I'm working on influencing security in embedded, e.g., writing and designing secure systems (comprehensively, starting with arch & code.) It's an educational effort with embedded ISVs and OEMs at every step, you can presume the market, if they're thinking of security at all, is currently buying into 'fire-walling' and 'obfuscation' approaches.
There are some interesting groups like We Are the Cavalry working on that as well. Some fun uses of Raspberry Pi computers as air-gapped PGP / KeyStores and Hardware Tor routers. DIY info-theoretic secure communications platforms (opto-isolators and so on.) On the topic of HWSec, I'm interested in detecting in-sil modification, allowing end-users to simply and easily verify their hardware in the same way that the OS community has become entranced with 'deterministic verifiable builds'. -Travis On Wed, Apr 27, 2016 at 2:15 PM, Steve Kinney <[email protected]> wrote: > Annual token on-topic post: > > Hardware considerations are inherent to the creation and solution of > practical crypto problems, because good crypto is best solved by > attacking the platforms it runs on. The 'internet of things' creates a > massive comms attack surface, also best solved at the platform level > i.e. signals discipline. When the scope of a project includes > non-attribution by 3rd parties, hit and run network access via tightly > controlled hardware is the only thing that can work against a well > funded State adversary. > > I don't see much about hardware hacking on CPunks. I know that folks who > have worked on digital circuit design and manufacture are lurking out > there, also a bunch of ham radio people. Things they take for granted > are utterly mysterious to lesser mortals, including "computer experts" > focused on software and networking. > > Field tested cheat sheets on security oriented, low tech DIY hardware > mods are among the most subversive things that can be published on the > technical front. CPunks subscribers may or may not personally need those > docs for the Nameless Mission or Big Show in our lifetimes, but others > do need them now. > > How many lusers put tape over their laptop camera lens, but neglect to > cut the pins on the microphone? How many people even know their shiny > new car has a GPS receiver and an IP capable two-way radio enabling > remote sabotage, and of these, how many know where the antenna > connections are? There's a lot of room to educate a justifiably > paranoid public on practical aspects of these and similar matters, if > anyone has the time and interest to make that a Thing. > > :o) > > > -- Twitter <https://twitter.com/tbiehn> | LinkedIn <http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn> | TravisBiehn.com <http://www.travisbiehn.com> | Google Plus <https://plus.google.com/+TravisBiehn>
