The TTIG-868 is a LoRaWAN indoor gateway / basestation released by The Things Industries in 2019. It is based on an ESP8266 for WiFi connectivity and a Semtech SX1308 for the LoRa part and is intended for home / indoor use. Being a “ultra low-cost gateway”, supporting a “new Open Source gateway protocol created by Semtech” and providing a few other buzzwords it gives an insight into where LoRa is going and how things are currently being done. In this talk we will perform a teardown of the TTIG-868 and have a closer look at underlying circuitry. From there on we will take a deep dive into the used firmware, covering both the device as is and all communication from and to it. Thus, performing a detailed security analysis of all aspects. Eventually there will be a short lessons learned on how devices like this can and should be improved in future.
Brian currently works in incident response in a very large and crazily diverse environment. There he aims at developing new methods for protecting even the strangest control systems and the overall surrounding networks. Still, at heart, he is an open-minded security researcher and into breaking everything he can get his finger onto. Having worked in the areas of embedded-, hardware-, mobile- and telecommunications-security he has a lot of war stories and experience at hand and is always happy to share.