ARM Exploitation Tokyo: Hacking in the Land of the Rising Sun

Posted on February 3, 2013 by


In mid 2012 we received an email from several folks in Japan asking us if we intended to bring our “ARM Exploitation” course from Blackhat Las Vegas 2012 to Asia. We had originally planned to do our class elsewhere in Asia but our work schedules conflicted pretty dramatically and we were unable to make it happen. But Japan in the New Year seemed a bit more reasonable.

The kind folks at Trail Of Bits have helped us successfully plan and execute some great trainings in the past, so we reached out to them to help us plan this one, and luckily they agreed.

Both Stephen Lawler and myself took several years of Japanese in high-school/college. It was one of the first nerdly things we agreed upon when we first started working together in 2004. (…well that and how good  Yoko Kanno soundtracks made for  coding and reversing 😉

I (Stephen Ridley) had spent quite a bit of time in Japan, the longest stints (in my mid-twenties) were spent trying to find work there so I could stay there longer, maybe even live there. It never happened, and that cyberpunk

Akihabara crosswalk...

Akihabara crosswalk…

dream has long since dried up…but it was still pretty cool to be offered the opportunity to teach our course in Tokyo.

If I’d told my twenty year old self that in ten years he’d be doing his own startup and teaching a course on exploiting software on mobile devices in Tokyo for a few weeks, my twenty year-old self would’ve been so excited he’d have to change his pants…but alas, reality can be a lot more underwhelming than fantasy.

Nonetheless, Lawler agreed that the Tokyo opportunity was still pretty cool, and so we accepted.  The administrivia took a few months to work out but with the help of  the folks at Trail Of Bits it was smooth sailing.

Lawler and I boarded a flight in early January…and sat through the grueling 14+ hour flight to Tokyo, the backdrop to many a cyberpunk fiction, movies, and wet dreams.

Lawler is big in Japan.

Lawler is big in Japan.

Our hotel was the Remm hotel and was in the heart of Akihabara: Electric Town, the geek Mecca of the 90’s. (I’d spent my twenties reading stuff like Justin’s, Joi Ito‘s blog, expat forums, and expat blogs like NeoMarxIsme. So I’d read about all kinds of wacky things happening in Tokyo, specifically Akihabara.) Akihabara is a geek right of passage: How could it not be with Linux theme’d cafes, a Gundam Restaurant, numerous 5+ story arcades that serve alcohol and allow smoking, back-alley electronics components dealers , and manga kissaten (my personal favorite).  When we checked into our hotel we were even greeted by a robot.

The course was taught just a few stops away on the famous Yamanote line or Tozai subway lines so it was very easy to get to. The course went great. The material was very well received by our client and their clients. They were extremely hospitable and very cool people. There were even some familiar faces (from SecuInside Korea 2012) in our class!

But the cool stuff didn’t start until Lawler and I were done teaching the course and able to explore the city together. We saw all kinds of landmarks and shrines. Visited the old parts of town. Went to a few hole-in-the-wall places I’d found on past trips. Explored megastores with entire departments devoted to Anime robot miniatures. And even discovered awesome new nondescript hole-in-the-wall bars and restaurants COMPLETELY by accident.

This slideshow requires JavaScript.

We “reverse engineered” our way through the electronic ordering system at one bar.

Had the best beef (Wagyu beef and real Kobe beef) of our life at a restaurant we randomly picked from the street.

Drank a buncha beer at the Gundam Cafe.

Tried “curry donuts”.

Met some local celebrities.

Snuck our cameras into the oldest Coffin Hotel in Tokyo..

Lawler rode the Shinkansen bullet train one day while I worked.

Manga Kissaten or "Manga Hotel".

Manga Kissaten or “Manga Hotel”.

I even got a chance to show Manga Kissa or Manga Libraries (one of my personal favorite things about Tokyo) to Lawler. Manga Kissa are cybercafe’s done right. They can be found everywhere throughout the city. You pay an entry fee, and then a per-hour fee  that gets you access to a small cubicle that can seat one or two people on chairs, recliners, or tatami mats. You get free internet access, one or two computers fully loaded with all the common games. Some gaming consoles, a TV with satellite/cable. A printer and air purifier. All you can drink fountain drinks, or soft-serve ice-cream, cheap snacks, and even a phone so that you can order food from a little Japanese girl that will quietly shuffle it to you.

But  you have to be extremely quiet in these places. They are after all “libraries”. They have virtually any Manga/comic book you can think of including the gross ones. They are meant to be comfy little quiet “living rooms” away from home.  And they are comfy. Many people take a break from work to nap in a quiet booth at Manga Kissa, or use them to kill a few hours when they don’t want to commute all the way out to their home in the Tokyo suburbs. For this reason they are also perfect for tourists that want a bit of downtime during a day of sight seeing. They’ve also given rise to a social phenomenon called “Net Cafe Refugees” that are probably a sub-phylum of “Parasite Single” or “Hikkikomori” social phenomenons in Japan.

I really like working from them instead of my hotel…and I did for several days 😉

All in all, Tokyo was awesome. It was great to be able to travel there with Lawler and cap off a nearly 10 year working relationship that started with trading Yoko Kanno, Yngwie Malmsteen, and Opeth mp3s on our office music file share (all decidedly Japan-ish videogame/anime music).

…oh and Lawler never got to try Bukkake Udon…or as we now call it: Bukakheap Udon. 😉

As usual there is a fully captioned photojournal of our trip to Tokyo here.