TC7 day 2 – Hiding behind antiquity - Hack a Day

TC7 day 2 – Hiding behind antiquity

posted Sep 20th 2005 4:00am by Eliot Phillips
filed under: Uncategorized

jason

Apparently when Jason Spence isn’t reading Hack-A-Day he is reading manufacturer data sheets. He’s fun in real life; I swear. The talk started with an overview of motherboard architecture. By studying manufacturer data sheets you can figure out a pathway to attack the BIOS. A proof of concept BIOS backdoor has already been developed. This is a very scary situation since the OS isn’t even loaded yet and will be completely blind once it is up. Jason pointed out that smaller manufactures (VIA, SIS) don’t publish data sheets fearing patent infringement. This lack of information makes security a lot harder to pull off. Jason says he’ll be contributing a couple articles in the future.

UPDATE: Jason has posted his uncensored slides.
UPDATE: Slides on the Toorcon site.

Comments [7]

Recent Posts

Commodore SQ1000 twitter wall: the twypper (11/24/2009)
Hack a Sketch (11/24/2009)
$100 free from your favorite hobby supplier! (11/24/2009)
STM8S-Discovery: Microcontrollers reach a new low (11/23/2009)
Cable management for pull-out shelves (11/23/2009)

Reader Comments

crazy l33t shit! woo first post

Posted at 6:49 am on Sep 20th, 2005 by dan

I see the man likes ye ol Red Hat Fedora! interesting stuff!

Posted at 7:17 am on Sep 20th, 2005 by Dunks0r

Pretty cool talk, but when will information about this be online or accessable, or are the talks already up loaded someplace?

cheers

Posted at 9:50 am on Sep 20th, 2005 by coward

any additional information on this subject (and the others posted) would be wonderful if anyone has it.

Posted at 9:53 am on Sep 20th, 2005 by steve

is this the same jason spence that got his ass scammed by sal wise, and then turned the entire internet against the guy?

Posted at 12:42 pm on Sep 20th, 2005 by dephyler

“The goal of attackers is to make unauthorized changes to the target …”

… and you folks wonder why no one trusts you.

Posted at 3:07 pm on Sep 20th, 2005 by fatdrunkenbastard

No, I’m not that Jason Spence. Also, the uncensored version of the slides are at:

http://lightconsulting.com/~thalakan/drop/tc2005.sxi

The sanitized ones will be posted on the toorcon site, I’m told.

Posted at 7:23 pm on Sep 20th, 2005 by Jason spence

Leave a Reply

Hack a Day serves up fresh hacks each day, every day from around the web and a special How-To hack each week.

Send us your hacks

Hacks

Resources

RSS newsfeeds

RSS news feed

Powered by WordPress

Most commented on (30 days)

Recent comments

jcjavo on Unhackable Netbooks given to students
--- on Commodore SQ1000 twitter wall: the twypper
Blue Laser on $100 free from your favorite hobby supplier!
ubuntuprov4 on Banned Xbox 360's - boon or bust?
anony mouse on Unhackable Netbooks given to students
jcjavo on Electronic guitar pick tunes the strings for you
anony mouse on Unhackable Netbooks given to students
An Adult on 25 Scariest experiments
liquidmeson on Commodore SQ1000 twitter wall: the twypper
nedodelkin on CNC circuit board fabrication