470: Upping the Chaos Level

Helen Leigh joined us to talk about putting together conferences (including Teardown 2024), indie hardware producers (including via Crowd Supply), and building communities.

Teardown will be June 21-23 in Portland, OR, USA. More information about attending or presenting. Early bird tickets are available for a limited time! Teardown is put on by Crowd Supply, a company that helps hardware companies launch products.

Hardware Happy Hour Portland is a regular meetup that Helen organizes. Helen will be hosting a meetup in Oakland, CA, USA on Feb 15: Oakland Sound Hackers. She is also hosting a San Francisco, CA meetup on March 6: Open Hardware Happy Hour

We mentioned Alvaro Prieto's USB-or-Me cable tester, for more information this hackster.io article has the deets.

Helen’s personal site is helenleigh.me. She has been on the show twice before in 355: Favorite Ways to Make Noises and 261: Blowing Their Fragile Little Minds.

Transcript

Memfault is making software the most reliable part of the IoT with its device reliability platform that enables teams to be more proactive with remote debugging, monitoring and OTA update capabilities. Try Memfault's new sandbox demo at demo.memfault.com. Embedded.fm listeners receive 25% off their first-year contract with Memfault by booking a demo here: https://go.memfault.com/demo-request-embedded

431: Becoming More of a Smurf

Jasper van Woudenberg spoke with us about hacking hardware, writing a technical book, and ethics.

The Hardware Hacking Handbook was written by Jasper and Colin O’Flynn (ChipWhisperer and episode 286: Twenty Cans of Gas). The site related to the book is hardwarehacking.io, you don’t need the book to play with some of the examples.

Jasper (@jzvw) is also the CTO of Riscure North America, a company that specializes in hardware security. They are hiring.  

Transcript

259: Calculators Changed My Life

Brandon Wilson (@brandonlwilson) shared his stories about hacking TI calculators (and other things).

TICalc.org has the latest on getting started yourself including Z80 assemblers, or start on Brandon’s website: brandonw.net

Bradon will be speaking at Hardwear.io, a security conference for the hardware and security community. The conference consists of training (11th - 12th Sept 2018) and conference (13th - 14th Sept 2018). It is in The Hague, Netherlands. His talk is The Race to Secure Texas Instruments Graphing Calculators. He will also be hosting a village called Dumping the ROM of the Most Secure Sega Genesis Game Ever Created.

Topics:

00:00:00    Introduction    
00:00:33    Brandon Wilson    
00:01:39    Lightning Round    
00:02:37    Calculators!    
00:03:58    Programmable calculators, using TI BASIC    
00:05:00    Ti-85, programmable via assembly language    
00:06:35    App store for my calculator?    
00:07:34    How does TI prevent cheating?    
00:09:41    Testguard for teachers    
00:12:53    Some are WiFi capable    
00:13:41    How Brandon learned to hack the TI
00:15:12    Processors used in the TI calcs
00:16:39    What tools are available for reverse engineering?
00:17:42    Breaking the keys    
00:18:49    Flash unlock protection    
00:20:14    TI hacker  community    
00:21:32    TI used 512-bit RSA keys     
00:22:32    Key broken after 2 months of brute force
00:22:58    TI threatened the first key breaker    
00:23:31    Built a distributed community to attack keys
00:24:38    TI was not happy     
00:25:03    DMCA takedown notice
00:27:28    EFF offered to help     
00:29:30    The ethics of circumventing TIs protection    
00:33:23    Calculators as a platform for learning HW/FW    
00:35:11    Hackers' responsibility toward the hacked    
00:39:05    Hacks Brandon is uncomfortable with    
00:42:55    Bug bounties, are they effective?    
00:44:02    Brandon's other projects     
00:44:26    TI calculator processors used all over    
00:44:50    Sega Genesis
00:47:54    Code execution via the Sega Genesis CD    
00:53:35    Calculators changed my life (back up)    
00:54:21    Other projects, USB     
00:55:31    Abuse the USB protocol    
00:58:24    Modifying USB flash drive FW    
01:03:21    Reverse engineering tools    
01:06:13    Hardwear.io conference, Brandon's hacking village    
01:09:22    Brandon's Final Thought    
01:10:19    Outro    
01:11:20    Final Quote

 

 

149: Flamethrowers Aside

Craig Smith (@OpenGarages) spoke with us about hacking the software in cars. 

His book is the Car Hackers Handbook. There is a 40% off coupon toward the end of the show.

OpenGarages is Craig's site to improve and encourage hacking. Some tools he recommends for getting started are USB2CAN and CANTact.

An older (shorter) version of the handbook is on OpenGarages.

I Am The Cavalry (iamthecavalry.org) is an excellent site for learning more about security. CERT.org is also good.

Theia Labs is Craig's company.