Hacker News new | ask | show | jobs
by SAI_Peregrinus 232 days ago
Focused Ion Beam workstation, decap the relevant IC & probe its internal connections directly. If protected by a mesh, also use the FIB to deposit extra metal to bypass the mesh to make the probe holes. If protected by light sensors, also bypass them. Create glitches by shining highly focused lasers onto specific transistors at specific times. Etc. The sorts of attacks Christopher Tarnovsky did on a bunch of TPMs & talked about at DEFCON.
1 comments
beeflet 232 days ago
I was looking for the old CCC talk about this stuff, but I ended up finding out about a project called RayV Lite which seeks to democratize this hardware

https://www.netspi.com/blog/executive-blog/hardware-and-embe...

https://github.com/ProjectLOREM/RayVLite

link
beeflet 232 days ago
I found it!

https://media.ccc.de/v/25c3-2896-en-chip_reverse_engineering

https://www.youtube.com/watch?v=Pp4TPQVbxCQ

link
thenthenthen 232 days ago
Could not find the CCC talk but here is a netspi presentation at this years BlackHat: https://youtu.be/Wyv3pSQopp0?si=dyVaYYlwkkXkkO8r
link