Hiding at Depth - Exploring, Subverting and Breaking NAND Flash Memory

Explore the security implications of NAND Flash memory in this Black Hat USA 2013 conference talk. Delve into the NAND-Xplore project, which explains NAND Flash storage functionality and exposes logical weaknesses in hardware and implementation architectures. Learn how vulnerable NAND hardware can be subverted to hide and persist files on mobile devices. Discover two open-source proof-of-concept tools for Android: one for injecting and hiding files on raw NAND-based devices, and another for finding those hidden files. Understand how advanced malware or offensive tools could exploit NAND to conceal persistent files on devices and methods to uncover them. Examine the interaction between typical forensic software and NAND devices, and how these tools can be subverted. Finally, investigate how remote NAND manipulation can irreparably damage devices, from smartphones to SCADA systems, and why this vulnerability is challenging to patch or fix.

Black Hat USA 2013 - Hiding @ Depth - Exploring, Subverting and Breaking NAND Flash memory