A Measured Response to a Grain of Rice

Channel:
United States All Hacking Cons
Subscribers:
6,150
Published on ● Video Link: https://www.youtube.com/watch?v=fs4I-WZgz7s


Category:
Guide
Duration: 50:40
4 views
0

Over time, our hardware has become smaller, faster, cheaper - and also incredibly more complicated. Just like with software, this complexity brings with it both increased attack surfaces and a more difficult detection problem.Unfortunately right now, when it comes to hardware attacks, the discourse is focused on sensationalism. We've got reports of devices few people have heard of, doing things few people realize is possible, perhaps happening on a scale fewer people understand. When it comes to hardware details, they're incomprehensible to laypeople, as well as to most software security experts.I'll start with a background on real examples of what we'd call 'hardware implants' to set the context and understand the scenarios where hardware implants make sense. We'll examine a few recent cases of claimed hardware implants to understand how we can classify them in terms of complexity and risk. With that information, we can then make rational decisions on where these and other hardware threats fit in your threat model.With these examples in hand, you will better understand when it make sense to respond to hardware threats, as well as how to prioritize your response to best reduce your overall risk.
Presenters:
Joe FitzPatrick / @securelyfitz - Trainer and Researcher, SecuringHardware.com   as Joe FitzPatrick
Joe (@securelyfitz) is a Trainer and Researcher at https://SecuringHardware.com (@securinghw). Joe has spent over a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He has spent the past 5 years developing and leading hardware security related training, instructing hundreds of security researchers, pen testers, hardware validators worldwide. When not teaching Applied Physical Attacks training, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.

Black Hat - Europe - 2018
Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2021-12-21The Undeniable Truth
2021-12-21Keeping Secrets Emerging Practice in Database Encryption
2021-12-21Cutting Edge Microsoft Browser Security From People Who Owned It
2021-12-21Thermanator and the Thermal Residue Attack
2021-12-21SDL at Scale Growing Security Champions
2021-12-21Level Up Your Security Mindset
2021-12-21Under the SEA A Look at the Syrian Electronic Army's Mobile Tooling
2021-12-21Decisions and Revisions The Ever Evolving Face of the Black Hat NOC
2021-12-21Video Killed the Text Star OSINT Approach
2021-12-21Deep Impact Recognizing Unknown Malicious Activities from Zero Knowledge
2021-12-21A Measured Response to a Grain of Rice
2021-12-21Secure Boot Under Attack Simulation to Enhance Fault Attacks & Defenses
2021-12-21When Everyone's Dog is Named Fluffy Black Hat - Europe - 2018
2021-12-21DeepPhish Simulating Malicious AI Black Hat - Europe - 2018
2021-12-21Locknote Conclusions and Key Takeaways from Black Hat Europe 2018
2021-12-21When Machines Can't Talk Black Hat - Europe - 2018
2021-12-21Divide et Impera MemoryRanger Runs Drivers in Isolated Kernel Spaces
2021-12-21AI Gone Rogue Exterminating Deep Fakes Before They Cause Menace
2021-12-21Where 2 Worlds Collide Bringing Mimikatz et al to UNIX
2021-12-21Malware Buried Deep Down the SPI Flash Sednit's First UEFI Rootkit Found in the Wild
2021-12-21Attacking and Defending Blockchains From Horror Stories to Secure Wallets


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
password
code
web
concept
thief
protection
network
scam
fraud
malware
secure
identity
criminal
phishing
software
access
safety
theft
system
firewall
communication
business
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering