Q3 review and Upcoming Training

Five years ago while I still worked on pre- and post-silicon penetration testing of CPUs, I began teaching internal courses on hardware security to functional validators. That was when I first realized the incredible leverage that was possible with effective training - and also the dearth of information on hardware security practices in the industry.
Since then, I began SecuringHardware.com, and have had the opportunity to speak and train publicly and privately around the world. Publishing independent research teaching short workshops at conferences has allowed me to build the business almost entirely by word of mouth, minimizing my adherence to the typical business status quo.  

As course offerings and audience grow, it seems like now is the right time to begin a quarterly update. I hope to include recap of recently presented research, course updates, and upcoming public classes. As always, feel free to get in touch with me directly for more information.


Joe FitzPatrick
Trainer and Researcher, SecuringHardware.com

Upcoming Events

Applied Physical Attacks on x86 Systems, October 10-13 in Portland, OR:
There are still seats available in this 4-day training. Register.

SecuringHardware.com is proud to sponsor Security BSides Portland. Joe will be presenting in the “Rootkits, Backdoors, and Implants” track on Friday, October 14.

Introductory Physical Attacks on Embedded Systems, OWASP Portland training day, November 1 in Portland, OR:
This low-cost half-day workshop will be held in conjunction with 3 other OWASP trainings. Registration will be live shortly.

Applied Physical Attacks on Embedded Systems at HushCon; December in Seattle, WA:
This is the first US offering of this completely revised course, built on 4 years of research and practice. Register.

Q3 Recap

Lockscreen bypass using SLOTSCREAMER - one of the tools used in Applied Physical Attacks on x86 Systems

Viceland’s CyberWar: Episode 8 in the series featured several contributors to the NSA Playset briefly showing off tools that mimic capabilities from the leaked ANT catalog. We like to think they were referring to us when they titled the episode “America’s Elite Hacking Force”.

Black Hat: With the addition of a few new labs, Applied Physical Attacks on x86 Systems barely fit into a sold-out 4-day training. At the conference, Joe presented “The Tao of Hardware, the Te of Implants”. Slides and Whitepaper are online.

Defcon: A dry-run of Physical Attacks on Embedded Systems debuted as a free half-day workshop introducing the basics of embedded hardware hacking to 52 attendees. Joe joined a panel on counterfeiting Defcon Black Badges, and co-presented years of unintentional research in 101 Ways to Brick your Hardware along with Joe Grand. Joe also worked with Poitr of 1BitSquared to deliver Hands on JTAG for Fun and Root Shells in the Hardware Hacking Village.

44Con: September’s European tour kicked off with the first full offering of Applied Physical Attacks on Embedded Systems in London as part of 44CON’s training. This was the first run of this class, completely rebuilt from scratch, taking into account 4 years of research and experience training on these topics.

Hardware.io: All of that training equipment hopped across the channel for Applied Physical Attacks on x86 Systems in The Hague. Joe had a tough job following Sergey Bratus’s excellent keynote, but presented demos and discussion of his hardware implants.

Plans for 2017

Training Content: 2017’s primary objective will be to expand existing classes. New labs targeting physical attacks on DRAM should be ready as well as additional attacks on ARM android tablets will be included midyear, and a few additional CTF-style exercises will be added throughout both classes.

Public Classes: The next newsletter should contain info about 2017 public offerings, which will most likely include CanSecWest and Black Hat. A few spring courses in Europe are also a possibility.

New Research: Current projects in development for next year include tools for dirt-cheap mass surveillance and new ways of physical memory acquisition.

New Courses: Long in waiting, 2017 may finally be the year for Physical Attacks and Silicon Defense. This 4-day hands-on workshop will walk through the entire process of pre and post silicon security validation for an SOC.

Joe FitzPatrick

Written by

Joe (@securelyfitz) is an Instructor and Researcher at SecuringHardware.com. Joe has spent his carrer working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontroller. He has spent the past decade developing and leading hardware security-related training, instructing hundreds of security researchers, pen-testers, hardware validators worldwide. When not teaching classes on applied physical attacks, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.