Skip to content

cryptotronix

  • Home
  • About
  • Videos
  • Training
  • Blog
  • Contact

Category: Training

Featured
June 23, 2022July 13, 2022 by Josh Datko

What is the Device Identifier Composition Engine (DICE)?

In this episode, I introduce the DICE (Device Identifier Composition Engine). I mentioned the motivation for the Trusted Computing Group (TCG) to make this standard and why its specifically tailored for embedded devices like MCUs and smaller controllers. Read More

Training, Videos 1 Comment
Featured
June 14, 2022June 23, 2022 by Josh Datko

Microchip SAMA7G54 EVK and ATECC608 & Spearf1sh and the SAMA7G54 EVK

In this episode I talk about the ATECC608 that’s on the SAMA7G Eval Kit and why, even though the SAMA7 includes TrustZone, you would want an external IC. Read More

Training, Videos 1 Comment
Featured
May 4, 2022 by Josh Datko

fs-verity: Embedded Linux File Protection

Embedded Linux devices are generally lacking in security, but especially file system security. While I’m seeing the ship start to turn with respect to secure boot, there is still a wide lack of file system prevention and monitoring security. Read More

Training, Videos 1 Comment
Featured
January 20, 2022February 2, 2022 by Josh Datko

CWE 1277: Firmware Not Updatable

The title of this CWE sounds like an error you’d get trying to update your smart toothbrush. In this short video I go over the security issues with static firmware and quickly talk about update strategies with microcontrollers and embedded linux platforms. Read More

Training, Videos 1 Comment
Featured
December 16, 2021January 6, 2022 by Josh Datko

CWE 1231: Improper Prevention of Lock Bit Modification

In this video Josh discusses what this lock bit could do and provides a RISCV example as well. Read More

Training, Videos 1 Comment
Featured
December 15, 2021January 6, 2022 by Josh Datko

CWE 1191: On-Chip Debug and Test Interface With Improper Access Control

In this video we discuss CWE 1191: On-Chip Debug and Test Interface With Improper Access Control. Read More

Training, Videos
Featured
October 7, 2021December 16, 2021 by Josh Datko

Toorcon: San Beagle eCTF

CTF at Toorcon is next week! Check it out at advsec.io/ctf. Read More

Events, Training, Videos 1 Comment
Featured
September 21, 2021December 16, 2021 by Josh Datko

Season 1 Episode 4 of Bytes, Boards, and Books

In this video, I go over my favorite and not-so-favorite RISCV dev boards and RISCV books. Not surprisingly, the best boards IMHO are coming from SiFive right now. Read More

Training, Videos 1 Comment
Featured
September 3, 2021December 16, 2021 by Josh Datko

Security Logging and Monitoring in the IoT

Insufficient logging and monitoring have been on the OWASP Top 10 for some time now, but is this applicable to IoT deployments as well as web apps? Read More

Training, Videos 1 Comment
Featured
July 29, 2021December 16, 2021 by Josh Datko

Advanced Security Intro to Hardware Hacking and Reverse Engineering Preview

In this video Josh gives a small taste of what you can expect in the Introduction to Hardware Hacking and Reverse Engineer Course at Advanced Security. Specifically, he shows the run-time interpreter used to directly PEEK and POKE memory address. Read More

Events, Training, Videos

Posts navigation

← Older posts

Recent Posts

  • How to handle time on embedded systems?
  • What is the Device Identifier Composition Engine (DICE)?
  • Microchip SAMA7G54 EVK and ATECC608 & Spearf1sh and the SAMA7G54 EVK
  • fs-verity: Embedded Linux File Protection
  • Announcing the Cryptotronix Podcast
  • The UK Product Security and Telecommunications Infrastructure (PSTI) Bill
  • Mistakes in Custom Embedded Protocols
  • Infosec’s Midlife Crisis
  • Cybersecurity gets no respect!
  • CWE 1277: Firmware Not Updatable
  • CWE 1272: Sensitive SRAM

Enter your email to subscribe to new posts.

Automattic.
 

Loading Comments...