Yeah you don't need to hear that. So welcome to DEF CON 24. You guys having fun?
And as you can see my name is Lucas. Um work for a company called Fork Consult. And it's
no secret however that we're gonna talk about something called MQTT today. Some of you might
have heard of it, some of you might not. So um I think it's gonna be awesome anyway. So please
do enjoy guys. So we're gonna talk about MQTT today. So we're gonna talk about MQTT today.
So who am I? My name is Lucas. I've been pentesting stuff basically since the age of twelve.
And I work for companies such as Sony Ericsson and and IOactive. Of course there will also be a QA
afterwards if you guys want to step up and talk to me about the stuff I'm going to present
today. I spend a lot of time in unhackable environments. Um so I'm gonna be talking about
web apps. So um I got some experience in in uh web application pentesting, fuzzing as well
as uh network pentests. Of course it's gonna act up right. So what we're gonna talk a bit about
today is IOT. And IOT is like a word that's used as cyber. So IOT could be anything. It can be
anything. Um but it's mostly devices or intelligent devices that we hook up. I feel that it's
a little bit dangerous. And I started looking up stuff I had at home. And that's how I stumble
upon this protocol I'm gonna speak about today. So I'm gonna talk about uh the the MQTT app. So
So MQTT, what is it? It was invented in 1998 and 99 by Andy Stanford Clark and Arlene Nipper.
I think Andy worked for IBM back in the days. And they wanted to create a new protocol to
combat basically slow connection speeds. And that could be anything from satellite
connection to low modem. It should have a quality of service which means that you could
prioritize all the stuff as well. The MQTT stood for MQ telemetry transport. And the MQ is
of course something IBM something something product back in the days. Today it's royalty free
as of 2010. It's been approved as an Oasis standard since October 29th 2014. What that means
I have no clue. But what I do know is that this July it was also approved as an Oasis
standard. Current version is of course 3.1.1. So what we know as a server the MQTT calls a
broker. And this broker has clients connected to it. These clients however listen to what the
other clients are sending in. So it's basically a two way communication even if it's stated as a
client.
Now the data it puts in could be anything. So we'll see in a moment what that could be. Of course
it's also dependent on how how um the client is set up. For instance we have a good example here
where we can see in my home attic and in my home attic I have sensor one. And those are called
topics. I tend to think of them as IRC channels basically. So you join a channel and then you join a
sub channel and it's easier for me to keep track of.
And you can name those anything. For instance the Oh Long Johnson. Oh Don Piano. But you
should also remember that as well. Right? There's also the hash tag. And you guys that are probably
developing for MQTT right now thinks that uh hash tag yeah. But we'll get to that in a minute.
So how does this work? I hope you appreciate the nice graphics. Took me like forever to make this.
.
.
.
.
So for instance we could have a logistic packet delivery. And it sends data to uh the MQTT server
which is known as the broker. That one can contain like all the packet information such as the
weight. As well as uh where it's heading, coordinates, GPS, etcetera, etcetera. Address, recipient
address. The uh it can also communicate to the transport truck. So you have to do that wirelessly
to transport truck. . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
actual uh finding, right? So this is the MQTT according to TechTarget. And as you can see on
the screen, it's transport logistics, logistics as well as security, industrial and medical and
healthcare. And this picture got me scared. And you guys should probably be scared too.
Imagine, what if there is a protocol that would allow anyone to read the data being
transmitted? Or even perhaps manipulate the data being sent in. And you see this kind of stuff up
here. That's a diaper change for sure. So what kind of software are we talking about? The uh
common and free commercial MQTT software. So what kind of software are we talking about?
MQTT software that's out there. The most common one is probably the IBM web spear as well as
Mosquito and Hive MQ. Those are the most common ones that I saw out there. This is the MQTT
manual by the way. And I'd like you to keep this in mind. Right? This is directly, the link
below goes to the MQTT manual in that section. And describes exactly how you can use the MQTT
manual. There are a number of threats that the solution providers should consider. Sorry I'm
laughing because it's uh, devices could be compromised. Data at resting clients and servers
might be accessible. There's also the possibility of denial of service and timing attacks. And
communication, listen to this, could be intercepted, altered, rerouted or disclosed.
And further they say that MQTT is often deployed in hostile environments. And we all know
internet is pretty, it's pretty nice right? There's nothing going on there. So querying Shodan for
this. You can see that Shodan has uh, you can see my search query just port 1883 which is the MQTT
unencrypted port. And the top countries here are China, United States, as well as Singapore and Japan and Germany.
For a total of 17,711 devices at the time when I wrote it. You can't change. The data that Shodan
has about the MQTT is basically this. You only see the topics. And I wanted a little bit more
than that. So um, let's just scan the entire internet right? Because that's what you do when you
want to find something.
So according to the vendor, you're not supposed to sub- subscribe to the hashtag. Because that takes up a lot of memory and your MQTT client might crash of course. And the hashtag indicates everything. By that I mean everything inside a topic. So for instance we have something and something and then I have the hashtag. And yes if you are in the same
a developer you see the the the first slash which is probably very wrong of me and not
recommended according to the manual but yeah dude it's an ANSI it's a typo and I takes time
to change so uh enjoy it. Anyway that one gives you access to everything inside this um topic
right? And Shoran just didn't have that information. I made a small script and this is
very very freaking lame man. I made a small script that actually subscribes to the hashtag
sign and um I call it hoder because of you know I'm not going to spoil it man if you haven't
seen Game of Thrones man I'm not going to spoil it trust me. This this is my reaction by
the way. It's pretty accurate. It doesn't look like me or does it? I don't know. Blue hair and
yeah. And first of all it's the um oh my freaking god. What kind of stuff did I get here?
And this is the first thing I found at Shoran. So I just took it and just uh threw my Ruby script
at it and I got like get voicemails. There's a session ID. I found out later that this session
ID is actually tied to this. So I just took it and just threw my Ruby script at it and I got like get voicemails. There's a session ID. I found out later that this session ID is actually tied to the
their web mail. If it works I don't know. There's also a base 64 chunk in there and inside the base 64 chunk you can see that there's the user name as well as
the mobile phone number, the name of the person, the address. Everything I would need to conduct a nice social engineering
attack. Uh further down which is not included is also their voice message and auto response for the email. This is the
In this case, someone was at a sick leave and should return the 25th of June.
So this is just me showing how the script actually works.
It's for those who haven't touched MQTT.
I hope the resolution is all right.
Basically what you do is just execute the holder script and this is a public test.
This is a test server, by the way, and you can see all the data that it's gathering.
And of course, this is a test server, so don't worry.
I would like to especially thank Archie.
Who does the...
He does the ArchStrike distro.
He was with me last night at my hotel room and thought my Ruby script kind of sucked.
So he made an awesome, awesome Python script that hopefully is way faster than my Ruby
script.
And in a couple of hours, it's probably going to be on the ArchStrike repo for those interested.
So thank you very much, Archie.
Let's see.
Boom, boom, boom, boom, boom, boom.
ArchStrike.
Here is how it looks with the MQTT effects.
And the MQTT effects is for OSX, and it allows you to actually subscribe.
And if you find a nice topic like I did, you can see in the test server there are GPS
coordinates of ferries.
But, however, this is a test server, so we shouldn't worry.
Right?
Yeah.
Yeah.
problem with the the UI version is that if you just subscribe to the hashtag sign what will
happen is that it will consume so much memory and hang the application because there's so
much data going. So what if we just reverse engineer the protocol cause you know I don't
like reading manuals. Who does right? So um what I did was take the hashtag sign and
actually um in in Wireshark just capture the negotiation and then I thought to myself is
there a tool that I can use that I can actually send this hashtag sign into while scanning the
entire internet. So I know this guy Rob Graham I don't know if you heard of him but uh even if
you haven't give this guy an applause because Mascam is fucking awesome. So come on guys.
Come on. He deserves it. He deserves it. He deserves it a lot because this
this tool made it way easier for me. But there was one problem. I've seen people use the
hello string which I'm gonna talk about in a bit but they never seem to got it working. So the
Kraken only obeys it's master or does it. So Mascam is able to send data through the
hello string and the only proof it works is from Mr. Graham. He did the like the
click. He did the click. He did the click. He did the click. He did the click. He did the click.
Clam AVScan. I think he saw on his Twitter and his blog. And he actually got it to work but no
one else seems to get it to work. So uh I did like uh Robert Graham describes by setting
the uh the IP tables to to drop everything on port 6 thousand and of course uh telling that to
Mascam as well. And you can see I have uh kind of capsulated the the bracket science around port
1883. And that is basically the thing that made it work. So you have the full, the full uh
strings used in the bottom as well. The below one is the base 64 string of the um hashtag sign.
Did you think I got any data by the way? Now scanning the entire internet. I took it for
like one, two days scanning the entire internet. This is what I found. 2.8 million results,
which I had to throw into Elk, which is ElastiSearch Logistash in Kibana. And that sucked
dude. That sucked. So if someone here is from uh any of those three, please make it easier
because you know doing ROP is way easier than this. And what kind of data did I find? In this
case?
It's an emergency response system. I can't tell you which country, but as you can see we have a
case of infectious Lassa fever. 1,400 level people are infected. And there is an expected 6.2
meter flood. Nice. Nice. I wouldn't want to be down there because uh they also have a case of
maybe infective malaria. 599 people infected. Now I don't know if this is a test server. I
certainly hope it is.
So the big question is can we send data to it? Can I say 3,133 people were infected with the
zombie virus at DEFCON? And where will that data end up? Will will will a doctor get a pager
saying like yo man there's like a zombie virus at DEFCON. We need to go man. So um before we
found out if if if it's.
Oh it's gonna get worse dude. It's gonna get so much worse. So using the Kibana log
I said I was able to map a lot of the MQTT devices. You see? And the MQTT devices you can get
like the geolocation. So you can see the where there are the most MQTT devices. And uh I took
Xtra- Australia as an example cause the world map was uh and you can actually zoom in and see
who owns the IP. Who actually. What kind of data is in there? So the. So the. If you do some
actual data that mass scan captured during my scan. Really nice it takes a
lot of CPU power for 2.8 million devices now not all not all of them were of
course MQTT but I found stuff like a distance sensor just out of the blue
because it's fun and the distance sensor this one is probably measuring distance
between packets and those rubber gateways the package goes through that's
just my guess. So what kind of device types that is the trick question that
everybody is asking themselves what kind of device types did you find? Well I would
love to share but everything is custom I mean they built it in their own way
their clients respond in their own way so it's kind of hard for me to actually
say that yeah there are 10,000 devices of this type that is a heartbeat sensor
or that it's a medical device because there were so many but if you if you're
if you're awesome and if you do big data stuff and if you can fix that that would
be freaking cool.
Here we go it's starting I'm just gonna get a drink. Cheers.
So in this case we have a pipeline pressure control server and as you can
see I've censored out a lot of stuff like the FTP username and password I've
also censored out some other the server name of course but you can also see that
the pipe pressure and the decimal signs so that's a bit scary
well can I change that maybe? That'd be cool.
And
I don't know what's going on in the below thing here but this seems to be
tracking someone called Ramon I don't know if this is government I will
probably know after the talk but they were tracking GPS locations for someone
in some kind of vehicle traveling at a speed and I actually followed that thing
on a map so what it is I don't know hopefully it's just test equipment right
now.
Cars how about cars? There's actually you can see the speed 81 kilometers per hour
and I followed that with the GPS coordinates and it was traveling on a
highway. There's also something called SWE brake and yeah and below that we
have something even worse and I've censored out a lot of stuff like the
GPS is a little bit easier and I'm not sure if it's really a good thing or not
The other thing I really liked was the
actually when connecting to the MQTT or gathering the data what I saw was
usernames and passwords to their entire infrastructure customer database as
well as member registration system to the Jira to the source codes and that
was just plain open MQTT. And the thing is if you do an nmap scan or if you try to connect to it like with Netcat or something.
any other tool, it would just close the port because you're not sending the correct string.
So that's what mass scan did and what my Ruby script does is it sends the correct string in
order to get the data. So if you were doing a scan right now you wouldn't find much, I mean
with Nmap. Unless someone here is actually working on an Nmap script right now. That would
be, that would be freaking awesome. Let's get back to more of those later. It's going to get
much worse. Do you guys remember the question I asked? Can we send data to it? Now I
probably know a couple of developers in here that says yes, no, maybe, not to mine, of course.
So this is, this is a screen slide demo, right? So what we have here is um I connect to a
public free server. In this case it's probably IOT.eclipse.org which is a test server for the
MQTT protocol. And what I do here is I subscribe to the yes we can topic. I then publish yes
we can of course to the yes we can topic. And what you get is of course yes we can. I'm
listening with my Ruby scripts. So that means.
Hold up. Wha what does that mean really? That means we not only can listen in we can send data
to it. So all those things you saw like the car, like the break and all the other things we can
send data to it? And how does that react? And it's all up to the client really how it reacts to it.
because the client can be set to actually do nothing or it can say if the radiation is below
six then you need to do nothing. If it's above six turn on the fans. If I say that the radiation
level is always going to be zero. Now we're talking people that might get hurt. Now we're
talking structural damage. Now we're talking things that are automated that will go to go to
hell basically. And of course some developers might argue that yeah there is there is a way to
protect it. There is a way to actually do something about it and but I haven't seen it. I
also did a scam for MQTT servers having username and passwords and MQTT servers adding
actually having encryption because that is actually supported. Whoa. I found two. So two
guys are actually doing it the correct way. And of course these numbers might change. So if
you if you're in the same route as me and can actually do like a scan then um those numbers
might have gone up or gone down. Hopefully they've gone up. So I'm going to go back to the
MQTT servers and see if I can get anything done about it. So what kind of protection are we
talking because sure we're at DEF CON and I can say yeah we can break it, we can hack it, we can
tweak it, we can do whatever we want with it. This is mine now. But in real life we need to talk a
little bit about protection as well. And um of course you can enable username and password
support. Which you should.
You can use encryption such as TLS 1.4. That's for the official release so uh it's not the best but
it might be downgradable. Especially if you're on the same network, of course. But what they
really need to do is segmentation and trust. So it only accepts from certain IPs. That's one way to
do it. You should combine all these of course. You should have like a user name and password and
as well as the encryption and of course the segmentation and if you can an IOT
type gateway but that's not always the case remember that MQTT was designed to
be small efficient and no matter the bandwidth be able to send data to its
clients so having a big clunky IOT device that is supposed to be a gateway
for encryption might not be the correct purpose right? So what else can we find in
here? This is an ATM. What you can see here is which I highlighted in green is the
operating system which is Windows 5.1. You can see what type of uh hardware they're
running.
You can see how much money there is in the ATM. You can see how much commission it
takes out, how many bills, counts, errors, error messages. I mean this you can even
see the modem that you're using and remember we can write to it.
So what would happen if I said that the disk space is now zero? Or that it's out
of balance?
builds. I mean you can only imagine what can and will happen. It's kind of crazy. I mean
when I saw this one I um this was the last thing I kind of saw when I dug through my my uh
my scan and this is um I would I wouldn't understate it if I say that it's bad.
So secure chat messaging everyone. How many have a secure Android app that they do like secure
chatting on? Yeah cool. I hope it's uh one of the better ones because this is not good man. I
don't know what the the message is because it's not my language so if it's any profanity please
forgive me. Um it could mean anything but there is a message. And this is um I don't know
I've been listening to entire conversations both in English and in whatever language that is
between people and it it's not only the message it's the IME number it's the mobile phone number
it's the username it's the registered email. Everything is here in the MQTT. I'm just gonna
put on my walking mic.
So is this better guys? Can you hear me? Yeah awesome. So as you can see there's a lot of uh
text messaging going back and forth. Um once again remember you can still interact with it.
That means that I possibly
could send a message from one user to another stating something like hey I need a hundred dollars
on my account. Here's my account number. And they would get it through the app of course.
Alright let's go through what I call the whoops list. And this is basically what I found. A
little bit about what I found.
So you decide to connect your company to that MQTT broker you have publicly. Not good. You thought
that running an EBS emergency system was an awesome idea. Let's do it. You can do the joppa. The new
server retrieves its news from the MQTT broker. I've seen people subscribing to CBS uh CNN and
getting the latest news. Now again remember we can interact with it.
I have no idea if the alla happening right now. Three thousand one hundred three hundred three seven
zombies at DEFCON. Stay indoors. Close the doors. It's going to get nasty. Or even attaching
15000 ATS. To a publicly open MQTT server. How I know that? That's just because you can query the MQTT
servers well. How many clients are connected. And with the ATMs that I found. And you can use the
15,000, that will trash my user interface.
I had to use my
Leet Ruby script
to actually listen in.
And there were
15,000 ADMs connected.
How about running your earthquake alarm system
over MQTT?
Of course, this stuff I hear I can't show, man,
because it's so sensitive.
They would kick me off stage.
How about taking
MQTT retrieved data and pushing it
directly into an SQL server?
Does that sound like a bright idea?
Using public brokers
for your entire company, like using
the iot.eclipse.org,
which is like a development slash test for your
MQTT, and using that as a
real-life system.
It's like it's there, right?
Let's set it up. We can use it.
How about pushing software
updates via MQTT
to cars? I have
seen software updates
for a certain car brand
go through MQTT.
And all it does is
pushes the URL in. And what
I have to do? Remember, we
can write, so I could probably change the URL and
download my binary file instead.
There are probably some
safeties.
There's probably
some safe checks.
Why not
installing an iPhone or Android app to keep
track of where you are at all times?
I've seen that.
There's a lot of those out there. So I can
keep track of where people are, how they're moving,
when they're in the car.
How about exposing your entire Bitcoin wallet
over MQTT? When you do your transactions, of
course. That's nice.
That's nice.
It's nice.
You probably set up your own MQTT
server at
home. And when you do transactions you like send it
to that one and that handles your wallet. But you do it
without username, password and encryption. Nice.
How about taking the MQTT data and just pushing it
directly to your home page?
Does that sound like fun? Just taking the data you get from the
MQTT on any topic and just pushing it onto your home page.
Or putting username, passwords, and URLs, and IPs inside the MQTT, especially to your development service.
There were a lot of those out there.
What else did I find?
Prisons.
The ability to open prison doors.
I could see the commands being transmitted to the MQTT was that cell door XYZ open.
Cell door XYZ close.
If I could send data into that, how many of you guys have seen Mr. Robot?
Never heard of it.
Awesome, dude.
If you've seen season one, should I spoil it?
Yeah, come on.
You have to see in season one.
If you've seen season one, he actually has to hack a cop car in order to get access.
To the prison where it's going to open.
Dude, man.
MQTT will do it for you.
So, how about car firmware or entertainment system?
You can see in the entertainment system what they're doing.
I saw someone watching a YouTube video.
I could change that.
Yeah, I hear your imagination is running wild right now.
So, fitness bands.
God knows I need one.
But there was a certain brand out there that it communicated that I saw.
There's also medical equipment.
I don't know if this is test or not.
I freaking God hope it's a test server.
But you can see the insulin being inserted.
You can see like the heartbeat of the patient.
You can see.
I mean like everything that has to do with the oxygen in the mask
and how much oxygen actually comes through.
They sent that over MQTT.
Unencrypted.
And I, please let it be a test server.
Session tokens.
Like web applications, session tokens.
And if you're unaware, you can actually reuse those by actually posting those to your own proxy or whatever you're using.
Bitcoin information, there's a lot of this out there, especially when people are doing personal and private transactions, you know, like in Bitcoin, you can say, like, I would like to buy one Bitcoin and I'm in this neighborhood and it hooks you up with another guy that's in the same neighborhood and then you can go physically shake hands and say, hey, I want to buy Bitcoins from you.
Well, that was online.
A lot of it was online.
So if you're big and bulky, you can probably go there and get the Bitcoins yourself.
Power meters, how much voltage is going through.
Not only that, but also the radiation meters.
How much radiation there currently is in a certain location.
As mentioned before, we can write, so if I change that, what will happen?
Is there someone inside the radiation level doing something and then I say that radiation level is zero?
What will happen then?
Are there?
Are there fans turning off?
People use this as an industrial system thing.
It's lightweight, it's fast, and we're not bashing MQTT, it's real nice, but it's, that was 1998, it's 2016, I believe.
I could be wrong, though.
Air conditioning, humidity controls in server rooms.
There's a lot of that.
Flight information.
This one is sensitive.
Flight going from, to, where, the speed, the altitude, the flight number.
What if I were to write flight XYZ is now at velocity zero, altitude zero.
Or we can do like CSI Cyber did.
It was like several airplanes going in different directions.
And I verified those things go on a real physical, not physical, that would be like a real map online.
Where you can go to the map.
And you can track the airplanes.
You could probably change that.
Geographical data, like earthquakes, et cetera.
So they actually have a page that warns you if there's an earthquake, or where there's been an earthquake.
And you can actually change the data in that one.
Raw data.
I found someone having a webcam.
And it was a base 64 image being sent all the time.
So what I did was took the base 64.
And they just transcoded it, decoded it.
It's not even on encryption.
Come on.
And it was an image of a guy.
So his webcam was on and transmitting over MQTT.
I see raw SQL statements being transmitted.
I see commands being transmitted to Windows servers, like CMD, and what it's going to execute.
Enough about a rant.
I think you get it.
I mean, cross-site scripting over MQTT.
And this is using the example code that some of the vendors have on how to actually push MQTT onto a home page.
So you just took that one out of the box and just put it up and just fire it away.
And we've got a cross-site scripting.
And how about SQL injection?
This snippet is actually from one of the vendors as well.
How to push your MQTT data into an SQL database.
And there's nothing going on above.
It's just this raw statement here that says, like, everything that comes through the MQTT is just push it into an SQL.
And that would indicate that you have an SQL injection as well.
So.
While doing my efficient stuff.
Sitting down in the office.
Thinking at the White Throne.
MQTT is designed to actually be fast, proficient, and being sent to a lot of clients at the same time.
So how about if I build a botnet over MQTT?
That'd be nice.
Then we can switch from IRC and our own botnets, you know, and just go over MQTT instead.
But basically, there's so many public MQTT servers out there.
And I mean, thousands.
You can just pick one.
You can use whichever.
You can make an algorithm that actually changes which server you're using.
So.
Without further ado.
We'll start with the single host backdoor.
And here I am on the public IoT Eclipse server.
Connecting to it.
I have a channel which I subscribe to.
Which is the backdoor online.
And then I go to my little malware I made with a PDF icon and double click.
And what you see is what is I bidding my master over MQTT.
I now add the host name to the topic as well.
So I subscribe to that one.
Of course, with the get CMD and send CMD topics as well.
And then I get it.
And then I send dear and I get the response back over MQTT from the server.
How about botnets style with multiple clients running over multiple operative systems?
Zero.
Zero?
Zero, right?
Zero, right?
Zero, right?
Zero, right?
Zero, right?
Zero, right?
channels again and then I have my Linux and I execute the Python which is
compilable to exe or elf if you like and you see me love you long time which is
my host name you also run the Windows one now the thing with botnets is I
didn't design it to actually receive any commands I designed it to actually send
in commands so what I do here is dear so I don't get any response back but you
can see I did the LS as well and the LS lists to file using the client now what
if I write notepad and I have wine install with notepad running you can see
notepad started on the Windows XP machine of course as well as if you give
it a couple of seconds it started notepad on Linux as well that means that
this protocol is assigned to tens of thousands of machines to spread
information to the entire world and I'm going to show you how to do that in a second
data efficiently and now you can turn that into a botnet
yeah it's black it's supposed to be black so how are we on time anybody know
all right cool we have some time for some QA afterwards so so what's left
We have about around 59,000 brokers, we have sensors, we have ATMs, we have cars, even
airplanes and we can change the data.
So I'm going to leave you with one sentence before you go.
Please do not expose MQTT over Internet.
Thank you very much, guys.
So if you guys want to ask questions, you can step up to the mic and just ask me.
Some of the data I have is very sensitive, so I might not be able to share with you.
I had a question for you.
Do you have any way of telling what's a test server and what's not?
No, that's one of the problems as well.
It's hard to determine what is real and what is not.
So when I used it, I used the public known test servers to actually gather some of the test data that was used.
But I would say most of, I would say 60% is real live servers running.
And then I'm counting low.
There's probably more.
But about 60% I would say are real servers running.
So the industry recommends now that you use basically a proxy of some sort.
So, for example, like the AWS IoT hardware device.
I would recommend to have like an IoT gateway or something in front.
Yeah, IoT gateway with digital signatures.
Yeah.
But then again, small sensors like you have a small Raspberry Pi or have like an Arduino and you don't want this clunky big-ass box you put in.
Then, I mean, what to do?
You have TLS.
Yeah, you have username and password.
But I wouldn't expose it to the Internet anyway.
Yeah, absolutely.
Hey, just a quick update.
Please exit out the back.
The back of the building only.
Thanks.
Okay, so this is more of a marketing thing.
But according to the web page, this is actually SCADA.
Right?
The SCADA.
So you probably would have bought in a lot more attention if you had dealt that off with or at least drew attention to the fact that SCADA is that this is SCADA.
Yeah, it's both used in SCADA and Raspberry Pi and hobby projects as well as medical equipment as well as the industry as well as temperature and voltage control.
IBM has their own stuff and everybody has their own stuff.
All the things.
All the things.
All the things.
All the things.
All the things.
All the things.