Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

Why I Like Hardware Hacking
(and if you haven't tried it, here's a few tips on getting started!)
bunnie (@bunniestudios)

Does Hardware Even Matter Anymore?

The Illusion of Possibility:
Infinite Borders, Finite Volume
AntonioMigueldeCampos–Publicdomain

OpenStaxCollege–Anatomy&Physiology,ConnexionsWebSiteCCBY3.0

There's Things You Just Can't Do Without the Right Hardware

And Some Things Are Just Way Easier With the Right Hardware
RehmanCCBY2.0
+ many many years...+ 2 weeks
Windsor/Cyclopsviatheintercept.com

�� %
/��
/��.��
0#��
��
��
/��-0#��
��1�2��

The Obvious One: Capability
●
Improvements in
Performance, Power or
Size
Fensterblick–CCBYSA3.0

(�� 1 ��
��+��
4��
4��5�!��1�6)�7��)��89�5�
��1��$ � '�:��&/� ��&�

Strong Crypto + Hardware Security:
Limited Options?
RehmanCCBY2.0
+ a billion billion
years...
Windsor/Cyclopsviatheintercept.com

http://knowyourmeme.com/memes/red-pill

The Matrix
( 黑客帝国 )
hei ke di guo

Hacking Hardware to Extract Secrets
●
Passive
●
Direct observation
– Optical
– SEM
●
Side-channel (emissions)
– Power
– RF
– Optical
●
Active
●
Fault induction
– Glitching (clock/VDD)
– Coupling (e.g. row hammer)
– Photonic
●
FIB edit

(�� )� �� 2��
�� $��>��

(�� )�2��'�!$��
��&�� '��'�?�� .'�1�'�9��@�'�"��'��'��2��'�@ ��A�� &��0�� $ � ��2��0�B

(�� )�(�� 1�� 7/�� '�
��'��&��'�:��A/��.��&��$ � ��, ��#�� 0��$��2�7'�C'��D�� B
�&��&� ��<��EED�=

Passive: RF Side-Channels
Moradi, A and Schneider, T. “Improved Side-Channel Analysis Attacks on Xilinx Bitstream Encryption of 5, 6, and 7 Series”

Active: FIB
From http://www.electronicdesign.com/eda/fib-circuit-edit-becomes-increasingly-valuable-advanced-node-design
Kriegor27–Pubilcdomain
Cmthep,CC-BY-SA3.0

#�� )�+��'��: ��8'��2��'�

Fault Injection
●
Modify/corrupt memory in semi-predictable ways
●
Alter computational results
●
Branch targets
●
Cryptographic computations
●
Change reset states
TwiizerhackviaMarcan.st

#�� )�/��'��
1 ��>��
3��&�� ;--+++��&��-�� -�&�� &��

Without the Right Hardware, There's Things You Just
Can't Do
OpenStaxCollege–Anatomy&Physiology,ConnexionsWebSiteCCBY3.0

And Things You Just Can't Be Aware Of

�� .��>��
@��
��

�$��&��!��$��

Observation: Computers are Primarily Defined
By Their Interaction Hardware
SparkfunCCBY2.0
GarethHalfacreeCCBYSA2.0
FromGigabyte.com
●
For a given performance tier, core architecture is 80% identical

��''��
/3�#��?��

Prusiai3viaReprap.org–GNUFreeDocLicense
EEZH24005viaelectronics-lab.com

� �
#�� )�#��!6� ��
��,��>��
�&�,��<��2��=
��(�1��.��
9�� ,�:&��.��F��
(>.��
/��3�� )��

� �
�� #�
�
><=�� '��
��
�
?<=��'� ��$�� 7
�� 7��$��

:&��A/�:B �/�-��&��
(�!�� <�1��'�1�� '�� =

��J��
2�)�1�$�' �� 0��('��

So...Why Aren't There More Hardware Hackers?

"Welcome to the Desert of the Real"
https://ladygeekgirl.wordpress.com/2016/02/11/throwback-thursdays-the-matrix-broke-the-90s/

The Desert is Real
Marlenanopoli-CC0
rm -r *

The Problem with Hardware is
That It's Made out of Atoms.
And Atoms are Annoying.

Atoms are Owned and Traded.
Jonathunder–CCBYSA3.0

Atoms are Imperfect.
RobLavinsky,CCBYSA3.0

Atoms Don't Move On Their Own.

Reality Check:
Pearl River Delta – Right Here, Right Now

Dumpster Diving For
Factories
Depreciate 3 yrs, sell as
Scrap for $100k
Use for 10 yrs, sell as scrap
For $10k
$1mm investment in top-of-line
Assembly equipment
Picked up by small factories
(but same capability)
Excess capacity for cheap

When It's Easy To Have a Factory,
Any One Can Have One

#$ ��)� �� 9�+��

/��)� �� +��

Hardware is Hard...If you Don't Have the Right Tools

https://www.youtube.com/watch?v=68IvuxHzw2A

��,2��>��

Even the Mightiest Rivers Start as Raindrops
10 mm assembly labor
100k technicians/engineers
1 billion people
1000 managers/designers
10 major new tech corps
(1980, foxconn, huawei, etc.)
(1990, diaspora of medium-
small factories)
(2000, rise of the Shanzhai)
(2010, xiaomi, tencent,
taobao, alibaba, etc.)
Dotcom boom
Maker
Movement
Cold war
Engineers
USAChina

A Healthy Ecosystem Has A Wide Base
https://sites.google.com/site/lmwhitebiology/ecology/ecological-pyramids-1/pyramid-of-biomass

It Takes an Ecosystem to Build Hardware
System
Integrator
Plastics
PCBA
Firmware
Tooling
Components
ID

The Problem with Ecosystem Loss
MarcinChandy–CCBY2.0
ZhaoChuangviawww.amnh.org

The Problem with Ecosystem Loss

The Other Problem with Ecosystem Loss

The Good News
Leonardo DaVinci – Vitruvian Man photo by
Luc Viatour / https://Lucnix.be via Wikipedia (Public Domain)Isaac Newton / Principia (Public Domain)

Hardware Knowledge is Cumulative
●
Programming languages I've had
to learn:
●
BASIC
●
C
●
Assembly of various flavors
●
C++
●
Pascal
●
Perl
●
Java
●
Python
●
Javascript
●
Rust
●
Verilog
●
VHDL
●
Bash
●
Go
●
...
●
Equations I've had to learn:
●
Maxwell's equations
– Gauss's Law
– Gauss's Law for magnetism
– Faraday's Law
– Ampere's law with Maxwell's
addition
●
Fick's laws of diffusion
– First
– Second

Hardware Knowledge is Cumulative
●
Software tools I've had to learn:●
Linux
●
Mach
●
Init.d
●
Systemd
●
Busybox
●
OpenEmbedded
●
Make
●
Pip
●
Apt
●
Yum
●
Conda
●
Docker
●
Jenkins
●
Travis
●
Github
●
SVN
●
Perforce
●
U-boot
●
Grub
●
LILO
●
Npm
●
Gulp
●
Qt
●
GTK
●
Apache
●
Nginx
●
Web2py
●
Ruby on Rails
●
MySQL
●
MongoDB
●
Cargo
●
Automake
●
●
Hardware tools I've had to learn:
●
Soldering iron
●
Hot air gun
●
Microscope
●
Oscilloscope
●
Spectrum analyzer
●
Altium
●
Solidworks
●
Cadence
●
MAGIC
●
Synopsys

Hardware Might Be Hard; But At Least It's not Sysfs-ean

Getting Started: The Basics Are Surprisingly Cheap

8 ��1�� )� �$��
* ��.�� '��

The Dumpster Diving Cycle
Get [borked]
Equipment
Use Equipment Fix Equipment

Learning Through Reverse Engineering

And One to Check
●
Call it what you want: A/B test;
Control; Placebo

Rule of 3's: Hacking
●
One to break
●
Minimize barrier to gross characterization & learning
●
One to hack
●
Experiment to test theories
●
One to check
●
Baseline to ground experiments

How About Making?
IFixitCCBY-NC-SA3.0

Making is a Multi-Stage Process, Too
ViaIntrinsycDragonBoard8074DevKit

E/D/P-VT Process
●
VT = validation & test
●
E = Engineering
●
Does it catch fire?
●
D = Design
●
Does it meet the requirements?
●
P = Production
●
Does it yield?

Making is Cheaper By the Dozen
●
Observation: BOM stays 80% the same throughout EVT/DVT/PVT
●
Cheaper to buy all the materials at once
●
Then buy the per-run delta
●
For an "IoT"-type project:
●
EVT (min 3 / ideal 5)
●
DVT (min 5 / ideal 10)
●
PVT (min 5 / ideal 20+)
– Total run: 13-35 unit material usage
– Proto volume breaks at 10, 25 units

PVT
ViaEDN.comhttps://www.edn.com/Home/PrintView?contentItemId=4006382

It Doesn't Happen If You Don't Try.

Hardware Isn't Hard If You Know the Method
●
Hacking:
●
One to break
●
One to hack
●
One to test
●
Making:
●
Does it catch fire?
●
Does it meet specs?
●
Can it yield?

�� *��B ��/��'��

Why I Like Hardware Hacking:
It Redefines The Volume of Possibility
AntonioMigueldeCampos–Publicdomain

Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

Recommended

Recommended

More Related Content

Similar to Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

Similar to Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie (20)

More from Nico-Tech Shenzhen/ニコ技深圳コミュニティ

More from Nico-Tech Shenzhen/ニコ技深圳コミュニティ (20)

Recently uploaded

Recently uploaded (20)

Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie