20 Ways Past Secure Boot
Offered By: WEareTROOPERS via YouTube
Course Description
Overview
Syllabus
Intro
Overview
Secure boot?
Secure boot theory
Secure boot example
ways to ...
debug access to boot stage (JTAG) riscure
Debug/service functionality
Nook boot UART exploit
18. Overriding boot source medium
TOCTOU race conditions
Timing attacks
Timing attack with Infectus board
XBOX 360 timing attack procedure
Glitch sensitivity
Glitch demo
Is it a real attack?
Slot machine EMP Jamming
Code section
EM-FI Transient Probe
Research probes
Design mistakes
Accessibility of boot ROM after boot riscure
Crypto sanitization
Firmware Upgrade / Recovery flaws riscure
Relying on unverified code
Service backdoor/password
State errors
Driver weaknesses
ROM patching functionality
Inappropriate signing area
Key management
Weak signing keys/methods
Parting thoughts
Taught by
WEareTROOPERS
Related Courses
Side-Channel AttacksTheIACR via YouTube TPM-FAIL - TPM Meetings Timing and Lattice Attacks
TheIACR via YouTube FPGA Glitching & Side Channel Attacks
Hackaday via YouTube Timeless Timing Attacks
Black Hat via YouTube How the Best Hackers Learn Their Craft
RSA Conference via YouTube