Difference between revisions of "Hardware Hacking"
Jump to navigation
Jump to search
| Line 5: | Line 5: | ||
90-day disclosure deadline which starts after notifying vendors of vulnerability, with details shared in public with the defensive community after 90 days, or sooner if the vendor releases a fix | 90-day disclosure deadline which starts after notifying vendors of vulnerability, with details shared in public with the defensive community after 90 days, or sooner if the vendor releases a fix | ||
| − | == | + | == Isolated Skills == |
*[[Bus Pirate]] | *[[Bus Pirate]] | ||
Latest revision as of 06:41, 6 December 2022
Responsible and Ethical Disclosure
Any work that we do under our hardware hacking will follow the principals whereby, to be a viable target, we must physically own it and it must not be in use. After this any vulnerabilities found will follow the well established "Coordinate Vulnerability Disclosure" [1], also used by Google Project Zero to provide a:
90-day disclosure deadline which starts after notifying vendors of vulnerability, with details shared in public with the defensive community after 90 days, or sooner if the vendor releases a fix
Isolated Skills
Links =
- https://voidstarsec.com/training.html
- https://www.youtube.com/watch?v=hV8W4o-Mu2o&ab_channel=stacksmashing
- https://hackaday.com/2019/08/15/uncovering-the-echo-dots-hidden-usb-port/
- https://hackaday.com/2019/07/29/taking-a-peek-inside-amazons-latest-dot/
- http://andygoetz.org/blog/echo-dot-v2-finding-the-uart/
- https://arstechnica.com/information-technology/2022/03/attackers-can-force-amazon-echos-to-hack-themselves-with-self-issued-commands/
