Joe FitzPatrick and Miles Crabill - NSA Playset: PCIe - a podcast by DEF CON

from 2014-12-13T14:11:10

:: ::

Slides Here: https://www.defcon.org/images/defcon-22/dc-22-presentations/Fitzpatrick-Crabill/DEFCON-22-Joe-FitzPatrick-Miles-Crabill-NSA-Playset-PCIe.pdf



NSA Playset: PCIe

Joe FitzPatrick HARDWARE SECURITY RESOURCES, LLC

Miles Crabill SECURITY RESEARCHER

Hardware hacks tend to focus on low-speed (jtag, uart) and external (network, usb) interfaces, and PCI Express is typically neither. After a crash course in PCIe Architecture, we'll demonstrate a handful of hacks showing how pull PCIe outside of your system case and add PCIe slots to systems without them, including embedded platforms. We'll top it off with a demonstration of SLOTSCREAMER, an inexpensive device we've configured to access memory and IO, cross-platform and transparent to the OS - all by design with no 0-day needed. The open hardware and software framework that we will release will expand your NSA Playset with the ability to tinker with DMA attacks to read memory, bypass software and hardware security measures, and directly attack other hardware devices in the system. Anyone who has installed a graphics card has all the hardware experience necessary to enjoy this talk and start playing NSA at home!



Joe is an Instructor, Consultant, and Researcher at SecuringHardware.com. Joe specializes in low-cost attacks, hardware tools, and hardware design for security. Previously, he spent 8 years doing test/debug and hardware pen-testing of desktop and server microprocessors, as well as conducting security validation training for hardware validators worldwide. In addition to side projects on PCIe, RTL security validation, and simple side channel attacks, Joe currently teaches “Secure Hardware Development for Integrated Circuits” and Co-teaches “Software Exploitation via Hardware Exploits” alongside Stephen Ridley.



Twitter: @securelyfitz



Miles Crabill is a rising junior at Lewis and Clark College in Portland, OR. He is interested in computer security education and is a contributor to EDURange, an NSF funded framework for deploying computer security scenarios.

Further episodes of DEF CON 22 [Materials] Speeches from the Hacker Convention.

Further podcasts by DEF CON

Website of DEF CON