Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | INSIGHTS, RESEARCH | April 17, 2024

Accessory Authentication – part 3/3

This is Part 3 of a 3-Part series. You can find Part 1 here and Part 2 here. Introduction In this post, we continue our deep dive comparison of the security processors used on a consumer product and an unlicensed clone. Our focus here will be identifying and characterizing memory arrays. Given a suitably deprocessed sample, memories can often be recognized as such under low magnification because of their smooth, regular appearance with distinct row/address decode logic on the perimeter, as compared to analog circuitry (which contains many…

Andrew Zonenberg
Blogs | INSIGHTS, RESEARCH | April 17, 2024

Accessory Authentication – part 2/3

This is Part 2 of a 3-Part series. You can find Part 1 here and Part 3 here. Introduction In this post, we continue our deep dive comparison of the security processors used on a consumer product and an unlicensed clone. Our focus here will be comparing manufacturing process technology. We already know the sizes of both dies, so given the gate density (which can be roughly estimated from the technology node or measured directly by locating and measuring a 2-input NAND…

Andrew Zonenberg
Blogs | INSIGHTS, RESEARCH | April 17, 2024

Accessory Authentication – Part 1/3

This is Part 1 of a 3-Part series. You can find Part 2 here and Part 3 here. Introduction Manufacturers of consumer electronics often use embedded security processors to authenticate peripherals, accessories, and consumables. Third parties wishing to build unlicensed products (clones) within such an ecosystem must defeat or bypass this security for their products to function correctly. In this series, the IOActive silicon lab team will take you on a deep dive into one such product, examining both the OEM product and the clone…

Andrew Zonenberg
Blogs | EDITORIAL, RESEARCH | March 28, 2024

Hack the Sky: Adventures in Drone Security | Gabriel Gonzalez

Taking aim at the attack surface of these buzzy devices uncovers real-world risks In the grand theater of innovation, drones have their spot in the conversation near the top of a short list of real game changers, captivating multiple industries with their potential. From advanced military applications to futuristic automated delivery systems, from agricultural management to oil and gas exploration and beyond, drones appear to be here to stay. If so, it’s time we start thinking about the security of these complex pieces of airborne technology. The Imperative Around Drone…

Gabriel Gonzalez
Blogs | INSIGHTS | March 27, 2024

IOActive Presents at HARRIS 2024, a Unique Workshop for Chip Reverse Engineering | Tony Moor

The Hardware Reverse Engineering Workshop (HARRIS) is the first ever annual workshop devoted solely to chip reverse engineering, and 2024 was its second year. IOActive has been present both years, and this year I attended to see what all the fuss was about. Background The workshop is organized by the Embedded Security group of the Max Planck Institute for Security and Privacy (MPI-SP) together with Cyber Security in the Age of Large-Scale Adversaries (CASA) and

Tony Moor
Blogs | EDITORIAL | March 1, 2024

Opinion: AGI Influencing the Secure Code Review Profession

It’s tough to be a secure code reviewer. There are already over 700 programming languages according to Wikipedia, and seemingly more languages materializing every year. Expectations are high that rapid developments in Artificial Generative Intelligence (AGI) will bring a new suite of languages and security issues that’ll have an oversized impact on software development. Consequently, secure software development lifecycle (SDL) processes and security code review are having to evolve rapidly. I’m both excited and nervous about AGI advancements in the world of software development and secure…

Gunter Ollmann
Blogs | RESEARCH | February 6, 2024

Exploring AMD Platform Secure Boot | IOActive Labs Blog | Krzysztof Okupski

Krzysztof Okupski, IOActive Associate Principal Security Consultant, has posted a blog in the continuing research into platform security. In a previous IOActive Research post on platform security (see ‘Back to the Future with Platform Security’), we provided a brief introduction into platform security protections on AMD-based platforms and touched upon the topic of AMD Platform Secure Boot (PSB). In this installment of the platform security blog series, we will dig deeper into the details of PSB, including a first glimpse of how it works under the hood,…

Krzysztof Okupski
Blogs | RESEARCH | January 18, 2024

Owning a Bitcoin ATM | IOActive Labs Blog | Gabriel Gonzalez, Antonio Requena, Sergio Ruiz

In this IOActive Labs blog, Gabriel Gonzalez, Antonio Requena and Sergio Ruiz, of IOActive Research, explains the steps they followed to identify a series of vulnerabilities (CVE-2024-0175, CVE-2024-0176 and CVE-2024-0177) that allows full control over Bitcoin ATMs. Nowadays, Bitcoin and cryptocurrencies might look less popular than they did just a few years ago. However, it is still quite common to find Bitcoin ATMs in numerous locations. IOActive had access to few of these machines, specifically to Lamassu’s Douro ATM. This provided the team with the opportunity…

Gabriel Gonzalez Antonio Requena & Sergio Ruiz
Blogs | EDITORIAL | December 19, 2023

Navigating the Cybersecurity Threatscape of Today’s Airports

Everything is ‘Connected’ in Today’s Modern Airports Cybersecurity in global aviation is increasingly dependent on vulnerabilities in Information Technology (IT) and Operational Technology (OT) systems. The definition of OT systems in this context is defined as hardware and software dedicated to detecting or causing changes in physical processes through direct monitoring and/or control of physical devices such as valves or pumps. OT systems are much less organized and are rarely monitored as closely as conventional IT networks. Airports use several critical OT systems, including baggage handling, airport refueling systems, runway lights,…

Kevin Harnett
Blogs | EDITORIAL | October 19, 2023

A SAFE Journey to Selling Devices to Cloud and Datacenter Providers

Observations from the OCP Global Summit | San Jose, CA | October, 18, 2023 If you missed it, there was a significant launch of the Open Compute Project (OCP) Foundation’s new community-led security program for improving device security underpins a fundamental change in the way device vendors and manufacturers engage and sell their products to the worlds leading cloud and datacenter providers. Beyond standing up a framework for driving continuous security conformance assurance, the Security Appraisal Framework and…

Gunter Ollmann

Commonalities in Vehicle Vulnerabilities

2022 Decade Examination Update | With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face.

This analysis is a major update and follow-up to the vehicle vulnerabilities report originally published in 2016 and updated in 2018. The goal of this 2022 update is to deliver current data and discuss how the state of automotive cybersecurity has progressed over the course of 10 years, making note of overall trends and their causes.