Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

260 views

Published on

I got slide by bunnie (@bunniestudios)
Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

video
https://youtu.be/RVI77LwkeM0

https://togetter.com/li/1329842

Published in: Engineering
  • Be the first to comment

Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie

  1. 1. Why I Like Hardware Hacking (and if you haven't tried it, here's a few tips on getting started!) bunnie (@bunniestudios)
  2. 2. Does Hardware Even Matter Anymore?
  3. 3. Victorgrigas–CCBY-SA3.0
  4. 4. LeiWangCC-BY-SA
  5. 5. MatteoXCC-BY
  6. 6. The Illusion of Possibility: Infinite Borders, Finite Volume AntonioMigueldeCampos–Publicdomain
  7. 7. OpenStaxCollege–Anatomy&Physiology,ConnexionsWebSiteCCBY3.0
  8. 8. There's Things You Just Can't Do Without the Right Hardware
  9. 9. And Some Things Are Just Way Easier With the Right Hardware RehmanCCBY2.0 + many many years...+ 2 weeks Windsor/Cyclopsviatheintercept.com
  10. 10. ���������������� %
  11. 11. ���������������� % /�������� /����.����� 0#������� ��� �������� ��������� /�������-0#������� �������1�2�� �
  12. 12. The Obvious One: Capability ● Improvements in Performance, Power or Size Fensterblick–CCBYSA3.0
  13. 13. Security / Penetration
  14. 14. (��� ������1 �� �� ����������+��������� 4�������������������� 4��������5�!���1�6)�7�������)�����89�5� ������1�����������������������$ � '�:��&/� ��&�
  15. 15. Strong Crypto + Hardware Security: Limited Options? RehmanCCBY2.0 + a billion billion years... Windsor/Cyclopsviatheintercept.com
  16. 16. http://knowyourmeme.com/memes/red-pill
  17. 17. The Matrix ( 黑客帝国 ) hei ke di guo
  18. 18. Hacking Hardware to Extract Secrets ● Passive ● Direct observation – Optical – SEM ● Side-channel (emissions) – Power – RF – Optical ● Active ● Fault induction – Glitching (clock/VDD) – Coupling (e.g. row hammer) – Photonic ● FIB edit
  19. 19. (����� )� �� ���2�� ������� ����� �$�������������>��
  20. 20. Passive: Direct Measurement
  21. 21. (����� )�2�����'�!$������� ��&�� ��'���'�?��� �� �.'�1�'�9������@�'�"����'���'����2���'�@ ��A������� &�������0�� ��������$ � ��2��0�B
  22. 22. (����� )�(�� ��1�� 7/���� '� ������'���������&������'�:��A/����.���������&����������$ � ������, ���������#���� ������0���$�������2�7'�C'�����D������ B �&���&� �����������<��EED�=
  23. 23. Passive: RF Side-Channels Moradi, A and Schneider, T. “Improved Side-Channel Analysis Attacks on Xilinx Bitstream Encryption of 5, 6, and 7 Series”
  24. 24. Active: FIB From http://www.electronicdesign.com/eda/fib-circuit-edit-becomes-increasingly-valuable-advanced-node-design Kriegor27–Pubilcdomain Cmthep,CC-BY-SA3.0
  25. 25. #���� )�+��'����: �������8'���������2�����'�
  26. 26. Fault Injection ● Modify/corrupt memory in semi-predictable ways ● Alter computational results ● Branch targets ● Cryptographic computations ● Change reset states TwiizerhackviaMarcan.st
  27. 27. #���� )�/���'��� 1 ����������������>�� 3����&��� ;--+++�����&����-������� -�&�� �������&���
  28. 28. ���������������� %
  29. 29. Without the Right Hardware, There's Things You Just Can't Do OpenStaxCollege–Anatomy&Physiology,ConnexionsWebSiteCCBY3.0
  30. 30. And Things You Just Can't Be Aware Of
  31. 31. ��� �.�������������>�� @������������������ ������������������
  32. 32. �$��&���������!�����$����
  33. 33. Observation: Computers are Primarily Defined By Their Interaction Hardware SparkfunCCBY2.0 GarethHalfacreeCCBYSA2.0 FromGigabyte.com ● For a given performance tier, core architecture is 80% identical
  34. 34. ������''��������� ���� ������� /3�#�����������?��������
  35. 35. Prusiai3viaReprap.org–GNUFreeDocLicense EEZH24005viaelectronics-lab.com
  36. 36. � � #��� ����� �)�#���������!6� ��������� ������� �����,�������������>�� �&�,��<��2����= �������(�1�����.�������� � 9�� ������������,�:&����������.������F������ (>.������������ /�����3������ ����������)��
  37. 37. � � ��� ������������� � ������#� � ><=����� ��������� '�� �������� �������� � ?<=�����'� ���$��� �7 ������� 7��$������ �������
  38. 38. :&��A/�:B �/�-����&������������ (�!���� �<�1���������'�1���� '���������� ���� =
  39. 39. � � III
  40. 40. �����J���������� 2�)�1�$�' �������� ����������� �0�����('��
  41. 41. So...Why Aren't There More Hardware Hackers?
  42. 42. The Matrix ( 黑客帝国 ) hei ke di guo
  43. 43. http://knowyourmeme.com/memes/red-pill
  44. 44. "Welcome to the Desert of the Real" https://ladygeekgirl.wordpress.com/2016/02/11/throwback-thursdays-the-matrix-broke-the-90s/
  45. 45. The Desert is Real Marlenanopoli-CC0 rm -r *
  46. 46. The Problem with Hardware is That It's Made out of Atoms. And Atoms are Annoying.
  47. 47. Atoms are Owned and Traded. Jonathunder–CCBYSA3.0
  48. 48. Atoms are Imperfect. RobLavinsky,CCBYSA3.0
  49. 49. Atoms Don't Move On Their Own.
  50. 50. Reality Check: Pearl River Delta – Right Here, Right Now
  51. 51. Dumpster Diving For Factories Depreciate 3 yrs, sell as Scrap for $100k Use for 10 yrs, sell as scrap For $10k $1mm investment in top-of-line Assembly equipment Picked up by small factories (but same capability) Excess capacity for cheap
  52. 52. When It's Easy To Have a Factory, Any One Can Have One
  53. 53. #$ ����)� ���� ����9�+������
  54. 54. /����)� ���� �����+������
  55. 55. Inventory Capability
  56. 56. Hardware is Hard...If you Don't Have the Right Tools
  57. 57. https://www.youtube.com/watch?v=68IvuxHzw2A
  58. 58. DerekGates,CCBYNCND
  59. 59. ����,2������������>��
  60. 60. Even the Mightiest Rivers Start as Raindrops 10 mm assembly labor 100k technicians/engineers 1 billion people 1000 managers/designers 10 major new tech corps (1980, foxconn, huawei, etc.) (1990, diaspora of medium- small factories) (2000, rise of the Shanzhai) (2010, xiaomi, tencent, taobao, alibaba, etc.) Dotcom boom Maker Movement Cold war Engineers USAChina
  61. 61. A Healthy Ecosystem Has A Wide Base https://sites.google.com/site/lmwhitebiology/ecology/ecological-pyramids-1/pyramid-of-biomass
  62. 62. It Takes an Ecosystem to Build Hardware System Integrator Plastics PCBA Firmware Tooling Components ID
  63. 63. The Problem with Ecosystem Loss MarcinChandy–CCBY2.0 ZhaoChuangviawww.amnh.org
  64. 64. The Problem with Ecosystem Loss
  65. 65. The Other Problem with Ecosystem Loss
  66. 66. The Good News Leonardo DaVinci – Vitruvian Man photo by Luc Viatour / https://Lucnix.be via Wikipedia (Public Domain)Isaac Newton / Principia (Public Domain)
  67. 67. Hardware Knowledge is Cumulative ● Programming languages I've had to learn: ● BASIC ● C ● Assembly of various flavors ● C++ ● Pascal ● Perl ● Java ● Python ● Javascript ● Rust ● Verilog ● VHDL ● Bash ● Go ● ... ● Equations I've had to learn: ● Maxwell's equations – Gauss's Law – Gauss's Law for magnetism – Faraday's Law – Ampere's law with Maxwell's addition ● Fick's laws of diffusion – First – Second
  68. 68. Hardware Knowledge is Cumulative ● Software tools I've had to learn:● Linux ● Mach ● Init.d ● Systemd ● Busybox ● OpenEmbedded ● Make ● Pip ● Apt ● Yum ● Conda ● Docker ● Jenkins ● Travis ● Github ● SVN ● Perforce ● U-boot ● Grub ● LILO ● Npm ● Gulp ● Qt ● GTK ● Apache ● Nginx ● Web2py ● Ruby on Rails ● MySQL ● MongoDB ● Cargo ● Automake ● ● Hardware tools I've had to learn: ● Soldering iron ● Hot air gun ● Microscope ● Oscilloscope ● Spectrum analyzer ● Altium ● Solidworks ● Cadence ● MAGIC ● Synopsys
  69. 69. Hardware Might Be Hard; But At Least It's not Sysfs-ean
  70. 70. Getting Started: The Basics Are Surprisingly Cheap
  71. 71. 8 ������1���� ������������ )� �$��� �� ����� * ���������.�� ���� '��� ��������
  72. 72. The Dumpster Diving Cycle Get [borked] Equipment Use Equipment Fix Equipment
  73. 73. Learning Through Reverse Engineering
  74. 74. Next Up: Fear of Failure
  75. 75. One (or more) to Break
  76. 76. One to Hack
  77. 77. And One to Check ● Call it what you want: A/B test; Control; Placebo
  78. 78. Rule of 3's: Hacking ● One to break ● Minimize barrier to gross characterization & learning ● One to hack ● Experiment to test theories ● One to check ● Baseline to ground experiments
  79. 79. How About Making? IFixitCCBY-NC-SA3.0
  80. 80. How About Making? IFixitCCBY-NC-SA3.0
  81. 81. Making is a Multi-Stage Process, Too ViaIntrinsycDragonBoard8074DevKit
  82. 82. E/D/P-VT Process ● VT = validation & test ● E = Engineering ● Does it catch fire? ● D = Design ● Does it meet the requirements? ● P = Production ● Does it yield?
  83. 83. Making is Cheaper By the Dozen ● Observation: BOM stays 80% the same throughout EVT/DVT/PVT ● Cheaper to buy all the materials at once ● Then buy the per-run delta ● For an "IoT"-type project: ● EVT (min 3 / ideal 5) ● DVT (min 5 / ideal 10) ● PVT (min 5 / ideal 20+) – Total run: 13-35 unit material usage – Proto volume breaks at 10, 25 units
  84. 84. Example: Chumby
  85. 85. EVT
  86. 86. DVT
  87. 87. PVT ViaEDN.comhttps://www.edn.com/Home/PrintView?contentItemId=4006382
  88. 88. It Doesn't Happen If You Don't Try.
  89. 89. �&�!�������
  90. 90. EVT JieQi,CCBY
  91. 91. DVT
  92. 92. PVT
  93. 93. Hardware Isn't Hard If You Know the Method ● Hacking: ● One to break ● One to hack ● One to test ● Making: ● Does it catch fire? ● Does it meet specs? ● Can it yield?
  94. 94. ��������������� �*������B ��/�����'��� �
  95. 95. Why I Like Hardware Hacking: It Redefines The Volume of Possibility AntonioMigueldeCampos–Publicdomain
  96. 96. IanBrittonCCBY-NC

×