[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Needs more hardware hacking dox

Hash: SHA1

On 04/27/2016 03:03 PM, Travis Biehn wrote:
> I'm working on influencing security in embedded, e.g., writing and 
> designing secure systems (comprehensively, starting with arch &
> code.) It's an educational effort with embedded ISVs and OEMs at
> every step, you can presume the market, if they're thinking of
> security at all, is currently buying into 'fire-walling' and
> 'obfuscation' approaches.
> There are some interesting groups like We Are the Cavalry working
> on that as well.
> Some fun uses of Raspberry Pi computers as air-gapped PGP /
> KeyStores and Hardware Tor routers. DIY info-theoretic secure
> communications platforms (opto-isolators and so on.)
> On the topic of HWSec, I'm interested in detecting in-sil
> modification, allowing end-users to simply and easily verify their
> hardware in the same way that the OS community has become entranced
> with 'deterministic verifiable builds'.
> -Travis

I was thinking about step by step walk-throughs on things like:

* Generic and model-specific methods of reversibly (and not) disabling
automotive ECM radio.

* Positively preventing laptop WiFi signals from being broadcast
before the MAC address has been scrambled.

* Disabling built in microphones in computers and other network
capable devices


Most of the necessary info is on the networks, IF one knows the
applicable language and which sources to focus searches on.  Right now
I don't have the time for a new project but it's on my long term to-do
list until or unless somebody else does it.  Field testing - actually
doing the things described - makes a huge usability difference,
especially when writing for end users who do not have a background in
tinkering with electronics.  Things technologists take for granted and
would not mention can pop up as unbeatable obstacles when first timers
are trying to follow "simple" instructions.

A great example:  http://www.turnpoint.net/wireless/cantennahowto.html


Version: GnuPG v1