Lady bird
Joseph FitzPatrick profile image

Joseph FitzPatrick

Instructor and Researcher at

Talk Title

Hardware Root of Mistrust

Talk Abstract

Maybe software hardening has been wildly successful or just deemed a lost cause, because adoption of hardware-based security devices has picked up in recent years, securing everything from FDE keys to code commits to social networking and video games.While we've isolated these 'trusted' hardware components so that they might be more secure and reliable, I'll present several scenarios where we can easily MITM, modify, or counterfeit trusted hardware, undermining the intended security assumptions made by their designers and users. I'll cover technical details about our modifications and counterfeit designs, and explore a few attack scenarios for each. I'll wrap up with some details about how this should influence our threat modeling when it comes to hardware devices.

Speaker Bio

Joseph is an Instructor and Researcher at Joe has spent over a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He has spend the past 5 years developing and leading hardware security related training, instructing hundreds of security researchers, pen testers, hardware validators worldwide. When not teaching Applied Physical Attacks on x86 Systems, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.