The Amp Hour Electronics Podcast

#698 – Hardware Security with Matt Brown

Listen Later

Welcome Matt Brown of Brown Fine Security!

  • Matt has been reverse engineering a “smart” smoker controller that talks back to AWS IOT
  • Jeff Geerling talking about his dishwasher
  • Storing private keys on the device??
  • Threat models
  • Key rotation
  • What is the best case scenario for an IoT device?
  • Secure boot / trust zone
  • Keys encrypt flash storage
  • Chris has designed in the ATECC608 before
  • Replacing Certificate Authority (CA) cert in grill firmware
  • Matt has a Linux hardware / reverse engineering background
  • Flash is always external
  • Ghidra / idapro / binwalk
  • Security cameras are 99% linux based (battery based cameras might be embedded)
  • Best practices
  • Encrypted firmware
  • hidden uart / jtag
  • Keys
  • Are linux devices “worth more” to a security researcher?
  • CVSS risk scoring system
  • Attack vector
  • Vulnerabilities are better if it can be a remote executed
  • Linux devices have more compute
  • Bluetoothe LE
  • Ability to enumerate
  • Scale reverse engineering
  • Chris has discussed the silliness of a bluetooth toothbrush on the show before
  • Tools / Software of the trade
    • xgeku firmware reader
    • picoemp
    • PCBite
    • Saleae
    • SDR USRP B200
    • Universal radio hacker
    • Stick-to-it-ness
    • Matt just came back from hardwear.io, one of his new favorite conferences
    • Find Matt at the embedded systems village at DEF CON
    • Follow Matt via his YouTube channel
    • Matt has a new IoT Security newsletter starting up
      • ...more
      View all episodesView all episodes
      Download on the App Store
      The Amp Hour Electronics PodcastBy The Amp Hour (Chris Gammell and David L Jones)
      • 4.9
      • 4.9
      • 4.9
      • 4.9
      • 4.9

      4.9

      225 ratings

      More shows like The Amp Hour Electronics Podcast

      View all
      Security Now (Audio) by TWiT

      Security Now (Audio)

      1,983 Listeners

      Embedded by Logical Elegance

      Embedded

      188 Listeners

      LINUX Unplugged by Jupiter Broadcasting

      LINUX Unplugged

      265 Listeners

      Talk Python To Me by Michael Kennedy

      Talk Python To Me

      590 Listeners

      Hacked by Hacked

      Hacked

      183 Listeners

      Circuit Break - A MacroFab Podcast by MacroFab, Inc.

      Circuit Break - A MacroFab Podcast

      38 Listeners

      Python Bytes by Michael Kennedy and Brian Okken

      Python Bytes

      215 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,913 Listeners

      Ham Radio Workbench Podcast by Ham Radio Workbench

      Ham Radio Workbench Podcast

      198 Listeners

      CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

      CoRecursive: Coding Stories

      189 Listeners

      Hackaday Podcast by Hackaday

      Hackaday Podcast

      64 Listeners

      Self-Hosted by Jupiter Broadcasting

      Self-Hosted

      135 Listeners

      A Problem Squared by Matt Parker, Bec Hill

      A Problem Squared

      229 Listeners

      The Real Python Podcast by Real Python

      The Real Python Podcast

      139 Listeners

      Oxide and Friends by Oxide Computer Company

      Oxide and Friends

      47 Listeners