Testing IoT Cloud APIs from the Device Side

A connected device’s cloud API is part of its attack surface. Here is how to test it from the device’s perspective, where the real trust assumptions live.

Replay Attacks on RF Remotes

Many RF remotes send the same code every time, which makes replay trivial. Here is how replay attacks work and how rolling codes stop them.