POPULARITY
Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865
Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865
Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865
Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865
This week's EYE ON NPI is the 'top' pick for the 'top' of the year: our first NPI choice of 2024 is Microchip's MPLAB PICkit 5 in-circuit debugger! (https://www.digikey.com/en/product-highlight/m/microchip-technology/mplab-pickit-5-in-circuit-debugger) This is the latest all-in-one toolkit for programming and debugging any chip available from Microchip, and believe us when we say there's a lot of chips available with different program/debug systems that need supporting! MCP purchased Atmel in 2016 (https://en.wikipedia.org/wiki/Atmel#Acquisition_by_Microchip_Technology) and since then has been slowly integrating Atmel chips such as AVR/SAM/ATtiny/ATmega into the MCP toolchains and workflows. For that reason, the PICkit is powered by a advanced 300MHz ATSAME70 chip, which provides ICSP, MIPS EJTAG, SWD, AVR JTAG, AVR UPDI & PDI, AVR ISP, TPI and debugWire. To do that, there's an 8-pin 0.1" socket connector on the end, you're expected to select the right grouping of pins for whatever chip you're targeting. You can make a custom wire harness, but we think you might be best off also picking up the AC102015 Adapter Kit (https://www.digikey.com/short/tr3bhf52) which comes with every popular cable adapter. OK since we are talking about a PICkit, it's not surprising that all of the PIC microcontrollers are supported - these use an "ICSP" programming method (https://ww1.microchip.com/downloads/en/DeviceDoc/30277d.pdf) with power, ground, two data pins and a VPP high-voltage line for FLASH reprogramming. We still use this interface to program chips like the PIC12 on the pixie 3W LED driver (https://www.adafruit.com/product/2741) This interface is ancient and will program basically every PIC12, PIC16 and beyond - Microchip was thankfully very consistent on this interface. Of course, you probably are also using Cortex-based chips: these use JTAG and SWD (https://developer.arm.com/documentation/101636/latest/Debug-and-Trace/JTAG-SWD-Interface). Those are also supported! Since this is a programmer plug debugger, you can also connect SWO for trace. The same JTAG/SWD interface is used for programming and debug. Supporting AVRs is also included, and for less than the price of the ATMEL ICE (https://www.digikey.com/en/products/detail/microchip-technology/ATATMEL-ICE-BASIC/4753381) you get all the same chips supported. Aaaand there's a lot more required to support the whole AVR family. For example, many small older ATtiny chips, you'll be using TPI (https://ww1.microchip.com/downloads/en/Appnotes/doc8373.pdf) because you only have a couple pins available. On newer ATtiny chips (and maybe even ATmegas) the async-uart-single-wire UPDI interface (https://onlinedocs.microchip.com/pr/GUID-DDB0017E-84E3-4E77-AAE9-7AC4290E5E8B-en-US-4/index.html?GUID-9B349315-2842-4189-B88C-49F4E1055D7F) is becoming more popular, that's available with an optional high-voltage mode which would let you use the UPDI pin as a reset pin as well. Standard ISP is supported for programming those Arduino compatibles you've got in a drawer, and there's also debugWire support! This was a one-wire debugging interface for AVRs that we never got to try out, so maybe now I will be able to! Don't forget you'll want that AC102105 Adapter Kit (https://www.digikey.com/short/tr3bhf52) to make wiring to various dev boards easier. The most interesting new features that we haven't seen on other programmers is the 'Programmer To Go' field-reprogramming capability which allows burning full programming configuration files off of a micro SD card to any target, it can even be powered from the target if needed! Use MPLAB X to create the file that contains all the fuses and data to be transferred. Save to any FAT32 formatted uSD card, then on site you can press the button to re-program the device. The indicator LED strip will give some visual feedback so you know what it's up to. If you want more control over the setup, use the iOS or Android app to pair over Bluetooth, then select which file and also get error reports in readable text. For any development needs you've got with PIC or AVR or SAM chips, the Microchip MPLAB PICkit 5 in-circuit debugger (https://www.digikey.com/short/fznt5mnh) is going to be the best and most-supported tool - being an official Microchip product means you don't have to worry about future chip support or historic chip maintenance. And best of all it is in stock right now at DigiKey for under $100.(https://www.digikey.com/short/fznt5mnh) Add one to your cart and it will ship immediately so you can be PIC'ing, debugWire'ing and UPDI'ing by tomorrow afternoon.
A few weeks ago, we covered the 2x5 0.05" pitch SWD sockets https://blog.adafruit.com/2023/08/14/the-great-search-2x5-0-05-jtag-swd-connector-and-cable-thegreatsearch-digikey-adafruit-digikey-adafruit/ that we have on many of our dev boards. Those connectors are standard issues for programming Arm Cortex chips with SWD or other devices with JTAG. However, sometimes you don't need or want the bulk of a chonky IDC connector - and only some customers will need to field reprogram or debug. But just having pogo pads is more accessible to connect to if you have the specific jig. We'll cover two solutions for 'press fit' programming: Tag Connect standard https://www.tag-connect.com/ and another exciting option we spotted on Twitter, now called X, from arturo182 and abhinav_937 https://twitter.com/arturo182/status/1701760589419208995 , is using a SKEDD REDFIT cable. https://www.digikey.com/short/t1hhf3qj See the chosen part on DigiKey https://www.digikey.com/short/327pnnbw Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ ----------------------------------------- #adafruit #deskofladyada #thegreatsearch #digikey #hardwarehacking #prototyping #usbhost #tinyusb #featherwing #chatgpt4 #debouncing #swdsockets #tagconnect #skeddredfit
The 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. Our guest for this segment was one of the leads during the 40-day conflict and helped organize teams that responded to everything from websites being attacked and country-wide Internet outages. In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management software, the vulnerability is in the SDK, tearing apart printers to find vulnerabilities, a pain in the NAS, urllib.parse is vulnerable, hacking the subway, again, how not to implement encryption from OSDP, Intel does a good job with security, and hacking card shuffling machines! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-795
The 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. Our guest for this segment was one of the leads during the 40-day conflict and helped organize teams that responded to everything from websites being attacked and country-wide Internet outages. In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management software, the vulnerability is in the SDK, tearing apart printers to find vulnerabilities, a pain in the NAS, urllib.parse is vulnerable, hacking the subway, again, how not to implement encryption from OSDP, Intel does a good job with security, and hacking card shuffling machines! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw-795
In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management software, the vulnerability is in the SDK, tearing apart printers to find vulnerabilities, a pain in the NAS, urllib.parse is vulnerable, hacking the subway, again, how not to implement encryption from OSDP, Intel does a good job with security, and hacking card shuffling machines! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-795
In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management software, the vulnerability is in the SDK, tearing apart printers to find vulnerabilities, a pain in the NAS, urllib.parse is vulnerable, hacking the subway, again, how not to implement encryption from OSDP, Intel does a good job with security, and hacking card shuffling machines! All that and more on this episode of Paul's Security Weekly! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-795
On our latest ESP32-S3 board, we added a JTAG connector, as we do on many Adafruit Metro microcontroller boards. This is a 'standard' port for SWD or JTAG that is smaller than the common 2x10 connector. This size is common to many debuggers like the Atmel ICE (https://blog.adafruit.com/2022/07/01/the-great-search-programmer-debugger-for-atsamd21-chips-adafruit-digikey-microchipmakes/) or J-Link (https://www.digikey.com/en/products/detail/segger-microcontroller-systems/8-08-00/2175882). The connector is a "jellybean" part, with many possible vendors. Let's find a few options that you can put onto your next dev board for easy debugging! See the chosen part on DigiKey https://www.digikey.com/short/rcmjwc81 Visit the Adafruit shop online - http://www.adafruit.com
Cisco's 8000 Series Router changed the game in high end routers, largely thanks to the Silicon One ASIC. It also introduced to the industry some of the first 400G ports along with Cisco's QSFP-DD form factor pluggable optics. In Episode 33, we continue our conversation with Ammar Khan, Product Management Leader for the 8000 Series Router. In this episode we talk about security features in the 8000 router. – Pat Chou, Cisco Optics Product Manager Ammar received his BSEE at the University of Oklahoma and an MBA from Santa Clara University. He started his career as member of technical staff at an ASIC emulation start-up, where he worked on cutting edge ASIC and FPGA designs. His first foray into networking system design was at another startup based out of Massachusetts. He then moved to Broadcom through the company's acquisition and launched and managed products with over $250M in revenue. In 2010 he moved to Ericsson's IP Division and defined their edge router line with an annual revenue of over $150M. Ammar joined Cisco in 2018 and has been with the 8000 Series Router team for over 4 and half years. He has worked on various areas of the 8000 product line, including fixed and modular systems, line cards, fabrics, optics, platform security, and more. Related links Cisco Optics-to-Device Compatibility Matrix: https://tmgmatrix.cisco.com/ Cisco Optics-to-Optics Interoperability Matrix: https://tmgmatrix.cisco.com/iop Cisco Optics Product Information: https://copi.cisco.com/ Additional resources Cisco Optics Podcast: https://blogs.cisco.com/tag/ciscoopticspodcast Cisco Optics blogs: https://blogs.cisco.com/tag/ciscoopticsblog (subscribe at https://feedburner.google.com/fb/a/mailverify?uri=CiscoOpticsBlog ) Cisco Optics YouTube playlist: http://cs.co/9008BlQen Cisco Optics landing page: cisco.com/go/optics Timestamps 2:17 The bar is being raised 4:02 Security features of 8000 router 5:17 JTAG ports 7:38 Checking hardware identity Music credits Sunny Morning by FSM Team | https://www.free-stock-music.com/artist.fsm-team.html Upbeat by Mixaund | https://mixaund.bandcamp.com
This week's EYE ON NPI comes to us from the brilliant wireless engineers at Nordic Semiconductor - it's the Nordic nRF9160 System-in-Package with Integrated Cellular and GNSS (https://www.digikey.com/en/product-highlight/n/nordic-semi/nrf9160-sip). You know them for their popular nRF52 series of microcontrollers that have integrated Bluetooth LE - they're the market leaders for BLE development and support, with excellent software and low-power capabilities. A few years ago they decided to start branching out from their hit products and into more wireless IoT transports, like cellular and, more recently, WiFi (which perhaps we'll cover in a future EYE ON NPI!). The nRF91 series (https://www.nordicsemi.com/Products/nRF9160) is the Nordic Semi flagship cellular line, but it's different than most cell modules we've used. Normally you get a modules say from Quectel, and interface to it via USB or UART - sending AT commands (https://en.wikipedia.org/wiki/Hayes_command_set) and parsing the responses. That's fine and good but means that there's often a secondary microcontroller that has to do the work, and there's always a lot of work to do that parsing and command handling. What we like about the nRF91 is that it comes as a cute SIP package, much smaller than most modules, and integrates an ARM Cortex M33 with 1MB of flash, 256KB of RAM that you can program directly. This is familiar to folks who use the nRF52 series, where the BLE stack is integrated in hardware/firmware through the 'SoftDevice' system. (https://infocenter.nordicsemi.com/topic/ug_gsg_ses/UG/gsg/softdevices.html) You get all the hardware-interfacing you need with 32 GPIO, 12-bit ADC, RTC, SPI, I2C, I2S, UART, PDM and PWM which means that ideally you can develop your entire product on a single chip without need for external peripherals or drivers. The nRF91 comes in three flavors: nRF9160-SIAA (https://www.digikey.com/en/products/detail/nordic-semiconductor-asa/NRF9160-SIAA-B1A-R7/13533593) which has only LTE-M cellular support, nRF9160-SIBA (https://www.digikey.com/en/products/detail/nordic-semiconductor-asa/NRF9160-SIBA-B1A-R7/13533587) which has only NB-IOT support, and the nRF9160-SICA (https://www.digikey.com/en/products/detail/nordic-semiconductor-asa/NRF9160-SICA-B1A-R7/13533588) which has LTE, NB-IOT and GNSS. Each one has is pin-compatible but has different price levels, so pick the one that fits your budget and wireless needs. Note there's full 700MHz - 2.2GHz band support on each version of the SIP, so you don't have to order different SIPs for North America, South America, Asia, Europe, Africa, etc. There are global certifications available that you can look up to make sure you are cleared to integrate in any country you may need (https://www.nordicsemi.com/Products/Low-power-cellular-IoT/nRF9160-Certifications) The Nordic nRF9160 modules have been out for a few years, so there's lots of development boards you can use. For example, Nordic's in-house made dev board is fully featured with every add-on needed, plus Arduino-compatible headers (https://www.digikey.com/en/products/detail/nordic-semiconductor-asa/NRF9160-DK/9740721). There's also the extremely well-named Nordic Thingy 91 (https://www.digikey.com/en/videos/n/nordic-semiconductor/introducing-the-nordic-thingy-91-cellular-iot-prototyping-platform) which is a great dev kit for designing compact, battery powered, sensor-filled prototypes. The prior is better when you want to have JTAG headers and connect lots of external hardware, the latter is good if you happen to have some overlap with the built in hardware and want to prototype user experiences. If you are a Feather Fancier, there's an nRF9160 Feather (https://www.digikey.com/short/94tc2w84) that you can use to make lightweight portable designs that plug into FeatherWings. Best of all, all three versions of the nRF91 (https://www.digikey.com/en/product-highlight/n/nordic-semi/nrf9160-sip) are in stock now for immediate shipment from Digi-Key! We recommend starting with the full-featured nRF9160-SICA (https://www.digikey.com/short/j97r25p7) as you can always place the final design with one of the pared down SIAA or SIBA when you go to production. Order today for instantaneous shipment, you'll have these in your hands by tomorrow afternoon.
Pokračování povídání o světě mikrokontrolérů – Michal Rybka a Martin Vaňo vás ve druhém díle provedou konkrétním hardwarem. Povídání začíná u dobře známé firmy Intel. Osmibitový čip 8085 z roku 1976 se dvěma instrukcemi a napájením pouhých +5V – jak dlouho myslíte, že se asi vyráběl? Možná vás udiví, že poslední kusy sjely z výrobní linky v roce 2000! Mnohé další zajímavosti o 8085 a jiných čipech z dílny Intelu jsou tématem aktuálního Wolfcastu. Michal dále zapluje do oceánu mikrokontrolérů, jak sám nazývá portfolio několika desítek firem (!), které čipy produkovaly. Rovněž nám představí průmyslový standard JTAG: specifickou záležitost, o jejíž existenci mají povědomí pravděpodobně jen lidé zasvěcení do světa mikrokontrolérů. Světa, který můžeme označit za vysoce inženýrskou disciplínu. Podívejte se na https://www.retronation.cz na další skvělé výlety do herního retra!
This week's EYE ON NPI is from long-time Maker-buddies FTDI Chip (https://www.digikey.com/en/product-highlight/f/ftdi/ft233hpq-usb-bridge): The FT233HP (https://www.digikey.com/en/products/detail/ftdi-future-technology-devices-international-ltd/FT232HPQ-REEL/13981010) and FT232HP (https://www.digikey.com/en/products/detail/ftdi-future-technology-devices-international-ltd/FT233HPQ-TRAY/13981013) builds on decades of work FTDI (https://www.digikey.com/en/supplier-centers/future-technology-devices-intl) have pioneered in making excellent quality USB controller ICs. This chip has taken the successful FT232H (https://www.digikey.com/en/products/detail/ftdi-future-technology-devices-international-ltd/FT232HQ-REEL/2614626) that we're very fond of and added first-class USB Type C support with PD3.0 control. (https://www.usb.org/usb-charger-pd) Now in case you haven't tried them out yet, we make some nice FT232H breakouts here at Adafruit (https://www.adafruit.com/product/2264). This chip from FTDI is similar to their USB to serial converter chips (https://www.adafruit.com/product/284) but adds a 'multi-protocol synchronous serial engine' which allows it to speak many common protocols like SPI, I2C, serial UART, JTAG, and more! There's even a handful of digital GPIO pins that you can read and write to do things like flash LEDs, read switches or buttons, and more. The FT232H breakout is like adding a little swiss army knife for serial protocols to your computer! We recently even gave this chip a bit of a refresh by adding a Stemma QT port, an I2C mode switch, and a USB C port. However, that USB C port doesn't do anything fancy with USB C - it just has the bare-minimum resistors to let the upstream port know to give it 5V and use classic USB D+ and D- lines The FT232HP, on the other hand, is a full new version of the chip with individual CC1/CC2 pins that are used to communicate with the upstream port to tell it what voltage level and current level desired. With PD, we can request up to 20V on the power pins (https://www.usb.org/usb-charger-pd) - and it can do this fully automagically by configuring an external EEPROM chip that is wired up on a PCB. You can program the EEPROM as many times as you like, using the FTDI Prog tool or via a command line tool (https://www.ftdichip.com/Support/Documents/AppNotes/AN_551_FT4232HP_FT2232HP_FT232HP_Configuration_Guide.pdf) Once configured you can also use GPIO pins to adjust the PD settings, or even use a built in I2C peripheral engine that can be configured by a separate microcontroller. Besides the fancy new USB C power delivery control - the FT232HP and FT233HP also of course have the GPIO-control goodies we love about this series. The MPSSE peripheral set can mimic a wide variety of popular and useful protocols such UART RS232, RS422, RS485, 8-bit parallel, JTAG, SPI and I2C controllers. We've got Adafruit Blinka support for MPSSE (https://learn.adafruit.com/circuitpython-on-any-computer-with-ft232h) and while we haven't tested it with the FT232HP just yet, we're pretty sure it is going to be largely compatible (besides perhaps having a different USB PID). If you're making a product that needs USB C PD, and maybe some GPIO control over USB - this chip could really do a great job at saving you months of development time. Particularly if you can use the MPSSE control software on a computer to avoid any firmware writing at all! Or, if you do have a microcontroller, you could get rid of half your power supply by dropping a DC jack input and going with a smart USB adapter with PD source control. The FT233HP has more pins than the '232HP and adds a USB Sink PD port as well as 8 more GPIO pins. You can sign up to be notified when the FT233HP (https://www.digikey.com/en/products/detail/ftdi-future-technology-devices-international-ltd/FT232HPQ-REEL/13981010) and FT232HP (https://www.digikey.com/en/products/detail/ftdi-future-technology-devices-international-ltd/FT233HPQ-TRAY/13981013) arrive in stock at Digi-key today. Or, place on backorder now and it will ship in late June! See on Digi-Key at https://www.digikey.com/short/mp80vwdr
Hoy, como siempre, hablamos de muchas cosas. Entre ellas:- JTAG con ESP32- Inteligencia artificial- Arte con redes neuronalesMás información en https://programarfacil.com/podcast/jtag-con-esp32/
En este nuevo capítulo del podcast hablamos de JTAG, de antenas Yagi y de Arduino Day 2021. Más información en https://programarfacil.com/podcast/jtag/
On this episode: Riot retro gaming presents Xbox Jtag emulation: Microsoft's Emulator to Run x86 64-Bit Windows Apps on ARM Devices as preview build 21277. PlayStation emulator running on your Xbox Series X|S, H: Xbox Series S Runs N64 games ... The emulator used for the testing is a Universal Windows Platform (UWP) called Retro Arch, which supports the Xbox Series S|X. On this episode: Our friends from across the pond. Riot Retro Gaming presents Xbox Jtag emulation: Microsoft's Emulator to Run x86 64-Bit Windows Apps on ARM Devices as preview build 21277. PlayStation emulator running on your Xbox Series X|S, H: Xbox Series S Runs N64 games ... running emulators on a Pi, The emulator used for the testing is a Universal Windows Platform (UWP) called Retro Arch, which supports the Xbox Series S|X. Have an emulator experience? Leave a voicemail to 313-MAN-0231.............. ° ͜ʖ ͡°) ◕_◕ ༽ 1980s*‿'*(•_•)じゃ ┌༼ຈل͜ຈ༽┐ ¬^(-¬) and we I'll air it
Convidamos você para participar do próximo Cyber talk, com o tema: “Procedimentos avançados para extração de dados em dispositivos moveis. Aplicação das técnicas de JTAG, ISP e Chip off.” Webinar gratuito, que foi realizado no dia 04 de novembro, às 19:00h. Para esse encontro convidamos o Djalma Barbosa Fonseca, Técnico em eletrônica, certificado pelo Conselho Federal dos Técnicos, CFT-BR, microempresário, atuante como consultor técnico e docente na área de extração de dados avançada em dispositivos móveis por meios das técnicas de JTAG – ISP – Chip off. Contamos também com a presença do Alexandre Medea, profissional de segurança e professor da Ventura Academy. Inscreva-se garanta sua vaga! Aproveite também e conheça nosso catálogo de palestras realizadas no Ventura Academy Cyber Talk: www.ventura.ac
In order to delve as deeply as possible into a mobile device for your forensic investigation, you may need to access the device’s contents on a physical level—creating and sorting through a raw data dump of the smartphone’s NAND or NOR flash memory chips. There are many tools and techniques which allow forensic investigators to obtain this level of access, even if the smartphone is locked.
In the field of mobile-device forensics, the practices of “chip-off” and “JTAG” ... challenge examiners, creating the requirement for alternative means of data recovery. ... Further, considering that commercial tools most often connect to the device. ISP benefits the examiner who faces the challenges of tightening budgets, yet ... And just like with JTAG and Chip-Off, your agency can still use its current line-up of forensic analysis software to recover that 'smoking gun' piece of evidence. --- Send in a voice message: https://anchor.fm/harshitasdforen6show/message
Hackaday editors Elliot Williams and Mike Szczys check out the week's awesome hacks. From the mundane of RC controlled TP to a deep dive into JTAG for Hackers, there's something for everyone. We discuss a great guide on the smelly business of resin printing, and look at the misuse of lithium battery protection circuits. There's a trainable servo, star-tracking space probes, and a deep dive into why bootstrapped ventilator designs are hard Show Notes: https://hackaday.com/?p=407547
This week, Holly Graceful (@HollyGraceful, gracefulsecurity.com) joined us to talk about her recent hardware reverse engineering blog series and her pen(etration) testing and security career in both public and private sectors. She tells us about how she entered the field via the military and some of those differences. We discussed breaking down projects into smaller bites. We talk about why getting access to the JTAG (use it for...) port can be super easy in the consumer product and it may be more calculated than expected. The series ends with some key fob fun. We do a minor round up of software defined radio and the USRP used with gnuradio. We catch up on what Alvaro is doing with his SDRs. Holly is working on more posts so stay follow to be updated with the latest. Links that came up: Pulse view logic analyzer Michael Ossmann (of Great Scott Gadgets) tutorials (one of many) Cheap: Jtag on arduino, Black Magic Probe, CortexProg Expensive: Jtagulator , Segger Jlink Radio posts/tutorial- by Oona Räisänen @Windyoona (Website) Have comments or suggestions for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
This week we talk about the nebulous world of debugging interfaces, some of their history, and how they can be used in reverse engineering. We cover the basics of what are JTAG and SWD ( both ARM Debug Access Port (DAP) and ARM® Debug Interface Architecture Specification) and can they both be used to debug a MIPS processor (the answer is NO!). We list a few other standards but also some key vendors and projects to get you debugging and controlling your next system: Segger J-Link/J-Trace (generally the most flexible) BlackMagicProbe ST-Link BusBlaster JTAGulator Cypress Miniprog3 Microchips supports both AVR and Microchip parts for debug. Since a few of these are from the OSHW/OSSW world, we briefly discuss the impact of this work on driving down costs and opening up the field to more people. As always, we might have missed your favorite tool or you had questions and comments about our list, find us on twitter @unnamed_show, or email us at show@unnamedre.com and tell us. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
This week I interview an industry expert about mobile device JTAG and ISP forensics.
M. Carlton joined us to talk about being part of leading professional reverse engineering team at Senr.io. We discussed her Embedded Systems talk about IoT and in particular Devil’s Ivy (Check out the important ROP video to better understand the key concept ). In this particular case, they found that the M300 camera model using GSOAP (SOAP) parse for buffer overflow. Not only did this issue allow spread quickly as a DOS among the M300 cameras but over 200 other Axis cameras (Hurray for code-reuse) due to using the third party code library. M. uses several tools in her work: IDA Pro Binwalk Nmap Debuggers like gdb Multimeters and oscilloscopes VMWare She had some excellent suggestions for improving the odds of NOT getting hacked: Put a password on any consoles and let it be changeable. Anticipate issues by performing security reviews. Be wary of any third party libraries you use. If there are updates to these libraries, prepare to update quickly. Make sure your systems are field patchable/updateable, securely. Limit surface area. Limit the ability for others to analyze your system by removing/disabling consoles, UARTs, features, and JTAG interfaces. Put more gates/obstacles on how easily any found exploits can be used in the system. Unearth any default credentials used in your system and resolve. In the worse case, plan in advance for a security breach to expedite deployment. Have comments or suggestion names for us? Find us on twitter @unnamed_show, or email us at show@unnamedre.com. Music by TeknoAxe (http://www.youtube.com/user/teknoaxe)
upcoming artist call Joshua Tree Art Gallery (www.joshuatreeartgallery.com) located 61607 29 Palms Hwy Set B, Joshua Tree, CA, this cooperative gallery showcases the work of the artists who live in and/or are inspired by the beauty the High Desert. As MayBe begins, JTAG is reaching out for its June show. Life in the desert… The post 030 CW pt 2 MayBE-Joshua Tree Gallery w/Adam Azeris & Barbara Gothard appeared first on COLLIDING WORLDS PODCAST.
Joshua Tree Art Gallery (www.joshuatreeartgallery.com) located 61607 29 Palms Hwy Set B, Joshua Tree, CA, this cooperative gallery showcases the work of the artists who live in and/or are inspired by the beauty the High Desert. As MayBe begins, JTAG is reaching out for its June show. Life in the desert is never dull! MayBE is the latest… The post 030 CW pt 1 MayBE -Joshua Tree Art Gallery Hiroko Momii & Drew Reese appeared first on COLLIDING WORLDS PODCAST.
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Joe-FitzPatrick-Matt-King-NSA-Playset-JTAG-Implants-UPDATED.pdf Extras Here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Joe-FitzPatrick-Matt-King-Extras.rar NSA Playset: JTAG Implants Joe FitzPatrick SecuringHardware.com Matt King Security Researcher While the NSA ANT team has been busy building the next generation spy toy catalog for the next leak, the NSA Playset team has been busy catching up with more open hardware implementations. GODSURGE is a bit of software that helps to persist malware into a system. It runs on the FLUXBABBIT hardware implant that connects to the depopulated JTAG header of certain models of Dell servers. This talk will introduce SAVIORBURST, our own implementation of a jtag-based malware delivery firmware that will work hand-in-hand with SOLDERPEEK, our custom hardware design for a standalone JTAG attack device. We will demonstrate how to this pair enables the persistent compromise of an implanted system as well as release all the hardware and software necessary to port SAVIORBURST and SOLDERPEEK to your jtag-equipped target of choice. Anyone curious to know more about JTAG, regardless of previous hardware experience, will learn something from this talk. Joe has spent a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He develops and delivers hardware security training at https://SecuringHardware.com, including Software Exploitation via Hardware Exploits and Applied Physical Attacks on x86 Systems. In between, he keeps busy with contributions to the NSA Playset and other misdirected hardware projects. Twitter: @securelyfitz Matt is a hardware designer and security researcher who has over a decade of experience designing, securing and exploiting hardware test and debug features on CPUs and SoCs. When not performing pointless hardware tricks Matt tries to help educate integrated circuit designers on the risks posed by hardware debug capabilities. Twitter: @syncsrc
In this second part of a seminar, Prof Michael J. Pont gives an introduction to the 32-bit MCU world. He talks about timing analysis in RT embedded systems, multi-task TTC scheduler and debugging with JTAG. He also considers two further widely used platforms: the x86 architecture and the field-programmable gate array.
Prof Michael J. Pont gives an introduction to the 32-bit MCU world. He talks about timing analysis in RT embedded systems, multi-task TTC scheduler and debugging with JTAG. He also considers two further widely used platforms: the x86 architecture and the field-programmable gate array.