Hacking secrets from 'secure' hardware

Thursday 25 September 09:30 - 10:00, Red room.

Gunter Ollmann IOActive

Once upon a time, technology companies protected their secrets within the software of the products they produced. As hackers refined their reverse engineering tools, those secrets were laid bare for even an inept would-be security researcher. To defeat those hackers and security researchers, technology companies moved their secrets to the firmware of the devices they sold - raising the security bar incrementally higher, but still within the reach of many worthy adversaries. As those products fall to new hacker techniques and tools, technology companies are raising the bar even further - they're embedding those secrets within the chips and silicon itself. Is it enough?

This session analyses the rapid evolution of hardware hacking and how each of the techniques for securing critical product secrets and intellectual property have fallen. While the barrier to entry for defeating silicon-based encoding of secrets may finally be high enough to stop the lone-wolf hacker, it's not enough to defeat a growing array of commercial security labs, organized crime labs, professional counterfeiting labs, and government entities. What does it take to defeat the current and next generation of 'secure' hardware designs?

Click here for more details about the conference.

Gunter Ollmann

Gunter Ollmann

As its CTO, Gunter Ollmann is responsible for developing IOActive's services strategy and guiding new research initiatives. With a security career dating back to the mid-1980s, Gunter continues to focus on identifying new threats and attack vectors, and developing the tools and tactics required to mitigate them. Prior to joining IOActive, Gunter served as Vice President of Research at Damballa, where he focused on inventing new crimeware mitigation technologies and identifying the criminal operators behind botnets and other advanced persistent threats through big data analytics and machine-learning systems. Gunter also held several strategic positions at IBM Internet Security Systems (ISS), including Chief Security Strategist, where he helped guide IBM's security research and protection strategy and served as IBM's key spokesperson on evolving threats and mitigation techniques. Prior to IBM's acquisition of ISS, Gunter held the role of Director of X-Force where he ran the company's research and development organization, and served as the head of X-Force security assessment services for EMEA. Ollmann has contributed to multiple leading IT and security magazines and journals and is a prize-winning security blogger. He is a well-known industry speaker, having presented at most major international technical security conferences, and is highly regarded by the press as an expert source on security threats and cybercrime. Gunter also serves as an advisory board member at the University of Georgia.



We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.