\u0130nternet ve Nesneleri hikayesi \u015fimdiye kadar talihsiz bir hikaye gibi g\u00f6r\u00fcnse de \u00fcmitsizli\u011fe kap\u0131lmaya gerek yok. G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar Dennis Giese ve Daniel Wegemer sonunda Xiaomi Mi Robot s\u00fcp\u00fcrgeyi hacklemeyi ba\u015fard\u0131 ama ara\u015ft\u0131rmalar\u0131, bu cihaz\u0131n di\u011fer ak\u0131ll\u0131 nesnelere g\u00f6re \u00e7ok daha g\u00fcvenli oldu\u011funu ortaya \u00e7\u0131kard\u0131.<\/p>\n
K\u0131sa zaman \u00f6nce Leipzig\u2019de d\u00fczenlenen Chaos Communication Congress 34 kongresinde konu\u015fan ara\u015ft\u0131rmac\u0131lar, cihaz yaz\u0131l\u0131m\u0131n\u0131n nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 ve korumay\u0131 k\u0131rmak i\u00e7in hangi g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararland\u0131klar\u0131 a\u00e7\u0131klad\u0131.<\/p>\n
Giese ve Wegemer ara\u015ft\u0131rmaya ba\u015flad\u0131klar\u0131nda Xiaomi s\u00fcp\u00fcrgesinin bir\u00e7ok ak\u0131ll\u0131 telefondan daha g\u00fc\u00e7l\u00fc bir donan\u0131ma sahip olduklar\u0131n\u0131 fark etti: Bir tanesi d\u00f6rt \u00e7ekirdekli olan \u00fc\u00e7 adet ARM i\u015flemcisiyle donat\u0131lm\u0131\u015ft\u0131. Son derece umut verici de\u011fil mi? Giese ve Wegemer, ba\u015flang\u0131\u00e7 olarak sistemi hacklemek i\u00e7in birka\u00e7 klasik sald\u0131r\u0131 vekt\u00f6r\u00fcn\u00fc denedi.<\/p>\n
\u00d6ncelikle s\u00fcp\u00fcrgenin mikro USB ba\u011flant\u0131 noktas\u0131 arac\u0131l\u0131\u011f\u0131yla bir giri\u015f yolu olup olmad\u0131\u011f\u0131n\u0131 g\u00f6rmek i\u00e7in birimi kontrol ettiler. Bu i\u015flemden bir sonu\u00e7 elde edemediler. \u00c7\u00fcnk\u00fc Xiaomi bu ba\u011flant\u0131y\u0131 bir t\u00fcr do\u011frulama ile kapatm\u0131\u015ft\u0131. Daha sonra ara\u015ft\u0131rmac\u0131lar Mi Robot\u2019u par\u00e7alar\u0131na ay\u0131rarak ana kart\u0131nda bir seri ba\u011flant\u0131 noktas\u0131 bulmaya \u00e7al\u0131\u015ft\u0131. Bu giri\u015fim de ba\u015far\u0131s\u0131zl\u0131kla sonu\u00e7land\u0131.<\/p>\n
\u0130kinci hackleme y\u00f6ntemi a\u011f tabanl\u0131yd\u0131. Ara\u015ft\u0131rmac\u0131lar cihaz\u0131n a\u011f ba\u011flant\u0131 noktalar\u0131n\u0131 taramaya \u00e7al\u0131\u015ft\u0131; ancak t\u00fcm ba\u011flant\u0131 noktalar\u0131 kapal\u0131yd\u0131. A\u011f trafi\u011fini izlemeye \u00e7al\u0131\u015fmaktan da bir sonu\u00e7 elde edemediler. \u00c7\u00fcnk\u00fc robotun ileti\u015fimleri \u015fifreliydi. Bu noktaya kadar olduk\u00e7a etkilendi\u011fimi s\u00f6ylemeliyim. Di\u011fer IoT cihazlar\u0131n\u0131n tasar\u0131mc\u0131lar\u0131 genellikle g\u00fcvenlik a\u00e7\u0131s\u0131ndan bu kadar ileriye gitmedi\u011fi i\u00e7in di\u011fer cihazlar \u015fimdiye kadar \u00e7oktan hacklenirdi. Ba\u011flant\u0131l\u0131 cihazlar\u0131n ne kadar g\u00fcvensiz olduklar\u0131yla ilgili ara\u015ft\u0131rmam\u0131z<\/a> bunu m\u00fckemmel \u015fekilde g\u00f6steriyor.<\/p>\n \u015eimdi Xiaomi Mi Robot\u2019a geri d\u00f6nelim. Ara\u015ft\u0131rmac\u0131lar, di\u011fer denemelerinde s\u00fcp\u00fcrgenin donan\u0131m\u0131na sald\u0131rmaya \u00e7al\u0131\u015ft\u0131. \u0130\u015fte bu noktada da ba\u015far\u0131l\u0131 oldular. \u0130\u015flemciyi anakarta ba\u011flayan k\u00fc\u00e7\u00fck kontaklar\u0131n k\u0131sa devre yapmas\u0131 i\u00e7in al\u00fcminyum folyo kulland\u0131lar. Bu sayede i\u015flemci, do\u011frudan USB ba\u011flant\u0131s\u0131 arac\u0131l\u0131\u011f\u0131yla flash belle\u011fi okumaya ve hatta yazmaya izin veren \u00f6zel bir moda girdi.<\/p>\n Giese ve Wegemer, Mi Robot\u2019un \u00fcr\u00fcn yaz\u0131l\u0131m\u0131n\u0131 elde ettiler, tersine m\u00fchendislik y\u00f6ntemlerini kullanarak sonunda bu yaz\u0131l\u0131m\u0131 de\u011fi\u015ftirdiler ve yeniden s\u00fcp\u00fcrgeye y\u00fcklediler. Bu sayede birimin kontrol\u00fcn\u00fc tamamen ele ge\u00e7irdiler.<\/p>\n