What to bring:
Students are required to bring their own laptop running Windows XP/2000 with a web browser installed and containing functional Ethernet, USB, and Serial ports (DB-9). The laptop will be used for web-based research and to control the test equipment used in the course (software and drivers will be installed but can be removed at the end of the course).
No loaner laptops will be available. Students who do not bring a laptop or who have laptops running other operating systems may work with a willing partner for the hands-on exercises that require Windows.
No electronics, hardware hacking, or computer security experience is necessary, but a passing familiarity of basic concepts may make the class easier to swallow.
Hardware hacking. Mods. Tweaks. Though the terminology is new, the concepts are not: A gearhead in the 1950s adding a custom paint job and turbo-charged engine to his Chevy Fleetline, a ’70s teen converting his ordinary bedroom into a “disco palace of love,” complete with strobe lights and a high-fidelity eight-track system, or a technogeek today bypassing the cryptographic authentication routines of the Microsoft Xbox to allow him to play homebrew games written by hobbyists. Building on an existing idea to create something better. Making products do things they were never intended to do. Reverse engineering products to defeat protection and security mechanisms. These types of self-expression can be found throughout recorded history.
This course is the first of its kind. We focus entirely on hardware hacking. It's hands-on. Not only do we, as hackers, explore reverse engineering and hardware hacking techniques, we also look at defense mechanisms and technologies that we, as designers, can use to protect our products from attackers. We'll guide you through an introduction to reverse engineering, explore the basic electronics fundamentals and common test equipment, and then dive into the step-by-step processes of successful circuit modifications and hardware hacking.
- Familiarity with basic electronic components and theories
- General use of test measurement equipment
- Understand the mindset of a hardware hacker and why he does what he does
- Gain a knowledge of how to successfully reverse engineer products
- Learn about embedded security, ways to design hardware securely, and ways to defeat those mechanisms
- Become confident that you can open a piece of hardware without breaking it (and maybe how to fix it if you do!)
By the time the student finishes the class, the student will have the confidence and experience to modify and tinker with hardware, reverse engineer technologies, and evaluate the security of his own products. The student will also be familiar with the mindset of a hardware hacker, basic electronics concepts, and how to use common test measurement tools.
Although the course is more focused on hardware hacking techniques and the reverse engineering of existing products, the course will also examine many of the topics from a designer's point of view to enable him to properly incorporate security into his own hardware products and protect them from attackers.
As a caveat: Engineering, hardware hacking, and reverse engineering are skills that requires time, determination, and experience if you want to be proficient in the field. We cover a lot of material in this two-day session and the course will guide you through the process so that you'll be able to find your way around and explore the guts of your favorite hardware technologies on your own.
What to Expect:
This course is the best of both worlds - whether you're a computer security professional looking for more tools for your consulting toolbox or whether you're a design engineer looking for ways to protect yourself, you're sure to learn something. And, you'll most definitely have fun in the process.
Students should expect to get their hands dirty with some basic electronics construction and reverse engineering exercises. The students will work alone for the majority of the course and in groups at the end for the final hardware hacking challenge.
The student should come into the class with an open mind and a sense of humor. It's my goal to make the classroom a fun, educational, and exciting environment. Interaction with classmates will be required and the student should not be afraid to ask questions in front of others.
Expect to leave the course with a smile on your face and a hacked circuit board around your neck.
Each student will be presented with the following materials and resources to be used and referenced throughout the course:
- Printed course lecture slides
- Electronics measurement tools, including a multimeter, oscilloscope, soldering iron, and device programmer
- Safety equipment
- All other necessary tools, components, and circuit boards
- Internet access (to be used with appropriate caution)
Following successful completion of the course, each student will leave with:
- CD-ROM containing the course lecture slides and copious research papers, notes, and references
- Grand Idea Studio's hardware hacking training circuit board
The class is a crash course in electronics, hardware hacking, and reverse engineering which spans two days. The first day introduces the students to the basics of electronics, common hardware hacking tools, and fundamentals of reverse engineering. The second day continues with more hardware hacking experiments and advanced techniques, and is concluded with a full-scale, hands-on hardware hacking challenge performed in small groups.
Who should take this class:
The target audience for this course is computer security consultants, design engineers, technical management, senior management, and any other individuals that are looking for a hands-on experience of hardware hacking and reverse engineering.
The course aims to educate everyone, from the beginner hobbyist or curious computer security professional with no electronics experience, to the self-proclaimed "gadget geek." Whether you like to get your hands dirty with hacking hardware or you just are curious about how hackers will reverse engineer your products, this course will be of benefit.
Course Length: 2 days
Cost: 1350 EUR before 1 March 2005 or 1550 EUR after 1 March 2005. All course materials, lunch and two coffee breaks will be provided. NOTE: this is a two day course. A Black Hat Certificate of Completion will be offered. You must provide your own laptop.
This class is limited to 10 students.
President and Principal Electrical Engineer, Grand Idea Studio
Joe Grand is the President and Principal Electrical Engineer of Grand Idea Studio, a San Diego-based product development and intellectual property licensing firm, where he specializes in the invention and design of consumer electronics, toys, video games, and medical devices.
Joe has testified before the United States Senate Governmental Affairs Committee and is a former member of the legendary hacker collective L0pht Heavy Industries. He is the author of many security-related software tools, including pdd, the first forensic acquisition application for Palm devices. Joe currently has a patent pending on a hardware-based computer memory imaging concept and apparatus (U.S. Patent Serial No. 10/325,506) and another pending on a unique apparatus, method, and systems for viewing a virtual environment.
Joe is a prominent speaker and has presented his work at numerous academic, industry, and private forums, including the United States Air Force Office of Special Investigations, the Naval Postgraduate School, the IBM Thomas J. Watson Research Center, the Embedded Systems Conference, the Black Hat Briefings, and DEFCON. He has appeared in documentaries and news for television, airplane in-flight programming, and print media outlets.
Joe is the author of "Game Console Hacking and Hardware Hacking: Have Fun While Voiding Your Warranty", a co-author of "Stealing The Network: How to Own A Continent", and is a frequent contributor to other texts. Joe holds a Bachelor of Science degree in Computer Engineering from Boston University.