Secure embedded devices by hacking at ESC/EELive!
EE Live! 2014’s organizers have spotlighted several sessions from the Black Hat Engineering Summit, its two-day program that aims to provide attendees with a forum for the discussion and evaluation of the latest solutions for securing embedded systems from threats in today's global environment.
The Black Hat Engineering Summit will run on April 2 and 3 as part of EE Live! 2014, which will be held at the San Jose McEnery Convention Center March 31 to April 3. This summit will not only provide essential information and tools to electronics professionals but also a greater understanding of security risks to the information infrastructures and computer systems with which they work every day.
This year’s Black Hat Engineering Summit will host a number of notable speakers, including hardware hacker and Prototype This! co-star Joe “Kingpin” Grand, who will deliver "Using Superpowers for PCB Reverse Engineering." You can preview the full list of speakers and sessions planned for the summit and for EE Live! 2014 at the event’s Schedule Builder.
One of the summit’s talks is "Finding and Reversing Engineering Backdoors in Consumer Firmware," which will be delivered by Tactical Network Solutions’s vulnerability researcher Craig Heffner. He will examine the most egregious -- and unfortunately one of the more common -- security violations in both consumer and business infrastructure: intentional backdoors put in products by vendors themselves.
Heffner will discuss the difficulties in analyzing embedded devices and common tools/techniques used by reverse engineers to dissect firmware. Throughout that process, he will also demonstrate multiple backdoors in consumer products from D-Link, Tenda, Trendnet, and 3SVision. Furthermore, he will explore practical attack scenarios against the affected devices and suggest probable reasons for the existence of these backdoors.
iSEC Partners security engineer Mike Ryan will lead a talk titled "Bluetooth Smart: Not Actually That Smart." He’ll start off by sharing his early work detailing major protocol flaws that leave user data unencrypted and unprotected against attackers. But he will also discuss new discoveries, including remotely exploitable vulnerabilities that may affect devices in your pocket at this very moment.
You can purchase an EE Live! 2014 All Access pass or an Engineering Summits Pass (includes access to the Black Hat Embedded Security, Internet of Things, and Hardware Startup Engineering summits) through the conference’s official site. Make sure to follow updates about EE Live!’s other programs, sessions, and announcements on the conference’s social media accounts on Twitter, Facebook, LinkedIn, and Google+.
(EE Live! and the Embedded Systems Conference are owned by UBM Tech, which also owns Embedded.com and EE Times.)