The title of this CWE sounds like an error you’d get trying to update your smart toothbrush. In this short video I go over the security issues with static firmware and quickly talk about update strategies with microcontrollers and embedded linux platforms. Read More
In this video, I’ll tell you how to save money and build your own SRAM PUF instead of paying some licensing fees, why vulnerabilities in bitcoin hardware wallets are a good thing, and how forgetting to forget secrets can get you in stormy seas. Read More
CWE 1240, a top 2021 Hardware CWE deals with using risky cryptographic primitives. Read More
In this video Josh discusses what this lock bit could do and provides a RISCV example as well. Read More
In this video we discuss CWE 1191: On-Chip Debug and Test Interface With Improper Access Control. Read More
osh discusses the Most Important Hardware Weaknesses of 2021. In this video he goes over CWE 1189, Improper Isolation of Shared Resources on System-on-a-Chip (SoC). Read More
Happy Veteran’s Day y’all. Read More
CTF at Toorcon is next week! Check it out at advsec.io/ctf. Read More
In this video, I go over my favorite and not-so-favorite RISCV dev boards and RISCV books. Not surprisingly, the best boards IMHO are coming from SiFive right now. Read More
SHIELDS UP! Season 2 Episode 2 with Cryptotronix CEO Josh Datko is scheduled on September 22nd at 8:00 a.m. PDT. He will share how his consulting firm starts with a threat model discussion and how they help strengthen trust on non-TLS networks. https://mchp.us/3BGDbHY Read More
