Systems that hide their firmware–often deep in readout-protected flash or hidden in encrypted ROM chips–have long stymied reverse engineers, who often have to resort to inventive methods to understand closed systems. To help reduce the effort needed to get a foothold into a new system, we present GlitchKit–an open source hardware and firmware solution that significantly simplifies the process of fault-injecting your way into a new system–and of fault-injecting firmware secrets out! This talk presents the development completed thus far, demonstrates the use of GlitchKit in simple attacks, and invites participation in the development of our open-source tools.
Dominic Spill (@dominicgs) is a senior security researcher at Great Scott Gadgets where he writes software and firmware for open source hardware. His primary focus is sniffing and modifying communication protocols.
Kate Temkin (@ktemkin) leads the low-level Computer Architectures group at Assured Information Security, researching a variety of hardware hacking and architectural security topics. When not hacking hardware, she maintains and contributes to a variety of open-source projects, including FaceDancer and GreatFET, and probably spends way too much time reverse engineering and collecting electronic lab equipment.