Speaker Name: Joseph FitzPatrick
Title: Hardware Implants for Flashy Lights and Root Shells
Even though a handful of hardware manufacturers are making some basic efforts to harden devices, there are plenty of cheap and easy ways to subvert hardware. The leaked ANT catalog validated that hardware implants are real and worthwhile, while the projects of the NSA Playset have explored what’s possible in terms of cheap and easy DIY hardware implants.
I’ll present some continued research and show off a handful of simple hardware implants that can use JTAG, DMA, and direct physical access to undermine consumer electronics, IOT, and industrial control devices in ways that are generally undetectable in normal software.
I’ll conclude with several potential design decisions that could reduce vulnerability to implants, protect existing hardware systems from tampering, and increase the cost and complexity of these types of attacks.