1 00:00:00,120 --> 00:00:03,889 ROB BATHURST: So thank you all for coming and continuing to come and to sit there and 2 00:00:03,889 --> 00:00:08,630 be lazy, I don't know what's going on. So welcome to breaking your expensive crap 3 00:00:08,630 --> 00:00:13,769 or the actual name we submitted as "Doing bad things to good security appliances." 4 00:00:13,769 --> 00:00:20,620 This is going to be kind of a primer quasi not really primer on hardware hacking as we 5 00:00:20,620 --> 00:00:24,260 see it in dealing with security appliances of all types. 6 00:00:24,260 --> 00:00:29,360 Am I echoing really bad or is it just me? AUDIENCE: It's just you. 7 00:00:29,360 --> 00:00:34,390 ROB BATHURST: Figured. So dispense with the pleasantries. Here. Phork, 8 00:00:34,390 --> 00:00:37,579 if you'd like to take about five seconds and introduce yourself. 9 00:00:37,579 --> 00:00:41,539 MARK CAREY: I've been breaking stuff since I was 6 years old. 10 00:00:41,539 --> 00:00:44,999 AUDIENCE: Speak up. MARK CAREY: I've been breaking things since 11 00:00:44,999 --> 00:00:49,480 I was about six years olf, to include things like my dad's radio, the TV, all sort of other 12 00:00:49,480 --> 00:00:53,000 stuff, taking things apart. ROB BATHURST: Women's hearts? 13 00:00:53,000 --> 00:00:58,719 MARK CAREY: Generally, no. Taking software apart as well. I've been a reverse engineer 14 00:00:58,719 --> 00:01:05,400 since I was probably about 10 or 11 years old, taking apart 6502 code on a Vic 20, having 15 00:01:05,400 --> 00:01:09,530 a great time, loving all of this stuff, loving technology all my life, and I continue to 16 00:01:09,530 --> 00:01:13,120 learn. So we've gotten now to a point where it's much more fun. 17 00:01:13,120 --> 00:01:17,690 I've worked all sorts of people, all sort of places, everything from driving pizzas 18 00:01:17,690 --> 00:01:19,650 to different government stuff. ROB BATHURST: Okay. We're good. 19 00:01:19,650 --> 00:01:24,810 MARK CAREY: That's it. BOB BATHURST: All right. You can hear his 20 00:01:24,810 --> 00:01:29,870 life story later, I promise. I'm Evilrob. I'll be your quasi emcee. I love 21 00:01:29,870 --> 00:01:34,170 that word, quasi. So I've been breaking things for quite a long 22 00:01:34,170 --> 00:01:39,320 time, mostly to everyone's chagrin. I'm not going to tell you my life story, but beer 23 00:01:39,320 --> 00:01:42,950 good, fire bad, that's about all you have to know about me. 24 00:01:42,950 --> 00:01:46,810 Before we get started talking about the equipment and what we're doing, we just want to point 25 00:01:46,810 --> 00:01:50,710 out some of the people whose research and efforts in this area have really helped us 26 00:01:50,710 --> 00:01:55,660 out and saved us lots and lots of time. I totally want to pimp the JTAGulator that 27 00:01:55,660 --> 00:02:00,190 Joe Grand is selling. It is frigging awesome. Go buy you. 28 00:02:00,190 --> 00:02:03,330 MARK CAREY: And it's extendable with new firmware. So get one. It's not just going 29 00:02:03,330 --> 00:02:05,540 to do JTAG. It's going to do all kinds of other stuff. 30 00:02:05,540 --> 00:02:10,670 ROB BATHURST: And we'll talk about the JTAGulator if you don't though what it is. 31 00:02:10,670 --> 00:02:16,560 So what we will do be doing, we're going to talking you through the basics-ish of hardware 32 00:02:16,560 --> 00:02:22,140 tactical analysis based on the examples that we have done here in the past couple months. 33 00:02:22,140 --> 00:02:27,159 We're going to assess the tools and mentality you should have to be successful. Not required, 34 00:02:27,159 --> 00:02:30,670 but definitely good to have. We will discuss some of the common attack 35 00:02:30,670 --> 00:02:36,310 techniques when you're dealing with hardware. A lot of this talk is focused purely around 36 00:02:36,310 --> 00:02:41,090 the hardware and the theoretical attacks based on hardware and not so much on the BSP or 37 00:02:41,090 --> 00:02:44,200 firmware or anything else that is associated with that actual hardware. 38 00:02:44,200 --> 00:02:49,120 MARK CAREY: And a comment on this, also, there is a larger set of material on the CD 39 00:02:49,120 --> 00:02:52,810 that covers this. But we have 45 minutes as opposed to the roughly 3 or 4 hours we would 40 00:02:52,810 --> 00:02:57,639 need to cover all the material in the slide deck. So if you look at your DEF CON CDs, 41 00:02:57,639 --> 00:03:04,639 they have a large quantity of material about each of the items, bullet points, what interfaces 42 00:03:04,870 --> 00:03:09,299 look like, what provisioning interfaces look like in a detailed summary about how to get 43 00:03:09,299 --> 00:03:12,249 started doing hardware hacking. ROB BATHURST: It's about a hundred and 44 00:03:12,249 --> 00:03:17,260 something slides about hardware attacking and how you do it and what you don't go and 45 00:03:17,260 --> 00:03:21,109 how people screw up and burn themselves with chemicals. 46 00:03:21,109 --> 00:03:28,019 So the last thing we will do is show you pretty pictures and attempt to point at those pictures. 47 00:03:28,019 --> 00:03:33,109 I don't know if we'll succeed. The tools of the trade. This is stuff we use, 48 00:03:33,109 --> 00:03:36,430 stuff we have laying around the lab. It's really handy to have any time you're messing 49 00:03:36,430 --> 00:03:43,169 with hardware in any way. Most of this stuff can be acquired for less than a thousand dollars. 50 00:03:43,169 --> 00:03:46,430 Most of it can be acquired for under five hundred dollars. It's just the more features 51 00:03:46,430 --> 00:03:51,389 you have, the more expensive it gets. A few of the big items, we will cover these 52 00:03:51,389 --> 00:03:56,450 in detail as we need them, when we're talking about the hardware analysis. Your brain is 53 00:03:56,450 --> 00:04:03,450 important. It helps you control your body, and it allows you to consume alcohol, food, 54 00:04:04,370 --> 00:04:08,139 look at things, possibly. A voltameter, service mount soldering station, 55 00:04:08,139 --> 00:04:13,109 a rework station. If you don't know what those are are, Google it. Basically it's a soldering 56 00:04:13,109 --> 00:04:19,030 station and a tube that blows out 500 degree air. It melts things. 57 00:04:19,030 --> 00:04:21,750 MARK CAREY: And that's Celsius. It's really hot. 58 00:04:21,750 --> 00:04:27,470 ROB BATHURST: It's really, really hot. (Laughter) 59 00:04:27,470 --> 00:04:34,000 Soldering stuff, flux, magnifying glasses, microscopes. By the way, if you're using a 60 00:04:34,000 --> 00:04:39,020 magnifying glass to look, a physical one to look at a chip, put some Rainex on it, otherwise 61 00:04:39,020 --> 00:04:42,670 it will fog up like every three seconds and you're just going to be pissed. 62 00:04:42,670 --> 00:04:47,490 MARK CAREY: Pro tip. ROB BATHURST: Pro tip. Don't be pissed. 63 00:04:47,490 --> 00:04:53,190 Bus pirate. Amazing little device. It is like the the end all be all for raw bus analysis 64 00:04:53,190 --> 00:04:57,970 up to a certain hertz range. Debugging interfaces. It's great to have spare 65 00:04:57,970 --> 00:05:04,289 ones around. We will talk about some of the mistakes here in a second that hardware manufacturers 66 00:05:04,289 --> 00:05:09,979 tend to make. And I don't know if you know this, but just desoldering the header doesn't 67 00:05:09,979 --> 00:05:14,870 protect your board from having a header put back on. So pro tip. 68 00:05:14,870 --> 00:05:21,149 Yes. IDA pro. We'll cover --> quasi cover this. Quasi. 69 00:05:21,149 --> 00:05:24,360 MARK CAREY: More on the slides on the desk. ROB BATHURST: Yeah, more on the slides 70 00:05:24,360 --> 00:05:27,729 on the disk. We'll talk about what you may be able to throw into IDA pro than you would 71 00:05:27,729 --> 00:05:34,560 have gotten out of the chips that we're attacking. And then other stuff you might need, chemicals, 72 00:05:34,560 --> 00:05:41,560 respirator, balls, also dongs. You know who you are. 73 00:05:43,319 --> 00:05:48,690 So. Security appliances. You know, what do we consider to be security appliances? I know 74 00:05:48,690 --> 00:05:52,129 a lot of people, when I ask them, what do they think about security appliances, they 75 00:05:52,129 --> 00:05:58,909 think of firewalls, they think of IDS, they think of all these actual things that have 76 00:05:58,909 --> 00:06:03,740 been categorized as appliances and sold to you by vendors who want to charge you lots 77 00:06:03,740 --> 00:06:07,080 and lots of money. What we consider to be sefcurity appliances 78 00:06:07,080 --> 00:06:10,939 is basically anything that can be used to secure something. 79 00:06:10,939 --> 00:06:15,949 So some of the examples we'll be looking at is securing people from themselves, like a 80 00:06:15,949 --> 00:06:20,800 safe, or a --> we will be looking at something like securing your data, so the encryption 81 00:06:20,800 --> 00:06:27,800 system that we will be demoing --> well, talking about here at the end. So it can be practically 82 00:06:27,930 --> 00:06:33,300 anything that has some kind of security setting and is hardware related. 83 00:06:33,300 --> 00:06:39,189 The steps that we generally take. Again, go consult a big massive deck of slides if you 84 00:06:39,189 --> 00:06:42,360 really want a breakdown of all these steps or find me in the bar and I'll be happy to 85 00:06:42,360 --> 00:06:45,669 talk to you for a price. MARK CAREY: And there is an outline of 86 00:06:45,669 --> 00:06:50,400 a full methodology to do repeatable assessments on that slide deck as well. And, again, we 87 00:06:50,400 --> 00:06:54,819 just don't have time to cover it because that takes about 45 minutes by itself. 88 00:06:54,819 --> 00:06:59,400 ROB BATHURST: Yeah, pretty much. You generally what you want to do is define 89 00:06:59,400 --> 00:07:02,979 the goals. What are you actually going after? Why are you attacking this device? You don't 90 00:07:02,979 --> 00:07:06,870 ever walk into something especially when you're doing any kind of reverse engineering and 91 00:07:06,870 --> 00:07:12,020 go I'm just going to do this because, because it takes forever. Because you will sit there 92 00:07:12,020 --> 00:07:16,090 going oh, I'll look at this now and look at this now. And at nine months of work, you 93 00:07:16,090 --> 00:07:19,870 will have nothing but a pile of "Oh, look at this now. " 94 00:07:19,870 --> 00:07:24,949 So what we're talking about when we want to define the device is we want to look at it 95 00:07:24,949 --> 00:07:29,740 based on our goals. If our goals are to rip something out of the man flesh, I don't have 96 00:07:29,740 --> 00:07:34,740 to sit there and mess with every other piece of that hardware to get that man flash. I 97 00:07:34,740 --> 00:07:39,960 want to go directly to the bus. I want to do this stuff related directly to that chip. 98 00:07:39,960 --> 00:07:44,210 So when we're attacking something, we always have to keep the goal in mind as we define 99 00:07:44,210 --> 00:07:47,599 the parameters and advise what hardware and what equipment we'll need to actually get 100 00:07:47,599 --> 00:07:50,460 that out. Gather all of the open source information 101 00:07:50,460 --> 00:07:55,129 you possibly can. I know some of you may be decent social engineers, and if you ever talk 102 00:07:55,129 --> 00:08:00,020 to a sales guy, they just love to send you crap. The more you like I want to buy your 103 00:08:00,020 --> 00:08:03,699 piece of shit, they're like here, have some documentation. Would you like chip specs? 104 00:08:03,699 --> 00:08:08,110 I've got high res x-ray photos, too. (laughter) 105 00:08:08,110 --> 00:08:13,009 Yeah, seriously. Like I've got stuff from one guy, it was like confidential company 106 00:08:13,009 --> 00:08:18,049 source information. I'm like sweet. Thanks. MARK CAREY: No NDA, thanks. 107 00:08:18,049 --> 00:08:23,330 ROB BATHURST: Saves me from buying an electron microscope. It's in the budget, right? 108 00:08:23,330 --> 00:08:29,219 MARK CAREY: We're working on that. ROB BATHURST: Exactly. Examine the device 109 00:08:29,219 --> 00:08:36,219 for entry. Yeah. So a lot of these companies that create security appliances, especially 110 00:08:36,779 --> 00:08:43,690 the ones that work with key management have key sensors. They tend to have a magnetic 111 00:08:43,690 --> 00:08:49,250 sensor or a light sensor or it happens to be to detect case opening, so that when you 112 00:08:49,250 --> 00:08:52,480 actually open the case, it theoretically dumps the keys. 113 00:08:52,480 --> 00:08:56,980 MARK CAREY: Say bye-bye to your SRAM. ROB BATHURST: Yes, say bye-bye to your 114 00:08:56,980 --> 00:09:00,870 SRAM, yes. However, like the mistakes we will be talking 115 00:09:00,870 --> 00:09:06,310 about here in a bit, usually the implementation of those security mechanisms are terrible. 116 00:09:06,310 --> 00:09:12,610 It turns into a checklist. The security guy is like: I need case protection and key protection 117 00:09:12,610 --> 00:09:18,480 and all of this stuff, and then the engineer is like: Done. And we all know how well that 118 00:09:18,480 --> 00:09:22,370 goes. So look at the best way and look at the way 119 00:09:22,370 --> 00:09:28,100 that is going to be less intrusive in the particular device, and then analyze the circuitry 120 00:09:28,100 --> 00:09:33,459 networks and device components once you actually open the case. Determine the most plausible 121 00:09:33,459 --> 00:09:39,170 attack vector for the actual hardware, and then attack. Like your life depended on it. 122 00:09:39,170 --> 00:09:43,050 Or go slowly, however you prefer. Toro, toro, toro. 123 00:09:43,050 --> 00:09:48,639 ROB: That would be tiger, tiger, tiger. Well, whatever. It should be attack, attack, 124 00:09:48,639 --> 00:09:52,800 attack. ROB: SO common mistakes by the actual reverse 125 00:09:52,800 --> 00:09:56,660 engineers themselves. And I don't know how many times I have fallen victim to my own 126 00:09:56,660 --> 00:10:03,660 stupidity and my friends as well, due to not taking copious amounts of notes, and not taking 127 00:10:04,060 --> 00:10:07,480 pictures. Because when you're sitting in a desoldered pile of chips with a desoldered 128 00:10:07,480 --> 00:10:12,860 board in front of you going "I think it goes here" is not really the best time. 129 00:10:12,860 --> 00:10:17,089 MARK CAREY: And orientation is always important. Because if you hook them up upside down, they 130 00:10:17,089 --> 00:10:21,029 tend to let the magic smoke out. ROB BATHURST: Powering up a board with 131 00:10:21,029 --> 00:10:28,029 a badly soldered chip is a mess. Burning yourself with chemicals or a fire, 132 00:10:29,600 --> 00:10:33,400 bad. Bad. AUDIENCE: Beer good. 133 00:10:33,400 --> 00:10:40,070 ROB BATHURST: Beer good. Fire bad. See I've taught you all something already. 134 00:10:40,070 --> 00:10:44,839 Not properly preparing for ESD. Optical and magnetic isolation. If you need to work in 135 00:10:44,839 --> 00:10:49,910 an argon pressure environment, if you're dealing with nitrogenized chips, Very, very important 136 00:10:49,910 --> 00:10:54,240 to have your test environment set up so that you're not actually going to ruin the thing 137 00:10:54,240 --> 00:10:58,230 that someone paid you or that you acquired to test yourself. 138 00:10:58,230 --> 00:11:03,639 Always, always, always take the time to make sure your environment is set up correctly 139 00:11:03,639 --> 00:11:10,639 and save yourself hours and hours of headache. And my absolute favorite, get a backup device, 140 00:11:12,019 --> 00:11:17,610 or a device of like make or something that is comparable to the chips that you're using, 141 00:11:17,610 --> 00:11:21,949 because once you let the magic smoke out of the thing you should be testing, you've pretty 142 00:11:21,949 --> 00:11:27,339 much failed. So you can't put it back in. It just doesn't work. 143 00:11:27,339 --> 00:11:32,230 And the list can continue ad nauseam based on the stupidity of the reverse engineers 144 00:11:32,230 --> 00:11:39,209 themselves. You know who you are. So common mistakes by the people who sell 145 00:11:39,209 --> 00:11:46,209 you the really expensive appliances. Putting your case sensor wires right next to the vents. 146 00:11:46,420 --> 00:11:52,610 So a paper clip and a pair of vampire clips and I've just taken out your massively complex 147 00:11:52,610 --> 00:11:55,029 wire. MARK CAREY: And that handy dandy heavy 148 00:11:55,029 --> 00:11:59,300 gauge steel case, too. AUDIENCE: Speak up. 149 00:11:59,300 --> 00:12:02,759 ROB BATHURST: And the heavy steel case, too. 150 00:12:02,759 --> 00:12:09,480 ROB BATHURST: Yes, very impressive steel cases and then you put vents in it. 151 00:12:09,480 --> 00:12:16,480 Hiding your hips under epoxy. Epoxy is not a security mechanism, for God sake. It really 152 00:12:18,779 --> 00:12:24,820 isn't. Like you get this $30,000 piece of equipment with your security processor that 153 00:12:24,820 --> 00:12:29,829 holds your keys in it, and you're like I'm just going to put epoxy on it. It's cool. 154 00:12:29,829 --> 00:12:35,070 Nobody can get to it. It's a bitch to get off. It's fine. 155 00:12:35,070 --> 00:12:42,070 Not using a built-in encryption protection mechanism on embedded processors, big fail. 156 00:12:42,790 --> 00:12:48,980 Not setting the read write protect bits on the processor flash. There are fuses for a 157 00:12:48,980 --> 00:12:54,829 reason and they are a pain in the ass to get around. So if you set them, it will only take 158 00:12:54,829 --> 00:12:59,829 me slightly only more time and aggravation. But it's more time and aggregation. And if 159 00:12:59,829 --> 00:13:06,829 I get aggravated enough, I go find beer and I stop working on your device. 160 00:13:06,839 --> 00:13:10,440 Not limiting access to the debugging and provisioning ports. You know, we were talking about the 161 00:13:10,440 --> 00:13:16,860 protection mechanisms for a desoldered JTAG port is not an actual protection mechanism. 162 00:13:16,860 --> 00:13:23,860 So if you're actually going to do that, think it out. Lock it down. Use secure JTAG, use 163 00:13:24,070 --> 00:13:29,889 some kind of keying mechanism, use authentication where possible, depending on your chip set, 164 00:13:29,889 --> 00:13:36,860 to actually protect said device. And then my favorite, or Mark's favorite as 165 00:13:36,860 --> 00:13:43,860 well, running your ITUC or SPI buses up to the user LCD, then back into your really hard 166 00:13:45,130 --> 00:13:50,839 case with all of your security mechanisms, where it directly attaches to the boot flash 167 00:13:50,839 --> 00:13:56,860 bus. Because then you just take the panel off, and you're on the bus. 168 00:13:56,860 --> 00:14:02,470 MARK CAREY: And then you can rewrite your boot flash and maybe get some PXE action or 169 00:14:02,470 --> 00:14:07,000 a bunch of other stuff. ROB BATHURST: If you'd like to save me 170 00:14:07,000 --> 00:14:11,529 time, do that, yes. And then you know there are so many more attack 171 00:14:11,529 --> 00:14:15,800 vectors and mistakes we can go into based on the way the devices are actually engineered, 172 00:14:15,800 --> 00:14:21,550 but for the sake of brevity and possible beer later, I won't go into this. 173 00:14:21,550 --> 00:14:27,420 So possible attack methods, there is voltage glitching, timing manipulation, you can Google 174 00:14:27,420 --> 00:14:34,420 these or go find that slide deck. Fuse resetting, if you can basically polish a chip in a clean 175 00:14:34,949 --> 00:14:40,759 room using a UV method, not for is n00bs, just to warn you. Any time you talk about 176 00:14:40,759 --> 00:14:46,550 chip shaving and nitronized chip sets and everything else, not a first time experience. 177 00:14:46,550 --> 00:14:53,550 Not very good. The JTAG provisioning, interface debug, those are easily screwed up, because 178 00:14:54,740 --> 00:14:59,889 most times they are made for debugging. So if you can get on to those and mess with it 179 00:14:59,889 --> 00:15:05,490 and twiddle some bits and do other very dirty sounding things to equipment, you have a good 180 00:15:05,490 --> 00:15:09,149 chance of actually causing it to spill its beans. 181 00:15:09,149 --> 00:15:16,149 And then debug path manipulation using the I squared C switching flash pin UTAGs to TAGs, 182 00:15:18,399 --> 00:15:21,800 which he'll get into when we actually talk about the boards. 183 00:15:21,800 --> 00:15:28,509 So the examples for the actual talk. The thermostat in your secure hotel room. And you're like 184 00:15:28,509 --> 00:15:33,699 why does that thermostat matter? Most times these are tied into the central HVAC system. 185 00:15:33,699 --> 00:15:38,779 They are monitored, controlled by industrial control systems, which in most times due to 186 00:15:38,779 --> 00:15:43,889 human laziness sits on the same network as someone's admin network or something else, 187 00:15:43,889 --> 00:15:49,230 because you know it's never true. It's never true. 188 00:15:49,230 --> 00:15:56,199 Hotel room safes. I love safes. I love electronic safes. They're the best. Encrypted storage 189 00:15:56,199 --> 00:16:01,899 device, which we will talk about here. And then Java cards which we will touch on, because 190 00:16:01,899 --> 00:16:05,209 they relate directly to the encrypted storage device. 191 00:16:05,209 --> 00:16:12,209 So the thermostat. We attained a demonstration unit from some random hotel. 192 00:16:13,440 --> 00:16:18,720 (Laughter) It is an interesting device, from this random 193 00:16:18,720 --> 00:16:25,720 hotel that has some really good PRISM loving features. It has an occupancy sensor on it, 194 00:16:27,860 --> 00:16:34,259 and infrared programming capability, a bus interconnect, and the centralized monitoring 195 00:16:34,259 --> 00:16:39,440 configuration station we were talking about, and then the usual HVAC controls and relays 196 00:16:39,440 --> 00:16:43,360 and pushy buttons and display and what have you. 197 00:16:43,360 --> 00:16:49,730 So I'm going to turn it into, you know, Vanna White over here and he will talk about the 198 00:16:49,730 --> 00:16:52,339 attack methods. MARK CAREY: All right, I'll try to speak 199 00:16:52,339 --> 00:16:55,119 up so everybody can hear me. Is that good? AUDIENCE: Yes. 200 00:16:55,119 --> 00:17:02,119 MARK CAREY: Good. So we will cover this thermostat --> there we go --> Very, very quickly. 201 00:17:02,680 --> 00:17:06,880 So, I'm going to look, if you look at the slides here, you can see that we have got 202 00:17:06,880 --> 00:17:10,520 a communications module that uses something that is something like X-Ten protocol. If 203 00:17:10,520 --> 00:17:15,730 you've got automatic light switches at the house, using the RF interface to the little 204 00:17:15,730 --> 00:17:21,560 box that sits in the wall and the power system and it modulates signals on your power lines. 205 00:17:21,560 --> 00:17:27,409 ROB: Don't eat it. MARK CAREY: Yeah, I'm trying not to. 206 00:17:27,409 --> 00:17:33,240 So we also have --> let's go from top down then. So we have the HVAC controls. And we 207 00:17:33,240 --> 00:17:37,549 also have network communications there, if you see that. There is a five-pin interface, 208 00:17:37,549 --> 00:17:40,150 and I'm going to try to shoot this with a laser but I'm not sure if I can hit it from 209 00:17:40,150 --> 00:17:41,630 here. ROB BATHURST: Failed. 210 00:17:41,630 --> 00:17:48,630 MARK CAREY: That's a big fail. Actually, I think the --There we go. Up in here is what 211 00:17:48,970 --> 00:17:55,039 we're looking at right now. And we see there is also an infrared module, which is used 212 00:17:55,039 --> 00:17:59,820 for, I would assume, programming this device as well. 213 00:17:59,820 --> 00:18:04,570 Didn't have time to do a full reverse engineer on it. You see the CPU here, which is a nice 214 00:18:04,570 --> 00:18:08,789 8 bit microcontroller. I believe it's --> I think it's actually the same as the safe, 215 00:18:08,789 --> 00:18:13,270 which is an ADC 51 type instruction set. Different manufacturer, though, so it's Philips. 216 00:18:13,270 --> 00:18:18,380 And an interesting note about this microcontroller is that it has a serial interface and system 217 00:18:18,380 --> 00:18:23,140 programming interface, which is always on, can't be turned off from the look of things. 218 00:18:23,140 --> 00:18:27,039 It's not hooked up to anything. So these chips are preprogrammed before they are on the board, 219 00:18:27,039 --> 00:18:32,340 but you can definitely do surface mount soldering and dump that firmware right out. 220 00:18:32,340 --> 00:18:36,530 ROB: Right out. MARK: Right out. 221 00:18:36,530 --> 00:18:43,530 We also have an SPI --> I'm sorry, that's mislabeled. That's an I squared C configuration flash. 222 00:18:44,390 --> 00:18:49,890 And there is an LCD controller. And ten down at the bottom you see a bus connector. And 223 00:18:49,890 --> 00:18:54,440 that bus connector actually goes into a bus driver, that goes into the microcontroller. 224 00:18:54,440 --> 00:18:59,200 And then probably with the right software out into the communications module. 225 00:18:59,200 --> 00:19:03,110 This is the infrared emitter, which in this particular thermostat was broken and causing 226 00:19:03,110 --> 00:19:07,850 the room to heat up pretty nastily, and was repaired accordingly. 227 00:19:07,850 --> 00:19:13,960 I'm trying not to spit into the mic. So the thermostat was repaired accordingly. 228 00:19:13,960 --> 00:19:17,139 It was suddenly much more effective and the room cooled right off. 229 00:19:17,139 --> 00:19:21,210 ROB BATHURST: Recently borrowed. MARK CAREY: Right. 230 00:19:21,210 --> 00:19:26,940 So this is the front of the thermostat board. And you'll see the little chip, the tiny little 231 00:19:26,940 --> 00:19:29,690 8-pin dip there. AUDIENCE: Speak up. 232 00:19:29,690 --> 00:19:32,909 MARK CAREY: Sorry. The 8-pin dip there. 233 00:19:32,909 --> 00:19:37,990 Right there ish. It's the bus driver that we hook up to on 234 00:19:37,990 --> 00:19:41,710 those three-pin interfaces on the bottom. Originally I thought my goodness, they actually 235 00:19:41,710 --> 00:19:46,120 put the serial interface to a port on the outside of the case for me so I can get straight 236 00:19:46,120 --> 00:19:51,860 to the in-system programmer and dump all the flash. That would have been kind of them, 237 00:19:51,860 --> 00:19:55,659 but they didn't. So this is the board as it's been decloaked, 238 00:19:55,659 --> 00:19:59,110 as it were. Detached and actually pulled out of the case so you can get a good clean view 239 00:19:59,110 --> 00:20:06,110 of it. So there is a cry --> you can see the crystal, the CPU, the I squared C flash, the 240 00:20:06,760 --> 00:20:12,510 LCD controller, discrete components, a few other provisioning headers and the connectors 241 00:20:12,510 --> 00:20:13,969 for the infrared -- AUDIENCE: Speak up! 242 00:20:13,969 --> 00:20:17,279 MARK CAREY: Oh, sorry. The connectors for the provisioning infrared 243 00:20:17,279 --> 00:20:22,880 and all of that stuff. There is a close up of the bus driver. And 244 00:20:22,880 --> 00:20:25,159 so, practically, what we can do with this -- 245 00:20:25,159 --> 00:20:32,159 Excuse me. Can I have my water, please. ROB: Drink! 246 00:20:32,750 --> 00:20:38,950 MARK CAREY: All right. So what we can do with this practically. Once you have the firmware, 247 00:20:38,950 --> 00:20:43,220 you have the keys to communicating with that X-ten like protocol. It's 8 bit micro. It's 248 00:20:43,220 --> 00:20:47,289 not hard to take apart. There's a number of registers in there, of course, and other instructions 249 00:20:47,289 --> 00:20:52,190 that do stuff. If you reverse engineer the subroutines and reverse engineer the communications 250 00:20:52,190 --> 00:20:56,460 protocol, you can get a very, very clear idea of how fast to send information to that module 251 00:20:56,460 --> 00:21:03,460 and exactly what to send to that module. Now, as an aside, the manual for the control 252 00:21:03,789 --> 00:21:07,640 software for this particular thermostat is freely available from the manufacturer, on 253 00:21:07,640 --> 00:21:14,640 the Internet. It covers a lot of stuff, including a lovely diagram of exactly how it's all hooked 254 00:21:15,980 --> 00:21:20,940 up. So these thermostats, for example, might go to a floor controller. At which point they 255 00:21:20,940 --> 00:21:24,600 are networked into the rest of all the floor controllers and then back into the backend 256 00:21:24,600 --> 00:21:29,520 office, where the main control system can determine whether it goes into VIP mode or 257 00:21:29,520 --> 00:21:34,200 or not, for example, or whether it gets to be 95 degrees in someone's room or not, for 258 00:21:34,200 --> 00:21:39,140 example. And some other things, too. But we can't talk 259 00:21:39,140 --> 00:21:41,960 about those. ROB BATHURST: That would be regrettable. 260 00:21:41,960 --> 00:21:46,640 MARK CAREY: Very regrettable. And I'm going to turn it back over to Rob to talk about 261 00:21:46,640 --> 00:21:51,650 some Roman hotel safe. (Laughter) 262 00:21:51,650 --> 00:21:58,650 ROB BATHURST: So we may have found this box somewhere. 263 00:21:59,279 --> 00:22:03,669 (Laughter) And I'm a big fan of Roman history. Obviously 264 00:22:03,669 --> 00:22:08,260 that's why that's on there. Some highlights of this particular device. 265 00:22:08,260 --> 00:22:14,179 It's a decent metal box that's been bolted down. It has a 4 to 8 digital variable pin. 266 00:22:14,179 --> 00:22:20,380 It's manually operator for power conservation, usually by the hotel staff if they want something 267 00:22:20,380 --> 00:22:27,010 in it. But I'm not saying anyone's bad or anything, but, you know, don't trust the safe. 268 00:22:27,010 --> 00:22:34,010 So about the hotel safe, looking sexy, from a random Roman hotel. Do you want to talk 269 00:22:35,650 --> 00:22:42,620 about the board here? I'll stand up. MARK CAREY: Okay. So this is a sexy looking 270 00:22:42,620 --> 00:22:48,620 safe. Got a control board, got a server alarm, got the actual bolt attached to it, and some 271 00:22:48,620 --> 00:22:53,309 lovely batteries. ROB: Copper top, all the way. 272 00:22:53,309 --> 00:22:58,029 MARK: Copper tops, they last a little longer. Total of 6 volts of power being supplied to 273 00:22:58,029 --> 00:23:04,470 the board. The main board is broken up into several discrete areas and several connectors. 274 00:23:04,470 --> 00:23:08,919 So we have --> if you look at the top of this board, you see the battery connector, which 275 00:23:08,919 --> 00:23:15,919 is also --> going back to the other slide here, -- also a connector for one of the other switches. 276 00:23:16,260 --> 00:23:21,279 We see the front panel connector, which goes to the little pushy buttons and the latch 277 00:23:21,279 --> 00:23:28,279 register --> sorry, the --> the LCD display circuitry. And we also see a motor driver, 278 00:23:33,440 --> 00:23:40,440 which is just the typical server motor, four phase servo driver. Some switches that detect 279 00:23:41,169 --> 00:23:46,840 whether the safe Bolt is open or closed and whether the door is opened or closed. And 280 00:23:46,840 --> 00:23:53,840 the second panel connector. And we also have a 64 K EEPROM and a 2 kilobyte flash ROM and 281 00:23:55,230 --> 00:23:59,659 of course the other red box that's not labeled -- I'm sorry, the two red boxes that are not 282 00:23:59,659 --> 00:24:06,659 labeled are a Dallas realtime clock module with battery included, and a CPU module, which 283 00:24:07,390 --> 00:24:14,390 I believe as I said is a 65 --> sorry, an ADC 51, but of the Siemens variety as opposed 284 00:24:15,230 --> 00:24:22,230 to Phillips. So I'll zip through the rest. There are some 285 00:24:22,360 --> 00:24:25,669 interesting things on the safe. If you've looked under the handle of this safe, there 286 00:24:25,669 --> 00:24:31,990 is an RJ 5 interface and a small barrel connector. The reason the barrel connector is there is 287 00:24:31,990 --> 00:24:36,270 because batteries die and people still need to get their stuff. So you can power this 288 00:24:36,270 --> 00:24:42,429 from an external source if you need to. Additionally, the RJ 45 is connected directly 289 00:24:42,429 --> 00:24:48,340 to pin 4 on the controller, which is an attention pin that says wake up. I need to send you 290 00:24:48,340 --> 00:24:53,450 something. And directly the serial send and receive pins on microcontroller. If you send 291 00:24:53,450 --> 00:25:00,450 it a sequence of bytes, it opens right up. ROB BATHURST: This is not a good thing. 292 00:25:01,549 --> 00:25:05,710 Because you can just repeat it over and over and over and over and over and over and over 293 00:25:05,710 --> 00:25:09,429 to other people's safes. MARK CAREY: Yes, you can. Now. There are 294 00:25:09,429 --> 00:25:10,990 a -- ROB BATHURST: In a Roman hotel. 295 00:25:10,990 --> 00:25:16,860 MARK CAREY: So I'll zip back and look at this quickly. If you see down here in the 296 00:25:16,860 --> 00:25:23,630 -- let me see if I can hit that. Right in here, what that actually says is there is 297 00:25:23,630 --> 00:25:27,240 a code printed on it. And I'm not going to zoom in for you, because you have to do your 298 00:25:27,240 --> 00:25:34,240 own research. But that code is a uniform code per hotel, from what our research indicates. 299 00:25:35,429 --> 00:25:39,470 So if you have this code and a couple other elements, which I again can't tell you about, 300 00:25:39,470 --> 00:25:46,470 because we haven't disclosed it to the manufacturer, then yes, you can open the safe right up. 301 00:25:47,429 --> 00:25:47,930 So -- ROB BATHURST: Ca-chink. 302 00:25:47,930 --> 00:25:52,620 MARK CAREY: If you look at the Siemens microcontroller, the numbering is actually 303 00:25:52,620 --> 00:25:59,620 C 501 on it. But if you pull up that particular data sheet, it says 8051. So this is a variety. 304 00:26:00,710 --> 00:26:05,539 8051 a very old processor for anybody who doesn't know this. And it's a very prevalent 305 00:26:05,539 --> 00:26:10,100 processor in embedded devices, fairly power efficient, 8-bit micro. So if you need something 306 00:26:10,100 --> 00:26:14,840 that lasts forever, and can trigger a few servos or detect a few sensor motions, that's 307 00:26:14,840 --> 00:26:21,840 a great processor for it. So the secure SAN encryption board --> in fact, 308 00:26:24,279 --> 00:26:27,820 do you want to pop the case so we can get them out. 309 00:26:27,820 --> 00:26:34,460 So we have a couple of --> these secure SAN encryption boards. And these devices were 310 00:26:34,460 --> 00:26:41,460 obtained from eBay. We had a reason to look into them. And we found that eBay is a great 311 00:26:45,039 --> 00:26:52,039 source for almost anything. You can usually get surplus chips, for example, that were 312 00:26:52,230 --> 00:26:58,360 actually from the manufacturer in China. They made an extra run of whatever, some of them 313 00:26:58,360 --> 00:27:03,010 even have the same EEPROM version identifier numbers as the product you're attacking. So 314 00:27:03,010 --> 00:27:06,980 we have taken epoxy off and when we are looking for that particular chip model on eBay, to 315 00:27:06,980 --> 00:27:13,580 go and sock it onto a carrier board to test it for different things, we find a picture 316 00:27:13,580 --> 00:27:20,580 of the sticker that was under the epoxy, on the flash device, on eBay. 317 00:27:20,950 --> 00:27:27,890 ROB: By the way, the greatest thing about eBay is when companies refresh all their equipment, 318 00:27:27,890 --> 00:27:34,890 some random guy in like Texas gets a $30,000 encryption device and then sells you these 319 00:27:35,399 --> 00:27:41,360 cards for 30 bucks. Because he has no clue. MARK CAREY: That is correct. And they will 320 00:27:41,360 --> 00:27:46,799 also sell broken devices on eBay. These broken devices might go for a hundred bucks for the 321 00:27:46,799 --> 00:27:49,440 weight of the component gold or whatever like that. 322 00:27:49,440 --> 00:27:53,419 Well, that's all well and good. But when it's a soldered joint on the power supply that 323 00:27:53,419 --> 00:28:00,419 is broken off, and you resolder it, now you've got a $30,000 appliance that works just fine. 324 00:28:04,779 --> 00:28:09,799 And it allows you to research some really high-end components and really high-end stuff, 325 00:28:09,799 --> 00:28:14,920 without spending much. Makes a personal research budget very happy. 326 00:28:14,920 --> 00:28:19,600 ROB BATHURST: It's Linux chips on the cheap. MARK CAREY: Yes. And if you know where 327 00:28:19,600 --> 00:28:24,340 I can get a scanning electron microscope, come and see me afterwards. 328 00:28:24,340 --> 00:28:28,429 So some of the features, the device itself is actually very well put together. It's a 329 00:28:28,429 --> 00:28:35,429 heavy gauge steel and its purpose is to manage the keys for like the brocade encrypting fiber 330 00:28:36,140 --> 00:28:40,539 channel switches. So the way it works is it manages the keys and sends it to the switch 331 00:28:40,539 --> 00:28:44,649 and says I have this particular piece of media that I need to access. It says okay. Well, 332 00:28:44,649 --> 00:28:48,380 here's the key that I want you to apply to that. So all your data's encrypted at rest. 333 00:28:48,380 --> 00:28:55,380 It's a great idea. It's a really great idea. ROB BATHURST: Actually, the device does 334 00:28:56,850 --> 00:29:02,890 key management well, but they made a few critical mistakes with where they store keys and how 335 00:29:02,890 --> 00:29:07,130 they store keys and how keys are passed back and forth. And again, because we haven't disclosed 336 00:29:07,130 --> 00:29:11,790 it to the manufacturer, we can't tell you. I'm sorry. Check back in like a month, hopefully. 337 00:29:11,790 --> 00:29:14,410 MARK CAREY: It's probably more like a couple years on this one. 338 00:29:14,410 --> 00:29:17,259 ROB BATHURST: Check back in a couple year month things. 339 00:29:17,259 --> 00:29:24,259 MARK CAREY: Anyway. So it also has a lovely Windows Java frontend. I'm going to go on 340 00:29:25,470 --> 00:29:27,679 a bit of a rant here on this one on the Java card stuff -- 341 00:29:27,679 --> 00:29:30,200 ROB BATHURST: You don't have time to rant. MARK CAREY: Okay. It uses Java cards to 342 00:29:30,200 --> 00:29:34,279 store the master keying material. I don't have time to rant, apparently. Okay. 343 00:29:34,279 --> 00:29:41,250 Well let me just say this then in calm tones. Don't include your Java card sources in the 344 00:29:41,250 --> 00:29:47,529 jar archives for your admin interface. This is a very bad idea. 345 00:29:47,529 --> 00:29:52,880 ROB: Fire bad. MARK: Part of the security through obscurity 346 00:29:52,880 --> 00:29:59,330 model with Java cards is they are EAL 4 certified in most cases. That means you're not getting 347 00:29:59,330 --> 00:30:04,769 the code out. But if you compile it in the standard Java, you can use a tool called JAD, 348 00:30:04,769 --> 00:30:09,990 which probably most of you are familiar with, to decompile this code to clean source. 349 00:30:09,990 --> 00:30:15,130 So -- ROB BATHURST: Big props to him for that. 350 00:30:15,130 --> 00:30:21,760 Saved a lot of time. MARK CAREY: Thank you very much. 351 00:30:21,760 --> 00:30:27,669 So this is our hardware formerly known as expensive. Its new symbol is the dollar sign, 352 00:30:27,669 --> 00:30:33,179 I gather. So you can see on the bottom, the device with the epoxy on it. And we actually 353 00:30:33,179 --> 00:30:36,820 have these devices up here. ROB BATHURST: After the talk you can come 354 00:30:36,820 --> 00:30:41,289 look at them if you'd like. If they leave the table, I'll beat you. 355 00:30:41,289 --> 00:30:46,799 MARK CAREY: That sounds like an evil promise from Evilrob. 356 00:30:46,799 --> 00:30:52,809 And these devices, as you can see, we will zoom in on the epoxyed version here a little 357 00:30:52,809 --> 00:30:56,980 bit. And hen we will look at this guy. And we have High Res photos that I'll bring up 358 00:30:56,980 --> 00:31:02,130 possibly here in a moment. But the chip that you're seeing that has the 359 00:31:02,130 --> 00:31:08,090 cover peeled off, right here, lovely polished silicon. It's a flip chip, if you guys remember 360 00:31:08,090 --> 00:31:15,090 that manufacturing technique. There is a heat sync and the actual chip cover. That is a 361 00:31:17,210 --> 00:31:24,210 Xilinx Pro 2 plus FPGA. And that particular chip loads its information from flash memory. 362 00:31:27,470 --> 00:31:30,990 So I'm going to show you a chip --> a picture of the board before we've removed a couple 363 00:31:30,990 --> 00:31:37,309 of the critical chips. And I'm trying to hit it again. Here it goes. 364 00:31:37,309 --> 00:31:42,200 So that is the actual flash chip that the Xilinx chip gets its information from. So 365 00:31:42,200 --> 00:31:47,970 it loads that every time it boots up. Xilinx supports an absolutely fantastic excryption 366 00:31:47,970 --> 00:31:52,290 protocol. And it stores the key internal to the FPGA. The only way to get it out is through 367 00:31:52,290 --> 00:31:59,080 -- technically, a power consumption monitoring on the voltage pins on the FPGA, so you can 368 00:31:59,080 --> 00:32:03,010 hopefully get the key and you can get like a roughly 10,000 durations to make statistical 369 00:32:03,010 --> 00:32:07,389 significance. So you can get a likely candidate. ROB BATHURST: In case you're taking notes. 370 00:32:07,389 --> 00:32:14,389 MARK CAREY: Right. The other chip is an Atmel AT90S6464C, and 371 00:32:14,779 --> 00:32:18,429 anybody who's done TiVO hacking knows this chip as a 3232C. 372 00:32:18,429 --> 00:32:21,490 ROB BATHURST: We don't advocate hacking your TiVO. 373 00:32:21,490 --> 00:32:28,490 MARK CAREY: Of course not. These two chips --> so there was a fatal flaw 374 00:32:29,639 --> 00:32:35,779 in this. They did not use the xilinx encryption protocol. So we were able to dump out the 375 00:32:35,779 --> 00:32:40,529 entire xilinx configuration bit stream. Now I didn't really feel like reverse engineering 376 00:32:40,529 --> 00:32:45,000 Xilinx's bit stream entirely, so a very, very nice person, KC Moreford, who did his Master's 377 00:32:45,000 --> 00:32:49,139 thesis on this, was kind enough to run it through his tool set. 378 00:32:49,139 --> 00:32:50,590 Now he wouldn't give us his tools, unfortunately -- 379 00:32:50,590 --> 00:32:54,789 ROB BATHURST: His tool set is BA. Seriously. MARK CAREY: It's very, very impressive. 380 00:32:54,789 --> 00:32:59,250 It does complete decomposition of the Xilinx bit stream. So it's very nice. It takes it 381 00:32:59,250 --> 00:33:04,710 right down to a text stream and tells you what each byte does. 382 00:33:04,710 --> 00:33:09,549 So anyway, we will cover also one more thing on this one, or a few more things actually. 383 00:33:09,549 --> 00:33:14,750 But the booby traps. So hardware manufacturers who use epoxy like to do silly things like 384 00:33:14,750 --> 00:33:21,750 booby traps. What you see here, right beside that tiny xilinx chip there is a booby trap 385 00:33:23,389 --> 00:33:30,389 switch. Now, if that booby trap switch is not depressed, no current goes to the SRAM 386 00:33:30,490 --> 00:33:35,159 and the keys dump. So if you're taking the epoxy off and you've been very careful, and 387 00:33:35,159 --> 00:33:39,980 you're chemically fomenating your nitric acid, or doing whatever you're doing to take it 388 00:33:39,980 --> 00:33:46,980 off, and that switch pops up, it's game over. ROB BATHURST: The solution to not having 389 00:33:48,600 --> 00:33:55,600 the chip pop up is to not cut the epoxy around the chip. So that really expensive mechanism 390 00:33:58,809 --> 00:34:02,409 can be stopped by being lazy. (Laughter) 391 00:34:02,409 --> 00:34:08,470 MARK CAREY: Just the way we like it. So in addition, one other thing I want to 392 00:34:08,470 --> 00:34:15,470 highlight on this slide, you see the row of six empty holes there. That is most likely 393 00:34:16,200 --> 00:34:21,130 the initial provisioning interface for the Atmel chip. However, because they are clever 394 00:34:21,130 --> 00:34:26,360 designers, they use leveling some capacitors and some other tricks to make sure you can't 395 00:34:26,360 --> 00:34:31,630 get good voltameter test runs. And everything kind of goes to a middle voltage detection 396 00:34:31,630 --> 00:34:35,060 and you don't get the beep when you have your voltameter set to been when you touch the 397 00:34:35,060 --> 00:34:42,060 traces. So good on them. That was a good try. And so that is a closer picture of the xilinx 398 00:34:44,330 --> 00:34:50,310 proFJPA. Anders, if you're in the audience, stick your hand --> Anders, thank you so much 399 00:34:50,310 --> 00:34:55,500 for the use of your wonderful camera and your skill at this. These recent pictures that 400 00:34:55,500 --> 00:35:02,040 you're seeing up here are all courtesy of Anders, and he did a great job. Thank you. 401 00:35:02,040 --> 00:35:08,220 (Applause) Again we will look at the provisioning interface. 402 00:35:08,220 --> 00:35:12,540 That's just a quickie. And that one --> I've got only a bit of the epoxy cut away. And 403 00:35:12,540 --> 00:35:16,060 we have a movie of epoxy removal if anybody wants to see it later, but not right now. 404 00:35:16,060 --> 00:35:19,170 ROB BATHURST: It took 10 hours and an exacto knife. 405 00:35:19,170 --> 00:35:24,360 MARK CAREY: I think it was actually between 12 and 14 hours with a hot air rework station 406 00:35:24,360 --> 00:35:30,260 set to about 500 degrees centigrade and several exacto knives with thermally resistant handles. 407 00:35:30,260 --> 00:35:35,350 ROB BATHURST: Fire bad, beer good. MARK CAREY: Fire bad. Burnt off fingerprints 408 00:35:35,350 --> 00:35:40,220 worse. Beer very good. The other thing we will highlight 409 00:35:40,220 --> 00:35:43,980 here is the Mictor provisioning interface. So there's three of these total on the bottom 410 00:35:43,980 --> 00:35:47,870 of the board. So if you guys can see this, Mictor is the interface provided by Agilent 411 00:35:47,870 --> 00:35:53,010 for their super high end, super expensive, super awesome equipment. It's impedance neutral. 412 00:35:53,010 --> 00:35:56,730 It does all sorts of other stuff. You can run test points to it. You can run JTAG through 413 00:35:56,730 --> 00:36:03,210 it and everything else. It's spiffy. It's also extremely expensive and there are three 414 00:36:03,210 --> 00:36:08,230 of these guys on the bottom of the board when you take the epoxy off. If you look at this 415 00:36:08,230 --> 00:36:15,230 region here. I'm trying to correct for relative spacing. Oh, there they are, up here. And 416 00:36:16,730 --> 00:36:21,520 then one up in this area. So there are three of these interfaces. Three very expensive 417 00:36:21,520 --> 00:36:27,340 Agilent interfaces, all of which could be a candidate JTAG interface. And that candidate 418 00:36:27,340 --> 00:36:32,350 JTAG would talk to all of the memory devices on this, as well as --> with the the exception 419 00:36:32,350 --> 00:36:39,350 of the nanflash --> and the FPGA. I'll back up a few slides here to show you one other 420 00:36:40,950 --> 00:36:46,190 chip. There's another interesting comment on this. 421 00:36:46,190 --> 00:36:53,190 So there is an I squared C flashable Mux involved in this. And what I mean by that is you can 422 00:36:53,540 --> 00:36:59,040 take a set of pins, a Mux is a device that lets you set pins to other pins, basically. 423 00:36:59,040 --> 00:37:04,630 So you can map inputs to outputs, if you think of it that way. 424 00:37:04,630 --> 00:37:10,820 And there is a device just north of the Atmel chip that is an I squared C multiplexer, flash 425 00:37:10,820 --> 00:37:15,830 multiplexer. And what that device does in essence is it prevents you from talking to 426 00:37:15,830 --> 00:37:22,830 that chip unless you've initialized it properly. So it's a very interesting way to protect 427 00:37:26,350 --> 00:37:31,560 your keying material. So something to think about. 428 00:37:31,560 --> 00:37:36,300 And I'm going to turn it back over to Rob and hopefully we have enough time for some 429 00:37:36,300 --> 00:37:40,500 questions, too. ROB BATHURST: Thank you, sir. 430 00:37:40,500 --> 00:37:47,440 So what have we learned from analyzing all the random crap we get ahold of? Fire bad, 431 00:37:47,440 --> 00:37:54,300 beer good. And that's it. Thanks for coming. No. So the architecture of the whole system 432 00:37:54,300 --> 00:37:59,420 is rarely considered in complex environments. This is pretty much across the board, computer 433 00:37:59,420 --> 00:38:03,500 architecture, software architecture. It doesn't really matter. However with hardware you have 434 00:38:03,500 --> 00:38:07,880 to be especially careful. Because like we were talking with the security appliance and 435 00:38:07,880 --> 00:38:14,880 how they at the pro K decryptor, how it actually functions and how it stores those keys can 436 00:38:15,820 --> 00:38:22,820 entirely negate your very expensive box. You know, always attack the implementation, 437 00:38:23,460 --> 00:38:30,460 not the encryption. You'll spend all freaking day, you know, year, or year, month, day thing, 438 00:38:30,820 --> 00:38:33,660 if you're not -- MARK CAREY: Or until the sun actually burns 439 00:38:33,660 --> 00:38:35,860 out. ROB BATHURST: Exactly. It will take a long 440 00:38:35,860 --> 00:38:39,990 ass time. So attack the implementation, usually it's 441 00:38:39,990 --> 00:38:46,990 made by human beings, which makes it relatively flawed. Look for humans being lazy. That is 442 00:38:47,050 --> 00:38:53,480 also one of my favorite comments, because like we said, epoxy is not a security mechanism. 443 00:38:53,480 --> 00:38:59,420 So, you know, it will normally be, even in large engineering efforts, people cut corners. 444 00:38:59,420 --> 00:39:01,530 There are deadlines, there are things that people overlook. 445 00:39:01,530 --> 00:39:05,760 MARK CAREY: There is one point I want to interject for safety reasons. Don't try it 446 00:39:05,760 --> 00:39:12,300 at home. You have to do certain steps to be safe around burning epoxy. Heating it up is 447 00:39:12,300 --> 00:39:17,620 one thing. Some of the off gases from these things, I mean, you have a whole variety of 448 00:39:17,620 --> 00:39:21,810 things. The process of what's call homeopolymerization, which is what epoxy uses -- 449 00:39:21,810 --> 00:39:23,970 ROB BATHURST: Tangent. Tangent. MARK CAREY: All right. Tangent. But anyway, 450 00:39:23,970 --> 00:39:28,230 the point is it off gases bad stuff and can kill you if you're not careful. 451 00:39:28,230 --> 00:39:30,760 ROB BATHURST: Don't do this at home. We're kind of professionals. 452 00:39:30,760 --> 00:39:37,310 MARK CAREY: Or wear a respirator. ROB BATHURST: Chips don't lie. A chip will 453 00:39:37,310 --> 00:39:40,660 have markings on it. It will have manufacturers. It will be pinned in a certain way. It will 454 00:39:40,660 --> 00:39:47,530 be soldered in a certain way. It only goes in one direction. And if it doesn't, it burns 455 00:39:47,530 --> 00:39:51,400 out. So, you know, look for the placement of the chip, look what it's paired to, look 456 00:39:51,400 --> 00:39:54,660 what bus it sits on, and it will be easy to determine the actual device you're working 457 00:39:54,660 --> 00:39:59,440 with from there. There are chip databases out there that have all kind of markings and 458 00:39:59,440 --> 00:40:05,950 how they're hooked up, and if it's SPI or I squared C, just huge amounts of information. 459 00:40:05,950 --> 00:40:12,760 And then I need more beer. So with that, we may have, what, five minutes for any questions, 460 00:40:12,760 --> 00:40:17,580 yes, no? Fantastic. So thank you for coming to see this. And if 461 00:40:17,580 --> 00:40:20,440 you have any questions, we will be here. (Applause) 462 00:40:20,440 --> 00:40:21,130 Thank you.