Agent Smith Gets Hardware: Autonomous IoT Hacking From Debug Port to Cloud API

About This Session

Last year, Agent Smith turned rogue in software. This year, he got physical access. In this session, we take a cheap off-the-shelf IoT device and let AI agents loose on it. No manual hacking, no memorized commands, no command cheat sheets. Using MCP-driven tool orchestration, the agents autonomously probe the device's hardware debug interface, extract firmware secrets, and intercept its cloud traffic through a rogue WiFi access point. Multiple attack vectors, one device, zero human intervention. This is not a theoretical exercise. Every demo runs on a Raspberry Pi with open-source tools, and the agents make their own decisions about what to probe, what to extract, and what to flag. We will see what they finds, what they miss, and what happens when a device is properly protected. Whether you build IoT products, secure enterprise networks, or just want to know what your smart devices are doing behind your back: this session will make you uncomfortable. Good.

Speaker

Marc Plogas

Cloud and IoT Engineer · RoboTwin

Cloud and IoT Engineer at RoboTwin

Read bio

Marc Plogas discovered his passion for technology at the age of six when an Atari sparked his interest in programming. He holds a Master's in Computer Science and spent nearly a decade freelancing as a software, mobile, and test engineer, as well as a solution architect, before joining Microsoft. At Microsoft, he played an instrumental role in pioneering technologies such as Windows Mixed Reality, Desktop Bridge, and WinUI 3, and later advised startups worldwide on optimizing their cloud architectures with a focus on reliability, scalability, cost efficiency, and security. Now at RoboTwin, Marc builds reliable cloud and edge IoT backbones for no‑code robot teaching and continues to deliver talks and workshops on IoT, AI, and cloud architecture.