Ep:1.11 How to handle time on embedded systems

Ep:1.11 How to handle time on embedded systems

How to securely handle time on embedded systems? Do you trust your time or not? What should you do if the certificate expires? Where do you sync your time from? These are all questions that routinely come up during the design of an embedded system and they often have very real security impacts. I talk about how to think about these questions and why, to a certain degree, they are the wrong question to ask. Also, I show a fun demo of receiving the new time format from WWVB using the Everset ES100 receiver to pull the 60kHz BPSK signal from the air.

Ep:1.10 What is DICE (Device Identifier Composition Engine)?

In this episode, I introduce the DICE (Device Identifier Composition Engine). I mentioned the motivation for the Trusted Computing Group (TCG) to make this standard and why its specifically tailored for embedded devices like MCUs and smaller controllers.  Then I give a quick overview of the hardware requirements for DICE and its refreshingly simple, although I do have some questions of how this is implemented (remember attack the implementation, not the standard). The DICE core has a nice similarity to the PCR feature of the TPM.  Then I talk about where this episode series is going and how you can play along! https://trustedcomputinggroup.org/wp-content/uploads/Hardware-Requirements-for-Device-Identifier-Composition-Engine-r78_For-Publication.pdf

Ep:1.09 Hardware hacking does not always go according to plan

Sometimes hardware hacking doesn't always go according to plan and you end up destroying the target. It happens. In this episode, I get a pair of connected shoes to remove the tracker and things start to go wrong.

Ep:1.08 ATECC608 on the SAMA7G Eval Kit

In this episode I talk about the ATECC608 that's on the SAMA7G Eval Kit and why, even though the SAMA7 includes TrustZone, you would want an external IC. I think talk about how we included some nice ATECC608 python support in Spearf1sh (the embedded Linux distro) to let you hack on this more easily.

Ep:1.07 Spearf1sh on the Microchip SAMA7G5

There's a new Linux SoC by Microchip, the SAMA7G5! It's a single-core, low power, ARM Cortex-A7 with some nice security features. Because of the nice Linux4SAM project, I was able to port Spearf1sh, our embedded hacking Linux distro onto it pretty quickly! https://www.microchip.com/en-us/product/sama7g54 https://github.com/advancedsecio/spearf1sh