SlideShare a Scribd company logo

Bigger On The Inside

Download as PPT, PDF
Michael Carson
Michael Carson

Talk for Penn State SRA Club on the challenges of doing security audits on systems including embedded devices in limited time and with a limited budget.

TechnologyBusiness
1 of 13
Bigger on the Inside: The Tardis Effect on the Security of Embedded Systems Image: http://www.flickr.com/photos/bupswee/2738391972/
Problem space ,[object Object],[object Object],[object Object]
What is an embedded system? ,[object Object],[object Object],http://www.flickr.com/photos/squeezyboy/3300595223/
Why are they overlooked? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],http://www.flickr.com/photos/cogdog/3771231430/
Why are they vulnerable? ,[object Object],[object Object],[object Object],[object Object],[object Object]
Who overlooks them? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],http://www.flickr.com/photos/sophos_germany/3321595771/
What happens when they fail? ,[object Object],[object Object],[object Object],[object Object],[object Object],http://www.flickr.com/photos/heinousjay/517339489/
The Xerox Workcentre™ Unintentional Server ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Image: Courtesy of Xerox Corporation.
Shmoocon Talk: Femtocell Fail ,[object Object],[object Object],http://www.flickr.com/photos/yourdon/4254008662/in/photostream/
A Radio, and a Whole Lot More ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Image: http://www.flickr.com/photos/synthesisstudios/414382700/
How can they be addressed? ,[object Object],[object Object],[object Object],[object Object],http://www.flickr.com/photos/tjt195/380173157/
Let’s Review ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],http://www.flickr.com/photos/sheepbackcabin/3219647072/
Wake up! http://www.flickr.com/photos/walkn/3526522573/

Recommended

Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Cheng-Yi Yu
 
Android system security
Android system securityAndroid system security
Android system security
Chong-Kuan Chen
 
Nimrod duck hunter copy
Nimrod duck hunter copyNimrod duck hunter copy
Nimrod duck hunter copy
Nimrod Levy
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks Shop
Jason Smith
 
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
Sam Bowne
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
National Cheng Kung University
 
Android rooting
Android rooting Android rooting
Android rooting
Aditya Engineering college
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
Cheng-Yi Yu
 

Recommended

Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Cheng-Yi Yu
 
Android system security
Android system securityAndroid system security
Android system security
Chong-Kuan Chen
 
Nimrod duck hunter copy
Nimrod duck hunter copyNimrod duck hunter copy
Nimrod duck hunter copy
Nimrod Levy
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks Shop
Jason Smith
 
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
CNIT 128 8. Identifying and Exploiting Android Implementation Issues (Part 1)
Sam Bowne
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
National Cheng Kung University
 
Android rooting
Android rooting Android rooting
Android rooting
Aditya Engineering college
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
Cheng-Yi Yu
 
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
n|u - The Open Security Community
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
Security Weekly
 
Pentesting Android Apps
Pentesting Android AppsPentesting Android Apps
Pentesting Android Apps
Abdelhamid Limami
 
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
guest642391
 
PowerShell: A Language for the Internet of Things #ATLPUG
PowerShell: A Language for the Internet of Things #ATLPUGPowerShell: A Language for the Internet of Things #ATLPUG
PowerShell: A Language for the Internet of Things #ATLPUG
Taylor Riggan
 
2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch
Cheng-Yi Yu
 
Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems
Ollie Whitehouse
 
Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)
Tim Wright
 
Let's Hack a House
Let's Hack a HouseLet's Hack a House
Let's Hack a House
Synack
 
Android Security
Android SecurityAndroid Security
Android Security
Mehrnaz Amoon
 
Status of AEM for Intel and AMD
Status of AEM for Intel and AMDStatus of AEM for Intel and AMD
Status of AEM for Intel and AMD
Piotr Król
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Nicolas Fränkel
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Nicolas Fränkel
 
Resin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT projectResin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT project
AGILE IoT
 
It’s All In The Name - Deral Heiland
It’s All In The Name - Deral HeilandIt’s All In The Name - Deral Heiland
It’s All In The Name - Deral Heiland
EC-Council
 
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
KazHackStan
 
The Infosec Revival
The Infosec RevivalThe Infosec Revival
The Infosec Revival
scriptjunkie
 
Test & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automatedTest & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automated
Zoltan Balazs
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Duo Security
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
Can Your Security
 
The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
The MonmouthpediA Innovation project & its implications for the Welsh Tourism...The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
CommunityMC2. Community Interest Company
 
Pain Management: Lewis Pain
Pain Management: Lewis PainPain Management: Lewis Pain
Pain Management: Lewis Pain
LewisPain
 

More Related Content

What's hot

Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)
Tim Wright
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Nicolas Fränkel
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Nicolas Fränkel
 
It’s All In The Name - Deral Heiland
It’s All In The Name - Deral HeilandIt’s All In The Name - Deral Heiland
It’s All In The Name - Deral Heiland
EC-Council
 
The Infosec Revival
The Infosec RevivalThe Infosec Revival
The Infosec Revival
scriptjunkie
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Duo Security
 

What's hot (20)

Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
 
Pentesting Android Apps
Pentesting Android AppsPentesting Android Apps
Pentesting Android Apps
 
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008Cracking Into Embedded Devices - Hack in The Box Dubai 2008
Cracking Into Embedded Devices - Hack in The Box Dubai 2008
 
PowerShell: A Language for the Internet of Things #ATLPUG
PowerShell: A Language for the Internet of Things #ATLPUGPowerShell: A Language for the Internet of Things #ATLPUG
PowerShell: A Language for the Internet of Things #ATLPUG
 
2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch2015.10.05 Updated > Network Device Development - Part 1: Switch
2015.10.05 Updated > Network Device Development - Part 1: Switch
 
Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems Practical Security Assessments of IoT Devices and Systems
Practical Security Assessments of IoT Devices and Systems
 
Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)Finding the needle in the hardware haystack - HRES (1)
Finding the needle in the hardware haystack - HRES (1)
 
Let's Hack a House
Let's Hack a HouseLet's Hack a House
Let's Hack a House
 
Android Security
Android SecurityAndroid Security
Android Security
 
Status of AEM for Intel and AMD
Status of AEM for Intel and AMDStatus of AEM for Intel and AMD
Status of AEM for Intel and AMD
 
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
Code Europe PL - Securing the JVM: Neither for fun nor for profit, but do you...
 
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
Voxxed Days Athens - Securing the JVM - Neither for fun nor for profit, but d...
 
Resin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT projectResin.io contribution to the AGILE-IoT project
Resin.io contribution to the AGILE-IoT project
 
It’s All In The Name - Deral Heiland
It’s All In The Name - Deral HeilandIt’s All In The Name - Deral Heiland
It’s All In The Name - Deral Heiland
 
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
Артём Синицын, Microsoft. Падение Олимпа: как защитить ваш домен Active Direc...
 
The Infosec Revival
The Infosec RevivalThe Infosec Revival
The Infosec Revival
 
Test & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automatedTest & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automated
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
 

Viewers also liked

Northumbria_BA1_SarahCharlton
Northumbria_BA1_SarahCharltonNorthumbria_BA1_SarahCharlton
Northumbria_BA1_SarahCharlton
SarahC95
 
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
Ian Lurie
 
Design in Transit: Moving Forward
Design in Transit: Moving ForwardDesign in Transit: Moving Forward
Design in Transit: Moving Forward
Spring Studio
 
back yard farming
back yard farmingback yard farming
back yard farming
Alok Sharan
 
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələriKompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
mimio_azerbaijan
 

Viewers also liked (20)

The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
The MonmouthpediA Innovation project & its implications for the Welsh Tourism...The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
The MonmouthpediA Innovation project & its implications for the Welsh Tourism...
 
Pain Management: Lewis Pain
Pain Management: Lewis PainPain Management: Lewis Pain
Pain Management: Lewis Pain
 
Мониторинг приложений ASP.NET на основе сервиса Application Insights
Мониторинг приложений ASP.NET на основе сервиса Application InsightsМониторинг приложений ASP.NET на основе сервиса Application Insights
Мониторинг приложений ASP.NET на основе сервиса Application Insights
 
Northumbria_BA1_SarahCharlton
Northumbria_BA1_SarahCharltonNorthumbria_BA1_SarahCharlton
Northumbria_BA1_SarahCharlton
 
Great Idea
Great IdeaGreat Idea
Great Idea
 
Mercer Island Relational Aggression Presentation
Mercer Island Relational Aggression PresentationMercer Island Relational Aggression Presentation
Mercer Island Relational Aggression Presentation
 
1960's horror
1960's horror1960's horror
1960's horror
 
A Godless Generation
A Godless Generation A Godless Generation
A Godless Generation
 
Culture
CultureCulture
Culture
 
METAL
METALMETAL
METAL
 
Spoken language quiz
Spoken language quizSpoken language quiz
Spoken language quiz
 
My Awesome Resume
My Awesome ResumeMy Awesome Resume
My Awesome Resume
 
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
Cut the Crap: Why Marketing Hasn't Changed And You Should Stop Chasing Shiny ...
 
Filos
FilosFilos
Filos
 
Establishing a climate smart agricultural world
Establishing a climate smart agricultural worldEstablishing a climate smart agricultural world
Establishing a climate smart agricultural world
 
Turn Your Designers Into Death Stars with Angular
Turn Your Designers Into Death Stars with AngularTurn Your Designers Into Death Stars with Angular
Turn Your Designers Into Death Stars with Angular
 
Unblocking the brain so you can think creatively
Unblocking the brain so you can think creativelyUnblocking the brain so you can think creatively
Unblocking the brain so you can think creatively
 
Design in Transit: Moving Forward
Design in Transit: Moving ForwardDesign in Transit: Moving Forward
Design in Transit: Moving Forward
 
back yard farming
back yard farmingback yard farming
back yard farming
 
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələriKompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
Kompyuterlə ilkin tanışlıq. Kompyuterin tərkib hissələri
 

Similar to Bigger On The Inside

EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
MichaelM85042
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)
Sri Prasanna
 
The Internet of Insecure Things: 10 Most Wanted List
The Internet of Insecure Things: 10 Most Wanted ListThe Internet of Insecure Things: 10 Most Wanted List
The Internet of Insecure Things: 10 Most Wanted List
Security Weekly
 
Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09
Angelill0
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
 
UEFI Firmware Rootkits: Myths and Reality
UEFI Firmware Rootkits: Myths and RealityUEFI Firmware Rootkits: Myths and Reality
UEFI Firmware Rootkits: Myths and Reality
Sally Feller
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
SecuRing
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
centralohioissa
 
20+ ways to bypass your mac os privacy mechanisms
20+ ways to bypass your mac os privacy mechanisms20+ ways to bypass your mac os privacy mechanisms
20+ ways to bypass your mac os privacy mechanisms
Csaba Fitzl
 

Similar to Bigger On The Inside (20)

iThome CyberSec2021 Container Security
iThome CyberSec2021 Container SecurityiThome CyberSec2021 Container Security
iThome CyberSec2021 Container Security
 
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
CarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and NowCarolinaCon 2008 Rootkits Then and Now
CarolinaCon 2008 Rootkits Then and Now
 
EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22EMBA - From Firmware to Exploit - BHEU22
EMBA - From Firmware to Exploit - BHEU22
 
The Internet of Insecure Things: 10 Most Wanted List
The Internet of Insecure Things: 10 Most Wanted ListThe Internet of Insecure Things: 10 Most Wanted List
The Internet of Insecure Things: 10 Most Wanted List
 
DEFCON 23 - jeremy dorrough - usb attack to decrypt wifi communicationsn
DEFCON 23 - jeremy dorrough - usb attack to decrypt wifi communicationsnDEFCON 23 - jeremy dorrough - usb attack to decrypt wifi communicationsn
DEFCON 23 - jeremy dorrough - usb attack to decrypt wifi communicationsn
 
Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09Rootkit&honeypot aalonso-dcu-dec09
Rootkit&honeypot aalonso-dcu-dec09
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
 
UEFI Firmware Rootkits: Myths and Reality
UEFI Firmware Rootkits: Myths and RealityUEFI Firmware Rootkits: Myths and Reality
UEFI Firmware Rootkits: Myths and Reality
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
 
News Bytes - May 2015
News Bytes - May 2015News Bytes - May 2015
News Bytes - May 2015
 
20+ ways to bypass your mac os privacy mechanisms
20+ ways to bypass your mac os privacy mechanisms20+ ways to bypass your mac os privacy mechanisms
20+ ways to bypass your mac os privacy mechanisms
 
Iot through hardware
Iot through hardwareIot through hardware
Iot through hardware
 
EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 

Bigger On The Inside

Editor's Notes

  1. Like probably everyone else in the room, I asked Google…which told me I should have started with Wikipedia. Note what is doesn’t say: nowhere does it say an embedded system can’t use general purpose software and hardware components, only that it isn’t designed to.
  2. Laziness The quality that makes you go to great effort to reduce overall energy expenditure. It makes you write labor-saving programs that other people will find useful, and document what you wrote so you don't have to answer so many questions about it. Impatience:This makes you write programs that don't just react to your needs, but actually anticipate them. Hubris: Also the quality that makes you write (and maintain) programs that other people won't want to say bad things about. Common software components mean that existing techniques will work, albeit with custom payloads. People securing servers have pretty much gotten it. Hopefully your programming classes are showing it to you. If not, please ask your professors to stop hurting the world. The designers of small, limited function devices? Not so much.