Skip to content

cryptotronix

  • Home
  • About
  • Videos
  • Training
  • Blog
  • Contact

Author: Josh Datko

I'm the owner of Cryptotronix, an embedded security company. As a submarine officer, I was sent to Afghanistan to ensure that the Tailiban did not develop a submarine force--mission accomplished! Author of BeagleBone for Secret Agents, presenter at HOPE and DEF CON, and Black Hat Trainer.
Featured
July 13, 2022July 13, 2022 by Josh Datko

How to handle time on embedded systems?

How to securely handle time on embedded systems? Do you trust your time or not? What should you do if the certificate expires? Where do you sync your time from? Read More

Videos Leave a comment
Featured
June 23, 2022July 13, 2022 by Josh Datko

What is the Device Identifier Composition Engine (DICE)?

In this episode, I introduce the DICE (Device Identifier Composition Engine). I mentioned the motivation for the Trusted Computing Group (TCG) to make this standard and why its specifically tailored for embedded devices like MCUs and smaller controllers. Read More

Training, Videos 1 Comment
Featured
June 14, 2022June 23, 2022 by Josh Datko

Microchip SAMA7G54 EVK and ATECC608 & Spearf1sh and the SAMA7G54 EVK

In this episode I talk about the ATECC608 that’s on the SAMA7G Eval Kit and why, even though the SAMA7 includes TrustZone, you would want an external IC. Read More

Training, Videos 1 Comment
Featured
May 4, 2022 by Josh Datko

fs-verity: Embedded Linux File Protection

Embedded Linux devices are generally lacking in security, but especially file system security. While I’m seeing the ship start to turn with respect to secure boot, there is still a wide lack of file system prevention and monitoring security. Read More

Training, Videos 1 Comment
Featured
April 21, 2022April 21, 2022 by Josh Datko

Announcing the Cryptotronix Podcast

Announcing the Cryptotronix Podcast! Read More

Announce 1 Comment
Featured
April 19, 2022April 19, 2022 by Josh Datko

The UK Product Security and Telecommunications Infrastructure (PSTI) Bill

The UK is proposing some interesting device cybersecurity legislation that will impact more people than they realize. Read More

Videos
Featured
April 6, 2022April 19, 2022 by Josh Datko

Mistakes in Custom Embedded Protocols

Having audited a few custom protocols, as nearly every embedded project decides to implement them, nearly every one has had a security issue. In this video I discuss the top three issues I’ve seen. Read More

Videos 1 Comment
Featured
February 10, 2022April 6, 2022 by Josh Datko

Infosec’s Midlife Crisis

Using the latest issue of IEEE Security & Privacy as a front to discuss this topic, I talked about the different focus areas of information security. Read More

Videos 1 Comment
Featured
February 2, 2022February 2, 2022 by Josh Datko

Cybersecurity gets no respect!

The article, “Design for Cybersecurity from the Start” in MIT Sloan Management Review, really nails the continued issue with security for product design. Read More

Videos
Featured
January 20, 2022February 2, 2022 by Josh Datko

CWE 1277: Firmware Not Updatable

The title of this CWE sounds like an error you’d get trying to update your smart toothbrush. In this short video I go over the security issues with static firmware and quickly talk about update strategies with microcontrollers and embedded linux platforms. Read More

Training, Videos 1 Comment

Posts navigation

← Older posts

Recent Posts

  • How to handle time on embedded systems?
  • What is the Device Identifier Composition Engine (DICE)?
  • Microchip SAMA7G54 EVK and ATECC608 & Spearf1sh and the SAMA7G54 EVK
  • fs-verity: Embedded Linux File Protection
  • Announcing the Cryptotronix Podcast
  • The UK Product Security and Telecommunications Infrastructure (PSTI) Bill
  • Mistakes in Custom Embedded Protocols
  • Infosec’s Midlife Crisis
  • Cybersecurity gets no respect!
  • CWE 1277: Firmware Not Updatable
  • CWE 1272: Sensitive SRAM

Enter your email to subscribe to new posts.

 

Loading Comments...