Turtles All the Way Down: Firmware and bootloaders.

  bios boot_loaders computers engineering firmware opensource software systems

After rethinking this post a little, I feel a need to caveat things: In a previous post in this series I mentioned the possibility of using an open source System On A Chip because it would simplify the construction process somewhat. I've been doing some more research and I'm not certain that all SoC's (if that is the direction a project like this would go in) require system firmware of the sort we're about to discuss. The Broadcom BCM2835 mentioned earlier, for example, has firmware on board that is sufficient to initialize the hardware and then try to load the …

Read more...

Turtles all the way down: SoCs and Storage

  computers engineering firmware fpga hardware microprocessors opensource peripherals storage system_on_a_chip trade_offs trust

This brings us along to designs that are rather common even though we don't normally think of them as either common or systems. By this, I refer to SoC's - Systems On A Chip. As the name implies, they are full (or nearly so) computers implemented as single mother-huge silicon chips (relatively speaking). On the die you'll find a CPU or microcontroller, supporting electronics for same, an MMU, and enough interfaces to do whatever you want, be it plug in a USB keyboard and mouse, an Ethernet adapter, or a simple USB-to-serial converter circuit. An excellent example of a SoC is …

Read more...

B0rked into a brick.

  another_stupid_attack_name_beginning_with_ph attack brick dos eusecwest firmware pdos

As if it wouldn't be interesting enough at EuSecWest this week, another hardware attack has been discovered. This one is arguably nastier because it could conceivably cost the user quite a bit of money if someone hoses equipment by forcing a bad firmware flash. Rich Smith, who is the head of research into offensive technologies and threats at the HP Systems Security Lab (you know, they really could have come up with a more ominous name for their outfit) has developed a method in which an attacker can cause a permanent denial of service attack on a unit by finding …

Read more...

Belated LayerOne entry number two.

  airport bios burbank burlesque business_cards communion_wafers convention exploits firmware food fuzzing genetic_algorithms hijinks layerone man_in_the_middle payloads pci_rootkits physical_access_control programming proximity_cards px

1048 PST8PDT - Burbank Airport.

What a dump. I finally got to see more of it because I'll be stuck here for a few hours. When I originally arrived we were ushered out of the terminal to the curbside baggage pickup without ceremony, only security guards, so I wasn't able to take the fifty cent tour of the terminal.

It's small. There's noplace to eat, save for a really, really crappy cafe' that serves hideously bad wraps and lousy smoothies. By 'noplace' I mean just that - there are no other places to go in terminal B for food unless you want …

Read more...