CAS CS591 Topics in Internet Security Kingpin ([email protected]) [L-zero-P-H-T] Hardware and Embedded System Security Pitfalls.

CAS CS591 Topics in CAS CS591 Topics in Internet SecurityInternet Security

Kingpin ([email protected])

http://www.L0pht.com [L-zero-P-H-T]

Hardware and Embedded System Security Pitfalls

IntroductionIntroduction• The L0pht

– Origin– Mission– Members– Who am I?

The L0pht - OriginThe L0pht - Origin

• Banded together in 1992

• Originally set out as a simple communal storage area

• Combination of everyone’s “junk” turned into gems

• From networks to watchdogs

• The security puzzle

The L0pht - MissionThe L0pht - Mission

• Learn and explore

• Provide an unbiased soap-box for our views and beliefs on technology

• Give back to the network security community without playing favorites

• Have the place self perpetuate (pay for itself)

The L0pht - MembersThe L0pht - Members

MudgeWeld Pond

KingpinJohn Tan

Brian OblivionSpace Rogue

SilicosisDildog

KingpinKingpin

• Involved w/ L0pht since inception, 1992

• Electrical engineer, hardware hacker

• Dial-up/telephone systems

• Product design

Hardware and Embedded Hardware and Embedded System Security PitfallsSystem Security Pitfalls

• Security problems aren’t just limited to software

• Consider all possibilities when interfacing with the outside world!

• Any design can have fundamental flaws

ApplicationsApplications

Simple Complex