mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

582
comptes actifs

#faultinjection

1 message1 participant0 message aujourd’hui

Great talk by Aedan Cullen at #38c3 on breaking security on the #RP2350 by glitching the OTP VDD.

streaming.media.ccc.de/38c3/re

I expect the bus between the state machine and OTP is like Wishbone or M68K and has a request and an acknowledge, and the data is latched on the ACK. No ACK? Guard word stays in the latch.

streaming.media.ccc.deRelive: Hacking the RP2350 – 38C3: Illegal Instructions StreamingLive streaming from the 38th Chaos Communication Congress

The fault injection library (PicoGlitcher, Chipwhisper etc) was just updated with the results of me playing around with my PicoGlitcher yesterday evening. This info comes from actual glitches against a so-far unnamed IoT device based on the STM32F412.

github.com/MKesenheimer/fault-

Summary:

1) No, it's not realistic to glitch ReadMemory to read out the internal flash from these devices with the known methods.

2) Still fun though and why not study the v3.1 bootloader intensely?

GitHubfault-injection-library/stm32f412-glitching at master · MKesenheimer/fault-injection-libraryPython library to perform fault-injection attacks on microcontrollers - MKesenheimer/fault-injection-library