Black Hat USA 2014 Trainings are filling fast!

Register now so you don't miss out on the Training course you want | more info

Hacking hardware's (almost) always a good time, so we think you'll like today's trio of highlighted Briefings from Black Hat USA 2013, which all focus, in some way or other, on the hard stuff. Let the vulnerabilities roll.

Technologies don't get much more ubiquitous than NAND memory, which is used in just about every gadget going. But ubiquity rarely equals safety, as Josh "m0nk" Thomas will demonstrate in Hiding @ Depth: Exploring, Subverting, and Breaking NAND Flash Memory. Thomas will show how NAND hardware can be subverted to hide persisting files, opening the door to everything from basic malwares to full-on device bricking. He'll release two open-source Android tools, to both hide and reveal these hidden files, and explore the security implications of NAND's striking vulnerabilities. Think there's an easy fix? Unlikely. Come to the session for the full appraisal.

Windows 8's Secure Boot, based on UEFI 2.3.1's Secure Boot, marks a needed, long-in-coming step toward securing boot sequences against malware. But as ever, the devil is in the minute details, and it turns out that platform vendors are making certain mistakes that can completely undermine Secure Boot's intended protections. Join Intel's Yuriy Bulygin for A Tale of One Software Bypass of Windows 8 Secure Boot, in which he'll demo a full software bypass of Windows 8 Secure Boot and explain how these breaches could've been avoided, had the hardware vendors done things differently.

Cracking crypto is fun, but the high cost of relevant hardware can be a discouraging barrier to entry; not everyone can afford the fancy oscilloscopes used by researchers. But never fear. In Power Analysis Attacks for Cheapskates, Colin Flynn will show you how to create surprisingly advanced crypto-cracking systems that cost a few hundred dollars instead of a few thousand, and, as a bonus, can fit in your pocket. Flynn deploys open source technologies, from the capture board to the Python tools, so attendees will walk away with all the knowledge needed to put together their own low-cost power analysis labs.

Good times, yes? There's plenty more where that came from. Keep checkin' in here each week as we reveal more Trainings, Workshops, and Briefings, or follow on social media:

Twitter
Facebook
Linked in



LatestIntel

  • Black Hat USA 2014: Digital Forensics (aka CSI Online) | more info
  • Black Hat USA 2014: Pentesting? Thought You'd Never Ask | more info
  • Black Hat Asia 2014: Clever Network
    Tricks | more info
View More

UpcomingEvents

ShowCoverage

StayConnected

Fill out the form below to stay up to date on the latest Black Hat info, newsletters and intel.

Email*
First Name
Last Name
Subscription Group

Sustaining Sponsors