Firmware security is lame on any device


A small research on lot´z of device´s that i made show´s me how weak and lame is the security to prevent the magic´s inside of the firmware. Coder´s are lazy or nobody want´s a secure firmware.

For example a AES is very strong encryption if you bitslice the weakness of a key. The CBC mode need´s a IV  init vector and the X long bit key. If somebody uses a public SHA as a init vector that is easy to grab it´s stupid anyway.

Most of the problems depend on the SDRAM that work with unencrypted data and is easy to log with a arduino with few I/O´s that are needed.

The firmware is mostly the key to all needed magic´s. If the firmware is not encrypted you can trojan the hardware and sniff all confidential stuff even on secure microcontroller.

The structure of microcontrollers are easy first came he boot loader code and then the jump to the main application code and it has enough space left in the free zone to code a simple debug out on a port. IT´s needed to patch or define a jump to your trojan horse.


Any injection on the original application code is more then weak it´s human laziness.

Crypto Companies are not God and the staff too. They make mistakes or spit on security, a real security managements is bad for business. I like miracles and black box hacking it´s a good feeling if you have success to break any crypto engine cause of the bug´s inside hard and software like the SLE44 series and other project´s i was involved.


Über fanlashtic

Idiot on duty
Dieser Beitrag wurde unter Allgemein, Company´s and Investors, Weak Hardware abgelegt und mit , , , , verschlagwortet. Setze ein Lesezeichen auf den Permalink.