16 Nov 2008: [Site updates] Embedded Linux Conference Europe 2008 slides online

I've put the slides of my talk at the Embedded Linux Conference Europe online. You can find them in the 'Downloads' section. (read more)

9 Oct 2008: [A/V hacking] Trying to hack TVs - report

Recently I went to NXP (formerly Philips Semiconductors) to sit down with Jan Brands, one of their security researchers. He had scavenged the NXP offices for UPnP enabled devices, mostly TVs from P... (read more)

25 Sep 2008: [Talks] NLUUG autumn conference/Embedded Linux Conference Europe 2008

The program for the NLUUG autumn conference and Embedded Linux Conference Europe has been posted and registration has started. On November 7 I will give a talk about abusing UPnP. (read more)

7 Aug 2008: [IGD hacking] Getting complete control of a device, remotely

In front of me right now there is a device that I have had for quite a while, but only a few days ago I decided to give it another look. One of the first things I always do is a portscan on both LA... (read more)

6 Aug 2008: [Site updates] Unresearched UPnP hacks

I have made a page where I have listed a few ideas about what hacks might be possible with UPnP. Feel free to take them, implement them and grab all credits ;-) (read more)

31 Jul 2008: [A/V hacking] Google MediaServer: is it really that bad?

The GNUcitizen group had a blog posting a little while back about the Google UPnP MediaServer and how insecure it is. So is it really that bad? Nah. It's not that bad at all. I documented my tho... (read more)

21 Jul 2008: [RemoteUI hacking] New hacks: RemoteUI

Recently I've been looking into another UPnP profile: Remote UI Client and Server. With the RemoteUIClient it is possible to have some fun. I've put it on a seperate page. I have not informed th... (read more)

20 Jul 2008: [Rants] A bug is never alone

The last few days I have been looking at a device that at first sight is actually really cool. It fits in the palm of your hand (if you have somewhat big hands that is), has Wi-Fi, two UTP ports, t... (read more)

20 Jul 2008: [A/V hacking] Audio spamming with the Noxon Audio

On the A/V page I proposed a few scenarios, including one remote audio/video spamming. I have found one device, with which it is trivial. The Noxon Audio is vulnerable to this "attack". T... (read more)

20 Jul 2008: [Talks] UPnP BoF at Akademy 2008

At Akademy 2008 (KDE's yearly conference) there will be a BoF session about UPnP support in KDE. Needless to say I will make clear that security should be an integral part of designing UPnP support. (read more)

11 Jul 2008: [Talks] Talk at Embedded Linux Conference Europe

I will be giving a talk about abusing UPnP at the Embedded Linux Conference Europe 2008 in Ede, The Netherlands, which is held on November 6/7, or the DLNA Summit on November 8. (read more)

22 May 2008: [A/V hacking] It is *really* easy

On the A/V hacking page I said: "With the MediaRenderer profile I want to see how easy it is to play content on a device remotely and to create a possibility to do multimedia spamming, like... (read more)