Five years ago while I still worked on pre- and post-silicon penetration testing of CPUs, I began teaching internal courses on hardware security to functional validators. That was when I first realized the incredible leverage that was possible with effective training - and also the dearth of information on hardware security practices in the industry.
Since then, I began SecuringHardware.com, and have had the opportunity to speak and train publicly and privately around the world. Publishing independent research teaching short workshops at conferences has allowed me to build the business almost entirely by word of mouth, minimizing my adherence to the typical business status quo.
As course offerings and audience grow, it seems like now is the right time to begin a quarterly update. I hope to include recap of recently presented research, course updates, and upcoming public classes. As always, feel free to get in touch with me directly for more information.
Trainer and Researcher, SecuringHardware.com
Introductory Physical Attacks on Embedded Systems, OWASP Portland training day, November 1 in Portland, OR:
This low-cost half-day workshop will be held in conjunction with 3 other OWASP trainings. Registration will be live shortly.
|Lockscreen bypass using SLOTSCREAMER - one of the tools used in Applied Physical Attacks on x86 Systems|
Viceland’s CyberWar: Episode 8 in the series featured several contributors to the NSA Playset briefly showing off tools that mimic capabilities from the leaked ANT catalog. We like to think they were referring to us when they titled the episode “America’s Elite Hacking Force”.
Black Hat: With the addition of a few new labs, Applied Physical Attacks on x86 Systems barely fit into a sold-out 4-day training. At the conference, Joe presented “The Tao of Hardware, the Te of Implants”. Slides and Whitepaper are online.
Defcon: A dry-run of Physical Attacks on Embedded Systems debuted as a free half-day workshop introducing the basics of embedded hardware hacking to 52 attendees. Joe joined a panel on counterfeiting Defcon Black Badges, and co-presented years of unintentional research in 101 Ways to Brick your Hardware along with Joe Grand. Joe also worked with Poitr of 1BitSquared to deliver Hands on JTAG for Fun and Root Shells in the Hardware Hacking Village.
44Con: September’s European tour kicked off with the first full offering of Applied Physical Attacks on Embedded Systems in London as part of 44CON’s training. This was the first run of this class, completely rebuilt from scratch, taking into account 4 years of research and experience training on these topics.
Hardware.io: All of that training equipment hopped across the channel for Applied Physical Attacks on x86 Systems in The Hague. Joe had a tough job following Sergey Bratus’s excellent keynote, but presented demos and discussion of his hardware implants.
Plans for 2017
Training Content: 2017’s primary objective will be to expand existing classes. New labs targeting physical attacks on DRAM should be ready as well as additional attacks on ARM android tablets will be included midyear, and a few additional CTF-style exercises will be added throughout both classes.
Public Classes: The next newsletter should contain info about 2017 public offerings, which will most likely include CanSecWest and Black Hat. A few spring courses in Europe are also a possibility.
New Research: Current projects in development for next year include tools for dirt-cheap mass surveillance and new ways of physical memory acquisition.
New Courses: Long in waiting, 2017 may finally be the year for Physical Attacks and Silicon Defense. This 4-day hands-on workshop will walk through the entire process of pre and post silicon security validation for an SOC.