image image
Dr. Ang Cui at Hardwear USA 2023

Dr. Ang Cui

Cryo-Mechanical RAM Content Extraction: A DIY Cold Boot Robot for A Thousand Bucks

Talk Title:

Cryo-Mechanical RAM Content Extraction: A DIY Cold Boot Robot for A Thousand Bucks


Embedded hardware is getting harder and harder to reverse. Leading manufacturers are getting better at disabling JTAG and UART. BGA chips, integrated packages, and encrypted firmware (both in updates and at rest) are making it harder to peek under the hood and see how these systems are built. Reverse engineering cannot begin without decrypted firmware.

This talk presents a Cryo-Mechanical RAM Content Extraction Robot we built to grab decrypted RAM contents off of DDR1|2|3 memory modules. It will talk through the challenges faced building the robot, as well as how we designed and built a robot that keeps RAM cool at -50 Celcius without breaking PCBs, shorting the board, or risking bodily harm. Finally, it will discuss the practical nuts and bolts of building such a robot within a thousand-dollar hardware budget.

Speaker Bio:

Dr. Ang Cui is the Founder and Chief Scientist of Red Balloon Security, a leading cybersecurity provider and research firm that specializes in the protection of embedded devices across all industries. Ang received his PhD in Computer Science from Columbia University in 2015 and was part of the Intrusion Detection Systems Lab. His doctoral dissertation, titled “Embedded System Security: A Software-based Approach”, focused exclusively on scientific inquiries concerning the exploitation and defense of embedded systems. Ang is the creator of Firmware Reverse Analysis Konsole (FRAK) and the inventor of Software Symbiote technology, both of which enable pioneering firmware analysis and defense for embedded devices. Since founding Red Balloon Security, backed by Bain Capital Ventures, Ang continues to research and develop new technologies to defend embedded systems against exploitation. He has led development of a portfolio of embedded security solutions to harden device firmware and provide continuous runtime protection and monitoring of device firmware. Over the course of his research, he has uncovered numerous, critical vulnerabilities within ubiquitous embedded devices such as Cisco routers, HP printers, and Cisco IP phones as well as led research efforts uncovering vulnerabilities on aerospace infrastructure, building automation systems, electrical grid devices, telecommunications equipment, and ATMs. Ang has received various awards on his work on reverse engineering commercial devices and is also the recipient of the Symantec Graduate Fellowship and selected as a DARPA Riser in 2015. Ang is passionate about creating a team of outstanding researchers, engineers, and executives whose best ideas are enabled by innovation, creativity, and autonomy to solve the most pressing challenges. According to Wikipedia, Dr. Cui is the Duke of Space!