July 20–24, 2015
Portland, OR

Hardware hacking 101: There is plenty of room at the bottom

Federico Lucifredi (Red Hat)
11:30am–12:10pm Wednesday, 07/22/2015
Protect Portland 255
Average rating: ****.
(4.00, 12 ratings)

Prerequisite Knowledge

Intermediate system skills (particularly Perl and Shell) recommended to follow along the live demo, along with a vivid curiosity and the desire to have fun!

Description

This is a live demonstration of hacking into the processor embedded in an SD card, effectively turning the device into a potentially covert Raspberry Pi-class computer under your complete control. The ARM926EJ-S ARM processor made its appearance as the embedded CPU in Transcend’s WiFi-enabled SD cards, clocking in at an impressive 426 BogoMips – we can’t possibly leave that territory unexplored, can we?

In this session we root the card’s own CPU, install a more featureful OS, and explore the system’s common and unusual capabilities (in hardware AES encryption and native support for Java bytecode among them). These provide plenty of building blocks for our projects.

I will review the hardware, its capabilities, how to breach its security, and how to enable it with top-class network configuration at boot-up, on nearly any network. I will then show how to build and install additional software and customize the device, using shell script and Perl, for workloads that fit its minute size and low power requirements.

Clearly, complete control of such a hidden computer running with full network connectivity can be used in network penetration scenarios. We’ll discuss applicable security threat countermeasures.

We close the session with a review of similar exploits against hard drive controllers. There is plenty of room at the bottom, and opening these computer-within-the computer configurations create interesting miniaturized automation scenarios alongside the obvious, more ominous security aspects.

Use your newfound knowledge for good, with great power comes great responsibility!

Photo of Federico Lucifredi

Federico Lucifredi

Red Hat

Federico Lucifredi is the maintainer of the man suite, the primary documentation-delivery tool under Linux. He is a graduate of Boston College and Harvard University, and is the Ubuntu server product manager at Canonical. As a software engineer-turned-manager at the Novell corporation, Federico was part of the SUSE Linux team for five years, overseeing the update stack of a $150 million maintenance business. Previously, Federico was a CIO and a network software architect at technology and embedded Linux startups. He spent two years teaching in Boston University’s graduate and undergraduate programs, while simultaneously consulting for MIT. He is a frequent speaker at user group and conference events, notably the Linux Foundation’s LinuxCon, LinuxWorld, the O’Reilly Open Source Convention, and the IMPlanet conferences, where he was a panelist representing the Jabber community. Federico is a recognized expert in computing performance issues, and consults pro-bono with Standard and Poor’s clients interested in free/open source software technical and strategic issues. He participated in the GPL v3 drafting process in the large-corporation panel.