RESOURCES

Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | RESEARCH | February 24, 2016

Inside the IOActive Silicon Lab: Reading CMOS layout

Ever wondered what happens inside the IOActive silicon lab? For the next few weeks we’ll be posting a series of blogs that highlight some of the equipment, tools, attacks, and all around interesting stuff that we do there. We’ll start off with Andrew Zonenberg explaining the basics of CMOS layout. Basics of CMOS Layout   When describing layout, this series will use a simplified variant of Mead & Conway’s color scheme, which hides some of the complexity required for manufacturing.   Material Color P doping   N doping   Polysilicon…

Andrew Zonenberg
Blogs | RESEARCH | November 19, 2015

Breaking into and Reverse Engineering iOS Photo Vaults

Every so often we hear stories of people losing their mobile phones, often with sensitive photos on them. Additionally, people may lend their phones to friends only to have those friends start going through their photos. For whatever reason, a lot of people store risqué pictures on their devices. Why they feel the need to do that is left for another discussion. This behavior has fueled a desire to protect photos on mobile devices. One popular option are photo vault applications. These applications claim to protect your photos, videos, etc….

Michael Allen
Blogs | RESEARCH | July 24, 2015

Differential Cryptanalysis for Dummies

Recently, I ventured into the crazy world of differential cryptanalysis purely to find out what the heck it was all about. In this post, I hope to reassure you that this strange and rather cool technique is not as scary as it seems. Hopefully, you’ll be attacking some ciphers of your own in no time! A differential cryptanalysis attack is a method of abusing pairs of plaintext and corresponding ciphertext to learn about the secret key that encrypted them, or, more precisely, to reduce the amount of time needed to…

Keith Makan
Blogs | INSIGHTS | March 26, 2014

A Bigger Stick To Reduce Data Breaches

On average I receive a postal letter from a bank or retailer every two months telling me that I’ve become the unfortunate victim of a data theft or that my credit card is being re-issued to prevent against future fraud. When I quiz my friends and colleagues on the topic, it would seem that they too suffer the same fate on a reoccurring schedule. It may not be that surprising to some folks. 2013 saw over 822 million private records exposed according to the folks over at DatalossDB –…

Gunter Ollmann
Blogs | INSIGHTS | July 16, 2013

2013 ISS Conference, Prague

I had the opportunity to attend the 2013 ISS conference in Prague a few weeks ago. The conference is a place where company representatives and law enforcement (and other government agency) officials can meet to share ideas and products information (such as appliances). Even though I had a sore throat, I still found it quite interesting; although not necessarily in terms of the products and presentations – which I felt was overall a bit flat. It was easy to differentiate between company representatives and government officials. Government officials wore yellow…

Lucas Lundgren
Blogs | INSIGHTS | December 18, 2012

Striking Back GDB and IDA debuggers through malformed ELF executables

Day by day the endless fight between the bad guys and good guys mostly depends on how fast a countermeasure or anti-reversing protection can be broken. These anti-reversing mechanisms can be used by attackers in a number of ways: to create malware, to be used in precompiled zero-day exploits in the black market, to hinder forensic analysis, and so on. But they can also be used by software companies or developers that want to protect the internal logic of their software products (copyright). The other day I was thinking: why…

Alejandro Hernandez
Blogs | INSIGHTS | September 26, 2012

Completely Unnecessary Statistical Analysis: Phone Directory

Disclaimer: I am not a statistician.   A particular style of telephone company directory allows callers to “dial by name” to reach a person, after playing the matching contacts’ names.  In the example used here, input must be given as surname + given name with a minimum of three digits using the telephone keypad (e.g. Smith = 764). To cover all possible combinations, you’d calculate 8^3, or 512 combinations. With a directory that allowed repeated searches in the same call, it would take about seven hours of dialing to cover…

Ryan O'Horo

Thoughts on Supply Chain Integrity

In this video presentation, John Sheehy, VP, Sales and Strategy at IOActive, shares his comprehensive view on the myriad considerations facing business as they undertake supply chain integrity assessments, focused on securing operations.

ACCESS THE VIDEO


IOACTIVE CORPORATE OVERVIEW (PDF)