My research focuses on computer security and privacy, with an emphasis on hardware security. Topics that interest me include Internet of Things (IoT) security, side-channel attacks, computer forensics, physical security and radio network security.
Watching You Watch
Over-the-Top (“OTT”) streaming devices such as Roku and Amazon Fire TV are cheap alternatives to smart TVs for cord-cutters. Instead of charging more for the hardware or the membership, Roku and Amazon Fire TV monetize their platforms through advertisements, which rely on tracking users’ viewing habits. Although tracking of users on the web and on mobile is well studied, tracking on smart TVs and OTT devices has remained unexplored. To address this gap, we built a tool to automatically interact with OTT devices and conducted the first large scale study of tracking on OTT platforms.
In this work, we investigate the impact that emerging rapid prototyping—or 3D printing—tools have on the security of these restricted keyway systems. We find that commodity 3D printers are able to produce key blanks and pre-cut keys with enough resolution to work in several commonly used pin-tumbler locks and that their material is strong enough to withstand the requirements to perform the aforementioned attacks. In addition, in order to demonstrate the low skill requirements necessary to perform these attacks, we develop a tool that automatically generates a 3D printable CAD model of a key blank using only a single picture of a lock’s keyway.