*My* job is security, and when stuff like BadBIOS makes headlines it's an embarrassment to my field. *You* have a delusional paranoia problem, and I'm trying to help you because otherwise you'll convince other, less clueful people of your nonsense and it'll spiral out of control.
-
I said "dump flash", not "use an SD card reader". That means hook up a programmer to the raw flash, where discrete. Or, if you think the issue is a compromised highly integrated microSD card, just sniff the bus with an FPGA and transparently log all reads/writes.
In the extreme, if I thought I had some seriously customized smarts buried into my SD card, I'd chuck it into nitric acid and see what's inside, possibly send it to someone with a wirebonder to get at the raw flash die inside. But it'd take some *solid* IOCs for me to go that far
-
-
Waiting on package from rusolut. But getting secured computer to run on here, aye there's the rub. I've given more samples, waiting on analysis. But samples seem to go into blackholes. Given folks whole machines, images... mostly radio silence, neither confirmed or denied.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Most microSD I have worked with recently have pads for raw access if you carefully remove epoxy. Still not bare die but removes a layer.
-
Rusolut has these trick dies/holders that poke the various kinds of cards in the right magic spots to get to the chips.
- Show replies
New conversation -
-
-
Some folks have useful info tho in response, and others just said "wierd." The multiplatform flash controller payload angle is relatively new (discovery), still analyzing. You are in Japan? Let's keep this civil, and I'll invite you to PacSec as guest, give you samples in Nov.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.