POPULARITY
Here are some of the things we talked about: https://www.media.mit.edu/projects/seeing-around-objects/overview/ https://en.wikipedia.org/wiki/Light_field_camera Jiska's inactivity reboot research 404 Media Article about inactivity reboot Joe Grand's YouTube Ken Shiriff - https://www.righto.com/ John McMaster - https://siliconpr0n.org/ Piotr Esden-Tempski https://1bitsquared.com/ Ferrite for iOS Azeria - Arm book - https://azeria-labs.com/ https://x.com/fox0x01 https://leg-assembly.com/ Marcan Asahi linux Joe Fitz Foone Bunnie Huang - Turning Everyday Gadgets into Bombs is a Bad Idea Kill decision book by Daniel Suarez Maddie Stone Malware Unicorn POSEE Show stats as of December 1 2024: Title Release Date Unique Downloads duration_seconds duration_formatted 001 - Success! Aug 14, 2017 4,421 2567.41 0:42:47 002 - Cheap And Easy Aug 29, 2017 3,763 3300.19 0:55:00 003 - Barbies and Keyboards Sep 17, 2017 2,741 2025.26 0:33:45 004 - 0x0FF the Rails Oct 12, 2017 3,461 4142.3 1:09:02 005 - Circuits That Go Nowhere Nov 05, 2017 3,866 3439.2 0:57:19 006 - Marketing Via Stickers Dec 05, 2017 2,832 1029.78 0:17:09 007 - Candy Coated Jan 03, 2018 3,439 2767.85 0:46:07 008 - T0015! Part 0x1 Mar 09, 2018 3,600 1663.35 0:27:43 009 - T0015! Part 0x2: All Ur sigs R belong to uS. Apr 14, 2018 3,651 1710.66 0:28:30 010 - T0015! Part 0x3 - Debug Interfaces May 14, 2018 3,421 2127.58 0:35:27 011 - Making Too Many Assumptions Jun 03, 2018 3,199 2715.12 0:45:15 012 - Cheese vs. SDR Jun 29, 2018 3,218 3987.09 1:06:27 013 - It's Not Magic Jul 04, 2018 3,552 4965.74 1:22:45 014 - Ferrycast Jul 09, 2018 3,209 2419.78 0:40:19 015 - Updates! Aug 30, 2018 2,990 1172.03 0:19:32 016 - Supercon 2018 Part 1 Nov 10, 2018 2,731 2678.26 0:44:38 017 - Supercon 2018 Part 2 Nov 11, 2018 2,776 2866.56 0:47:46 018 - Ghidra Mar 15, 2019 3,433 1277.65 0:21:17 019 - It's Still Not Magic Apr 06, 2019 3,244 2701.62 0:45:01 020 - Hardwear.io CTF Interviews Jun 16, 2019 2,607 1747.3 0:29:07 021 - Silent Disco Wizards Jun 23, 2019 2,549 1616.32 0:26:56 022 - Bits Through the Microscope Jun 30, 2019 2,583 1455.57 0:24:15 023 - Magic Moonbeams Jul 08, 2019 2,599 1968.33 0:32:48 024 - Cars, Servers, and FPGAs! Jul 14, 2019 4,046 5272.64 1:27:52 025 - Opaque Magisterium Aug 14, 2019 3,418 5891.14 1:38:11 026 - You Can Lose in so Many Colors! Aug 30, 2019 3,768 7437.72 2:03:57 027 - The Box Sep 08, 2019 2,728 1978.28 0:32:58 028 - Everyone Has a Bag of Tricks Sep 15, 2019 3,326 4440.62 1:14:00 026a Easter Egg Extra Sep 21, 2019 6,666 78.3 0:01:18 029 - Old Timey Name Droppin' Oct 16, 2019 3,464 6108.44 1:41:48 030 - Supercon 2019 Dec 01, 2019 2,797 2193.4 0:36:33 031 - The Title Isn't DibbleDabble Dec 27, 2019 3,150 2691.97 0:44:51 032 - High Molarity Rants Feb 25, 2020 3,239 4232.96 1:10:32 033 - All Over the Place Apr 27, 2020 2,924 2725.33 0:45:25 034 - Mechanical RE Jun 22, 2020 2,715 5550.24 1:32:30 035 - Giving it all away (Listener Survery) Jul 04, 2020 1,936 379.36 0:06:19 036 - ADDVulcan - Hack-a-sat Part 1 Jul 20, 2020 2,406 3438.36 0:57:18 037 - 2020 Survey Results Aug 04, 2020 2,100 1856.98 0:30:56 038 - My Favorite Random Number is 5 Aug 22, 2020 2,892 4540.08 1:15:40 039 - Changing the Nature of Reality Sep 13, 2020 2,667 3678.39 1:01:18 040 - Uh-tastic Oct 03, 2020 2,405 1612.5 0:26:52 041 - What did you fail at this week? Nov 07, 2020 2,956 5504.59 1:31:44 042 - Diwali in the Morning Nov 24, 2020 2,612 3324.93 0:55:24 043 - Filling In Zeros Dec 21, 2020 2,599 4542.95 1:15:42 044 - Scots Army Knife Jan 03, 2021 3,355 6217.34 1:43:37 045 - Rizin and Cutter Feb 15, 2021 3,271 4879.4 1:21:19 046 - Never Reveal the Prestige Mar 18, 2021 2,903 5659.94 1:34:19 047 - The Sun, The Moon, The Stars May 16, 2021 2,650 3042.08 0:50:42 048 - A Bad Case of Kubernitis Jun 06, 2021 3,504 4561.54 1:16:01 049 - Reversing Your Childhood One Game At a Time Jul 10, 2021 3,117 3657.36 1:00:57 050 - Four Years In Aug 22, 2021 2,737 3182.26 0:53:02 051 - Collecting Students With Similar Names Oct 05, 2021 3,113 5296.86 1:28:16 052 - Twitter Is My Lab Notebook Oct 26, 2021 3,607 7612.66 2:06:52 053 - It's Hammer Time! Dec 16, 2021 3,678 6024.75 1:40:24 054 - It's A Calibration, Not An Update! Feb 11, 2022 3,816 4582.27 1:16:22 055 - Stacks Of Bricked Chips Mar 13, 2022 3,626 3716.49 1:01:56 056 - Listening to Jupiter Mar 16, 2022 3,981 4377.36 1:12:57 057 - I Did Not Expect Sharks! May 09, 2022 3,949 5855.03 1:37:35 058 - Technically Met the Specs Jun 15, 2022 3,424 5321.05 1:28:41 059 - Instant Nerd Snipe Jul 04, 2022 3,578 3736.53 1:02:16 060 - The Brie List Aug 12, 2022 3,504 3173.46 0:52:53 061 - A Case of the Sniffles Nov 09, 2022 3,185 3599.93 0:59:59 062 - Keymap Rain Dance Dec 30, 2022 3,581 4588.83 1:16:28 063 - I Read Online That It's Impossible Mar 26, 2023 4,054 4501.32 1:15:01 064 - MS-DOS Malware Chose Me May 21, 2023 3,317 4093.39 1:08:13 065 - Multitalented Grinch Jul 30, 2023 2,932 3831.25 1:03:51 066 - Use Your Scope! Dec 09, 2023 3,135 6012.58 1:40:12 067 - I Don't Know What I'm Doing Mar 02, 2024 2,021 927.97 0:15:27 068 - The Monkey Button Apr 07, 2024 2,458 4131 1:08:51 069 - Canned Cheese and Onion Rings Apr 17, 2024 2,576 4977.68 1:22:57 070 - I Have a DediProblem Jun 09, 2024 3,135 6972.11 1:56:12 071 - Snerd Niped Sep 07, 2024 4,077 5462.2 1:31:02 Have comments or suggestions for us? Find us on twitter @unnamed_show , or email us at show@unnamedre.com . Music by TeknoAxe ( http://www.youtube.com/user/teknoaxe )
In this week's episode, Specter recaps his experiences at Hardwear.IO and a PS5 hypervisor exploit chain presented there. We also cover some of the recently released DEF CON 32 talks. After the conference talk, we get into some filesystem exploit tricks and how arbitrary file write can be taken to code execution in read-only environments. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/260.html [00:00:00] Introduction [00:00:27] Hardwear.io NL 2024 [00:14:27] Byepervisor - Breaking the PS5 Hypervisor Security [00:26:38] DEF CON 32 Main Stage Talks [00:51:16] The Missing Guide to Filesystem Security [01:00:51] Why Code Security Matters - Even in Hardened Environments [01:09:12] How I Defeated An MMO Game Hack Author Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9
Today I am joined by Taylor Davis Reese! Taylor was born and raised just outside of Charlotte, NC. During her high school years, Taylor recognized a need for unique jewelry and began teaching herself to make bracelets and sets for upperclassmen attending prom. After high school, she attended Appalachian State University and Queens University of Charlotte where she earned her degree in Sports Communication. Taylor has always been equally passionate about sports and fashion. After college she worked at Belk for five years where she held positions in trend forecasting and cosmetic buying. In 2013 she started her first blog, The Fancier Fan, as a way to combine both of her passions and to style the jewelry she was making. After college, Taylor realized there was a gap in the market for more fashion forward, team-colored jewelry for smaller fan bases and knew that her jewelry hobby could be a great brand. In 2015, The Fancier Fan was updated to Reese's Hardwear to encompass a wider audience and array of content. December 2021 brought more changes as Taylor decided to separate the jewelry brand (Shop Taylor Reese) from the blog (Reese's Hardwear) and table styling/ entertaining (Always the Host) accounts on social media. In addition to her entrepreneurial endeavors, Taylor is a contributor to Scoop Charlotte, stylist, and is involved with several of the fashion weeks and pop ups held in the Carolinas, and a co-founder of the Charlotte chapter of The Southern C. You can often find her shopping local boutiques or her favorite bead store, reading, or at home spending lots of time with her husband and two boys. Shop Taylor Reese WebsiteShop Taylor Reese InstagramTaylor's InstagramFoster Village CharlotteIsabella Santos Foundation
Jane Lo, Singapore Correspondent speaks with Sandro Pinto, Associate Research Professor and Cristiano Rodrigues, PhD candidate of the University of Minho, Portugal.Sandro holds a PhD in Electronics and Computer Engineering. Sandro has a deep academic background and several years of industry collaboration focusing on operating systems, virtualization, and security for embedded, cyber-physical, and IoT-based systems. He has published 70+ scientific papers in top-tier conferences/journals (e.g., IEEE S&P, USENIX Security) and is a skilled presenter with speaking experience in several academic and industrial conferences (e.g., Black Hat Asia, Hardwear.io, RISC-V Summit, Embedded World). Sandro is a long-term supporter of open-source projects and is currently helping several companies and institutions to make security practical at scale. Cristiano Rodrigues is a PhD candidate at the University of Minho in Portugal, with a master's degree in Electronic and Computer Engineering. Cristiano is a driven and skilled individual with extensive expertise in ardware/software co-design, safety-critical systems, trusted execution environments for microcontrollers, Armv8-M TrustZone, and embedded security for IoT-based systems.In this interview, Sandro and Cristiano gave highlights of their talk on a novel class of microarchitectural timing side-channel attacks affecting MCUs.They shared that while the discovery of Spectre and Meltdown side channel attacks exposed the potential side channel attacks on hidden transient states, there is one class of computing systems apparently is resilient to these attacks: microcontrollers (MCUs).Sandro introduced that MCUs are at the heart of embedded and IoT device (such as smart watches, IoT home devices), and as such resource constraint in terms of computing power, memory and power consumption. As such, he said there is a common belief that MCUs are not vulnerable to such attacks as Spectre or Meltdown, as MCUs microarchitecture is intrinsically simple - compared to the more complex microprocessors powering Cloud infrastructure, server, desktops and hence more vulnerable to side channel attacks.Sandro and Cristiano demonstrated the fallacy of this assumption through their attack on a Smart IoT lock. By mounting a side channel (timing) attack on a Smart lock application (that for example unlock a vault or a door), they were able to retrieve the secret PIN.Sandro also reflected on the challenges and shared some thoughts on increasing the sophistication of the attack (e.g. remote access, alleviate the need for access to code, scaling to multiple types of microcontrollers). Wrapping up, he stressed that sharing the results of their work is part of responsible disclosure, and advised consumers who buy IoT devices with affected microcontrollers to look out for potential announcements from manufacturers. (For an example of a follow-up action from a manufacturer ARM, see: https://developer.arm.com/documentation/ka005578/latest/)Recorded 11th May 2023, 12noon, Black Hat Asia 2023, Singapore Marina Bay Sands#bhasia#cybersecurity #mysecuritytv
Jen and Alvaro chat with Thomas Roth (@ghidraninja on Twitter) about Airtag reverse engineering, debugging iPhones, and GameBoy RE! You can also find Thomas on his stacksmashing.net, YouTube, and @stacksmashing@infosec.exchange. Here are some links to the topics we covered: stacksmashing youtube channel Linux on iPod Airtag fault injection twitter thread Bypassing code protection on NRF52 Raspberry pi pico PIO Joe Grand wallet glitch video Wallet.fail Lennert's Starlink terminal glitching DEFCON talk DEF CON 29 - Thomas Roth - Hacking the Apple AirTags How the Apple AirTags were hacked Hardwear.io NL 2021: Over The Air-Tag: Shenanigans With A Keyfinder by Jiska , Fabian And Thomas Kanzi Cable Bonobo Cable MFi IDBus and Lightning The Secrets of Apple Lightning - Part 1 (Video) The Hitchhacker's Guide to iPhone Lightning and JTAG Hacking (DEF CON 30 Presentation) DCSD cable (lightning uart) Frida Saleae Openocd Tamarin Firmware Repo USB Cable Tester Picoprobe rpi2040 swd adapter Mario Kart AI training video Tetris movie Multiplayer tetris Webusb Online Multiplayer on the Game Boy (video) Gameshark Ghidra ChipSHOUTER-PicoEMP F$#k powerpoint there's no power in the point Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
Note: We have 5 year anniversary T-Shirts available for sale. Order is open until Nov 28. We chatted with Sultan Qasim Khan (github) about BLE reverse engineering, relay attacks, and more! Libusb FTDI D2XX Motorola Mobility NCC Group Mike Ryan Ubertooth Mike's Paper on BLE Security TI BLE sniffer Nordic BLE nRF snifferhttps://www.ellisys.com/products/bex400/ Time-of-flight 802.15z Relay attack Sniffle Presentation at Hardwear.io 2019 and blog post Sniffle Git Repo https://fortune.com/2022/05/17/tesla-hacker-shows-how-to-unlock-start-and-drive-off-with-car/ nOBEX Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
Reese's Hardwear is a creative space designed to inspire & educate by influencer and creative Taylor Davis Reese. Known for her colorful and casual style with a side of "extra". Learn more at https://www.reeseshardwear.com
In this episode, Hardin shares the significance of reaching new milestones. #LifeOfABossThis episode is brought to you by:www.madeindena.comFor more information about LIFE OF A BOSS The Podcast, visit:www.lifeofaboss.netClick to listen to LIFE OF A BOSS The Podcast on Apple Podcasts:https://podcasts.apple.com/.../life-of-a.../id1587842889Click to listen to LIFE OF A BOSS The Podcast on Spotify:https://open.spotify.com/show/4sw9u9v5nZSYgg5wb115p6For more places to listen to LIFE OF A BOSS The Podcast:https://lifeofaboss.buzzsprout.com/To browse and purchase official gear, visit:www.hardwayenterprise.com/bossshop Buzzsprout - Let's get your podcast launched! Start for FREEDisclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show
Special thanks to Andrea of Hardwear.io team for inviting us. We learned a ton and meet a bunch of new people while (as of this writing) stayed COVID-free. Interviews in order: Eric Schlaepfer - author of the new book with co-author Windell Oskay (of “Evil Mad Scientists Laboratories” fame ) “Open Circuits” on No Starch press. Notes there are PREORDER discounts. Jacob Creedon: Just before his talk… at the Mountain View Reverse Engineering Meetup. Spencer Moss from Google (I'm sure you can google the company) security engineer Ken from Somerset Recon Will McGuiness as the workshop assistant for John McMaster's microprobing workshop. Mike Ryan: Bluetooth expert from Ice 9 Consulting and previous guest. As promised he would be on this next show… but the part2 of our RF tools with him will be the next episode. Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
Laura Abbott of Oxide Computing spoke with us about a silicon bug in the ROM of the NXP LPC55, affecting the TrustZone. More information about the two issues are in the Oxide blog: Another vulnerability in the LPC55S69 ROM Exploiting Undocumented Hardware Blocks in the LPC55S69 More about LPC55S6x and their LPC55Sxx Secure Boot Ghidra is a software reverse engineering framework… and it is one of the NSA's github repositories. Laura will also be speaking about this at Hardwear.io in early June 2022 in Santa Clara. Twitter handles: @hardwear_io, @oxidecomputer, @openlabbott, The vulnerability was filed with NIST: NVD - CVE-2021-31532 Transcript
Our guest, Jiska Classen (@naehrdine) is a security researcher at University of Darmstadt (why, yes you can specialize in Security here) and focuses on reverse engineering wireless things. She is a speaker at this year's Hardwear.io. We did a deep dive on ROM patches on Broadcom chips. If you will want to listen to this episode if you are thinking about using iOS devices for your reversing. https://github.com/seemoo-lab/frankenstein (Jan Ruge) https://github.com/seemoo-lab/internalblue (Dennis Mantz) - not be confused for eternal blue. Nexmon --- Nexus monitor wifi https://github.com/seemoo-lab/nexmon https://github.com/seemoo-lab/polypyus (Jan Friebertshäuser) Thumbs up - ARM function identification https://karta.readthedocs.io/en/latest/Thumbs%20Up.html Checkra1n - bootloader to jailbreak on iOS. https://checkra.in/ ToothPicker (Dennis Heinze, aka Dennis #2*) https://github.com/seemoo-lab/toothpicker fpicker - Another/2 Dennis (Dennis Heinze) https://github.com/ttdennis/fpicker Xnuspy https://github.com/jsherman212/xnuspy Frida objection https://github.com/sensepost/objection “funniest fuzzer ever wrote” (ComCenter but this has the parsing guts) Obligatory video of AirTechno on AirTag. AirGuard - android air tag app. https://github.com/seemoo-lab/airguard * Sorry Dennis. You were just the second Dennis in this interview. Certainly this doesn't reflect upon you as a person or a professional.
The Brooklyn Blast Furnace is back. Thank you for stickin' around while I was on break. You're appreciated. My guest on Episode 228 is Warren Lee. He is a founder and co-owner of "Pitchfork Hardwear", a sales rep for "Richter Straps" out of Germany. Warren has deep roots within the NYHC scene, being a former member of "Out of Line (Queens)" and "25 Ta Life". We go from back in the days all the way through to him being a guitar tech for Jeff Hanneman and Kerry King and how he landed the opportunity to tour the world several times with SLAYER for 16 years. Not to mention being a tech or stage manager for "Sevendust", "Meshuggah", "Hatebreed", "Rob Zombie", "Rancid" and a ton of other bands. Warren rules. Support Pitchfork Hardwear and enjoy. Respect.
Focus dédié au label allemand de qualité supérieure BEATDOWN HARDWEAR. Au programme: **DOS DIAS DE SANGRE - DESPITE ALL WARNINGS** “Dia De Los Muertos” (2008) **RUCKUS - PURGE** “Human Pollution” (2009) **COLD HARD TRUTH - TWENTY HARD HERO** “Deliver The Fear” LP (2010) **XIBALBA - FALLEN** “Madre Mia Gracias Por Los Dias” LP (2010) **WORLD OF PAIN - SHADOW TALKER** “S/T” LP (2011) **FALLBRAWL - CAN YOU DIG IT** “Pure Mayhem” LP (2012) **THE LAST CHARGE - STRAIGHT OUTTA NOWHERE** “Straight Outta Nowhere” LP (2012) **COLDBURN - LOVE LEFT ME** “The Harsh Fangs Of Life” LP (2012) **NASTY - SLAVES TO THE RICH** “Love” (2013) **LOOK MY WAY - A DEATH IN THE FAMILY** “Mentality” (2013) **THE SETUP - TRAPPED UNDER THE WEIGHT** “The Thing Of Ours” (2013) **RYKER'S - CAN'T KILL A DREAM** “Hard to The Core” (2014) **WARHOUND - ONSLAUGHT** “Next Level” (2014) **MAD AT THE WORLD - BUILT UPON ASHES** “Domination” (2015) **CDC - DEGENERATION** “End” EP (2015) **NO ZODIAC - RISE OF UNHOLY** “Eternal Misery” (2015) **LIONHEART - PAIN** “Love Don't Live Here” (2016) **DESOLATED - RELAPSE** “The End” (2016) **HARM/SHELTER - VENOM** “Paycheck” (2016) **MALEVOLENCE - SLAVE TO SATISFACTION** “Self Supremacy” (2016) **THESE STREETS - BITE THE HAND** “Unfinished Business” EP (2017) **WORDS OF CONCRETE - GHETTOBEAT 2.0** “Negative Vibes” (2018) **BRUTALITY WILL PREVAIL - DENY THE TRUTH** “Misery Sequence” (2019) **WOLFPACK - TAPEWORM** ‘A.D.” EP(2020) **WORST DOUBT - EXTINCTION** “Extinction” (2021)
John McMaster (@johndmcmaster) told us about the process of opening up chips to see how the processors are structured and what the firmware says. See John’s website for information on getting started (as well as digging much deeper). John has given some interesting Hardwear.io talks including Capturing Mask ROMs and Taming Hydrofluoric Acid to Extract Firmware. His talks and many others are available on the Hardwear.io archive. Or sign up for the Hardwear.io Online Hardware Security Training, Berlin Jan 2021. As mentioned in the show: John wrote a blog post about his top lab accidents and explosions. Paper: Reverse engineering Flash EEPROM memories using Scanning Electron Microscopy by Franck Courbon, Sergei Skorobogatov, and Christopher Woods Rompar and bitract are the two programs mentioned as helpful for getting from an image to binary code.
Доклады: Defeating TLS client authentication using fault attack | Nicolas & Sylvain ( https://youtu.be/OWD5hSaYqHA ) Practical protection from firmware attacks in hardware supply chain | Sophia d’Antoine ( https://youtu.be/x8kM3YVt5KI ) Capturing Mask ROMs | John McMaster ( https://youtu.be/JpA2VScMqHo ) Hints from Hardware Security for solving real-world challenges | Dr Sergei ( https://youtu.be/5d_GvjlBKvU ) From Bluetooth Standard to Standard Compliant 0-days | Daniele Antonioli ( https://youtu.be/ZVSbF11uxuk ) Reverse engineering of neural network architectures via side-channel | Stjepan Picek ( https://youtu.be/a-ZnfyP6t5g ) Мы в соцсетях: 1. Telegram: https://t.me/proConf 2. Youtube: https://www.youtube.com/c/proconf 3. SoundCloud: https://soundcloud.com/proconf 4. Itunes: https://podcasts.apple.com/by/podcast/podcast-proconf/id1455023466 5. Twitter: https://twitter.com/ProconfShow
Machine Learning Class Digital clock project Alvaro’s T-shirt Quilt USB-C Power Project StepMania Evil Mad Scientist Labs Ship Anywhere Good Food List Artisan Cheese Online Knife Skills Class (For cutting food, not people) Jitsi Strange Parts 3-2-1 Backup Strategy Alvaro’s Letterbox’d Movies: Mood Indigo 3 Idiots Never Surrender: A Galaxy Quest Documentary Moog Bon Appetit Reverse Engineering Hardwear.io Virtual Con April 30-May 1 Toorcamp - July 14-18 2021 Teardown 2020 - September 18-20 Maddie Stone’s Android RE Livestream and Github repo for workshop Kate Temkin has her Live Stream Archives on Youtube Jen’s Hackaday Talk IDA Home Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
In this episode, Jen and Alvaro talk with John McMaster about the Mountain View Reverse Engineering Meetup and some of his other projects. MTVRE Patreon https://siliconpr0n.org/ Hardwear.io USA Mike Ryan Dmitry Grinberg Natalie Silvanovich RPI-SEC club Riscure John’s station wagon Swiss light source Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
In this episode, Alvaro talks to Major Malfunction at the Hardwear.io conference. Alvaro first saw his Magstripe Madness talk at Defcon 14 (slides). Magnasee F2F Encoding Magnetic Stripe Standards Hardpwn contest RFIDOt Proxmark 3 developed by Iceman (patreon) EMV Adam’s Github Adam’s Blog RFIDler (Kickstarter) HackRF FUNCube URH (Universal Radio Hacker) Scapy River Loop Sec’s KillerBee Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
In another episode recorded at the Hardwear.io conference, Alvaro talked to Chris Gerlinksy(@akacastor) about ROM extraction and other IC reverse engineering tools/techniques. Here are links to some of the things/topics mentioned: Chris' Hardwear.io Talk Chris’ talk about cracking satellite and pay tv systems from 33C3 Micro-probing Wet Etching Chemical Mechanical Polishing (CMP) John McMaster’s SiliconPr0n.org Implant ROM Focused Ion Beam (FIB) Reversing the Nintendo 64 CIC - REcon 2015 Chris’ consulting site - http://pdrnorth.com Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
In this episode, Alvaro is joined by Jonathan Brossard to talk about the Witchcraft Compiler Collection during the Hardwear.io conference. We talked about various tools/topics including: Moabi - firmware security automation tool Change.org Breaking Bitlocker - Defcon 16 Whitepaper Rakshasa Hardware/Firmware Backdoor Defcon talk and slides PE Binaries ELF Files QEMU strace Ltrace Address Space Layout Randomization Silent Disco Icecast IMSI Catcher SilentProtest.io SilentProtest Github RocketChat Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
In this episode, Alvaro interviews contestants and organizers of the Hardwear.io CTF challenge First, we’re joined by two members of the OpenToAll CTF team. Graziano and Antonius. The second segment is with one of the creators of the CTF challenge, Philippe Teuwen(@doegox) from Quarkslab. The third segment was with Team Pineapple. Other topics mentioned/covered: https://csaw.engineering.nyu.edu/ctf https://nullcon.net https://www.hitb.org https://en.wikipedia.org/wiki/Tempest_(codename) https://www.pjrc.com/teensy/ https://www.arduino.cc https://www.nongnu.org/avrdude/ Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
Brandon Wilson (@brandonlwilson) shared his stories about hacking TI calculators (and other things). TICalc.org has the latest on getting started yourself including Z80 assemblers, or start on Brandon’s website: brandonw.net Bradon will be speaking at Hardwear.io, a security conference for the hardware and security community. The conference consists of training (11th - 12th Sept 2018) and conference (13th - 14th Sept 2018). It is in The Hague, Netherlands. His talk is The Race to Secure Texas Instruments Graphing Calculators. He will also be hosting a village called Dumping the ROM of the Most Secure Sega Genesis Game Ever Created. Topics: 00:00:00 Introduction 00:00:33 Brandon Wilson 00:01:39 Lightning Round 00:02:37 Calculators! 00:03:58 Programmable calculators, using TI BASIC 00:05:00 Ti-85, programmable via assembly language 00:06:35 App store for my calculator? 00:07:34 How does TI prevent cheating? 00:09:41 Testguard for teachers 00:12:53 Some are WiFi capable 00:13:41 How Brandon learned to hack the TI 00:15:12 Processors used in the TI calcs 00:16:39 What tools are available for reverse engineering? 00:17:42 Breaking the keys 00:18:49 Flash unlock protection 00:20:14 TI hacker community 00:21:32 TI used 512-bit RSA keys 00:22:32 Key broken after 2 months of brute force 00:22:58 TI threatened the first key breaker 00:23:31 Built a distributed community to attack keys 00:24:38 TI was not happy 00:25:03 DMCA takedown notice 00:27:28 EFF offered to help 00:29:30 The ethics of circumventing TIs protection 00:33:23 Calculators as a platform for learning HW/FW 00:35:11 Hackers' responsibility toward the hacked 00:39:05 Hacks Brandon is uncomfortable with 00:42:55 Bug bounties, are they effective? 00:44:02 Brandon's other projects 00:44:26 TI calculator processors used all over 00:44:50 Sega Genesis 00:47:54 Code execution via the Sega Genesis CD 00:53:35 Calculators changed my life (back up) 00:54:21 Other projects, USB 00:55:31 Abuse the USB protocol 00:58:24 Modifying USB flash drive FW 01:03:21 Reverse engineering tools 01:06:13 Hardwear.io conference, Brandon's hacking village 01:09:22 Brandon's Final Thought 01:10:19 Outro 01:11:20 Final Quote
We spoke with Axel Poschmannof DarkMatter LLC(@GuardedbyGenius) about embedded security. For a great in-depth introduction, Axel suggested Christof Paar’s Introduction to Cryptography class, available on YouTube. We also talked about ENISA’s Hardware Threat Landscape and Good Practices Guide. Axel will be speaking at Hardwear.io, a security conference for the hardware and security community. The conference consists of training (11th - 12th Sept 2018) and conference (13th - 14th Sept 2018). It is in The Hague, Netherlands. DarkMatter is hiring. Elecia has some discount coupons for the Particle.io Spectra conference.
Columbia Sportswear's President and CEO Tim Boyle stops by to discuss the company's proud history serving global outdoor consumers for over 70 years and the innovations and designs driving success through all of its brands - Columbia, Sorel, Mountain Hardwear, and Prana. Tim and the boys trek through a number of topics including innovation, trade, changing retail, the outdoor consumer, and the company's recent Star Wars collaboration. Jasmine explores emerging outdoor trends, such as Outdry Extreme Shoes, in her Fashion Footwear in Focus segment.