of monitoring capabilities. Many sensor monitoring software products include an SMTP client to achieve this goal. However, managing email server infrastructure requires specialty expertise and operating an email server comes with […]

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

Bruce Schneier — Wed, 27 Mar 2024 11:01:08 +0000

It’s pretty devastating:

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it...

Burglars Using Wi-Fi Jammers to Disable Security Cameras

Bruce Schneier — Wed, 13 Mar 2024 11:07:18 +0000

The arms race continues, as burglars are learning how to use jammers to disable Wi-Fi security cameras.

The Insecurity of Video Doorbells

Bruce Schneier — Tue, 05 Mar 2024 12:05:53 +0000

Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible. First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home ...

No, Toothbrushes Were Not Used in a Massive DDoS Attack

Bruce Schneier — Fri, 09 Feb 2024 18:10:57 +0000

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without readin...