Looking for Malicious Hardware Implants with Minimal Equipment

Explore the world of malicious hardware implants in this 44-minute conference talk by Falcon Darkstar from 0xdade. Learn about the process of identifying unexpected features in hardware using minimal equipment, primarily a soldering iron. Discover more advanced tools and techniques for hardware security analysis. Gain insights into a general threat model for hardware security and understand how observant hackers can challenge even advanced threat actors. Delve into topics such as sensitive signals, exploitability, chain of auditability, and the challenges of interdiction. Examine the hierarchy of pain in hardware security, the difficulties of adding components and creating lookalikes, and why firmware is often the easiest target. Understand the concept of firmware interdiction kits and explore the reasons behind the need for hardware implants to scale. This talk provides valuable knowledge for those interested in hardware security and the detection of potential malicious implants.

Intro
SENSITIVE SIGNALS
EXPLOITABILITY
CHAIN OF AUDITABILITY
INTERDICTION IS HARD SOMETIMES
HIERARCHY OF PAIN
WHY ADDING COMPONENTS IS HARD
LOOKALIKES ARE HARD
LOOKALIKES ARE JUST ADDITIONS IN A PACKAGE
WHY FIRMWARE IS EASIEST
YOUR FIRMWARE INTERDICTION KIT
WHY MUST HARDWARE IMPLANTS SCALE?
WELL, YOU GET WHAT YOU GET WHEN IT COMES