We recently came across this blog post from Bishop Fox about how they were able to hack a Traeger Grill. As we often create IoT designs using the same chip, Espressif’s ESP32, this post immediately caught our attention.
In the post, they explain how they were able to hack into the grill and control it based on flaws in the security of the product. Unfortunately, mistakes like these are prominent in commercial IoT products. However, there are a few best practices we always follow when designing new products - from the GRID485 to custom soutions - that can create a more secure product.
As we read through the breakdown, one thing immediately stood out to us: the flash memory and NVS were left unencrypted. This allowed the hacker to easily extract the cloud certificates stored on the device and dump the firmware, thus gaining access to the device.
A few changes would have created a much more secure product and made this hack far more difficult, if not prevented it completely. A few that we always take, and recommend to anyone designing an IoT product include:
Secure Boot
Secure Boot prevents unknown code from running the module by verifying the digital signature of the bootloader and application before executing any commands. Firmware being sent via UART and OTA is checked and unauthorized binaries are prevented from running.
Flash Encryption With a Random Key
Flash encryption encrypts the contents of the flash memory to protect against unauthorized access. When combined with a random key generated by the module during the first boot, this measure protects against firmware extraction and cloning.
NVS encryption
NVS (non-volatile storage) encryption protects against unauthorized access by encrypting user data such as Wi-Fi credentials, certificates, usernames, passwords, and more.
OTA encryption
OTA (Over-The-Air) encryption refers to the process of encrypting firmware updates that are sent over the network to devices. This ensures that the update file is protected against interception and analysis during transmission and can only be decrypted and installed by the intended device.
These measures will improve the overall security of your device and make a hack much less likely. If you need help designing an IoT product or ensuring your design is secure, our custom design team specializes in solving challenging IoT problems.