Browsing All Posts filed under »phones«

Why Writing Firmware Is Kinda Like Software Exploitation

March 22, 2014 by

9

We’ve been away too long. We’re slacking…well not really. (Lawler did an excellent post recently on Power Analysis attacks , but we’re still slowly catching up on the blog…) We’ve just been busy… we’ve been doing quite a bit of embedded reverse engineering and vulnerability research consultation recently (in addition to your normal infosec stuff). […]

A new Course: “Software Exploitation via Hardware Exploitation”

January 31, 2014 by

9

For the last couple of years we’ve been teaching Practical ARM Exploitation. It’s sold out at every public offering (CanSecWest 2012 and BlackHat 2012 & 2013) and we’ve been fortunate enough to give it privately to a number of really amazing organizations. In 2011 we did a talk entitled “Hardware Hacking For Software People” at […]

The USB Condom

September 12, 2013 by

0

So a while back, @drakkhen and I were chatting and he suggested a simple device that would let him “airgap” his mobile devices from his computer but still use them for power. Like a “Charge-Only” USB cable but in an “adapter” form that you could use on normal USB Cables (the only previous alternative was […]

Teaming Up With Trail of Bits

August 8, 2012 by

0

Following our Blackhat 2012 training and talk we received a bunch of emails, tweets, and IMs  asking one thing: “When are you going to offer this to the public again? I couldn’t make it to the BlackHat course.” With the exception of CanSecWest and BlackHat we’ve mostly been giving this (and customized versions of similar […]

Beans on NPR

July 28, 2012 by

0

Following our talk at Blackhat 2012 entitled “Practical ARM Exploitation”, we were honored to be asked to participate in a BlackHat press conference. After getting briefed by the Media Coordinator and Vincenzo Iozzo  we summarized our talk and training in the simplest of terms to a room of reporters and journalists. After the press conference […]

A Lackluster ‘Hack Cluster’: ARM Exploitation Lab Preview

March 1, 2012 by

2

As we have announced in other blogposts we’ve been researching mobile platforms quite a bit (specifically those that use the ARM microprocessor). We compiled all of our notes on ARM reverse engineering and ARM exploitation and built a course called “Practical ARM Exploitation” that we will be publicly debuting this coming week at CanSecWest.  The […]

Android Scripting Layer (Encrypted SMS communication)

September 15, 2010 by

4

Recently I (Stephen A. Ridley) have been doing quite a bit more security research on embedded systems and mobile platforms like phones. This naturally means more development in these areas. A while back I ran into SL4A or Scripting Layer for Android which was (at the time) called ASE  or Android Scripting Environment. (Apparently they […]