filmov
tv
DEF CON 29 - Laura Abbott, Rick Altherr -Breaking TrustZone M: Privilege Escalation on LPC55S69
Показать описание
The concept of Trusted Execution Environments has been broadly introduced to microcontrollers with ARM’s TrustZone-M. While much experience with TrustZone-A can be applied, architectural differences with ARMv8-M lead to a very different approach to configuration and transitions between secure and non-secure worlds. This talk will deep dive into how TrustZone-M works, where to look for weaknesses in implementations, and a detailed look into NXP LPC55S69’s implementation including discovering an undocumented peripheral that leads to a priviledge escalation vulnerability exploitable with TrustedFirmware-M. Finally, NXP PSIRT will be used as a case study in how _not_ to respond to a vulnerability report.
REFERENCES:
REFERENCES:
DEF CON 29 - Laura Abbott, Rick Altherr -Breaking TrustZone M: Privilege Escalation on LPC55S69
DEF CON 29 - Agent X - A look inside security at the New York Times
DEF CON 29 - PatH - Warping Reality: Creating and Countering the Next Generation of Linux Rootkits
DEF CON 29 - Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
Propagate the Signal [with JRWR] | DEF CON 29 #badgelife
DEF CON 29 Aerospace Village Deep Space Networking Workshop Part 2 LTP Wireshark Challenge
DEF CON 29 - Austin Allshouse - The Mechanics of Compromising Low Entropy RSA Keys
DEF CON 29 - Vivek Nair - Time Turner Hacking RF Attendance Systems To Be in Two Places at Once
DEF CON 29 - Dan Petro - You're Doing IoT RNG
DEF CON 29 - Jacob Baines - Bring Your Own Print Driver Vulnerability
DEF CON 29- Dennis Giese - Robots with lasers and cameras but no security Liberating your vacuum
DEF CON 29 - Shir Tamari, Ami Luttwak - New class of DNS Vulns Affecting DNS-as-Service Platforms
DEF CON 29 - Slava Makkaveev - I know how to take over your Kindle with an e-book
DEF CON 29 -Justin Perdok - Hi Im DOMAIN Steve, Please Let Me Access VLAN2
DEF CON 29 - Ian Coldwater, Chad Rikansrud - Real Life Story of the 1st Mainframe Container Breakout
DEF CON 29 - Rion Carter - Why does my security camera scream like a Banshee?
DEF CON 29 - Cory Doctorow - Privacy Without Monopoly
DEF CON 29 - Dimitry 'Op Nomad' Snezhkov - Racketeer Toolkit: Prototyping Controlled Ranso...
DEFCON 29 IoT Village - Jay Balan - 5 Years of IoT Vulnerability Research and Countless 0days
DEF CON 29 - Michael Whiteley Katie Whiteley - Making the DEF CON 29 Badge
DEF CON 29 - Claire Vacherot - Sneak into buildings with KNXnetIP
DEF CON 29 - Patrick Wardle - Bundles of Joy: Breaking MacOS via Subverted Applications Bundles
DEF CON 29 - Zabrocki, Matrosov - Glitching RISC-V chips: MTVEC corruption for hardening ISA
Defcon 29 - Human Badage
Комментарии