Skip to content
Join NCC Group's Jon Szymaniak for "Sinking U-Boots with Depthcharge: Effective Exploitation of Boot-Time Security Debt".
Join NCC Group's Jon Szymaniak for "Sinking U-Boots with Depthcharge: Effective Exploitation of Boot-Time Security Debt".

ON-DEMAND: Sinking U-Boots with Depthcharge: Effective Exploitation of Boot-Time Security Debt

Event date 15 September 2020

Location https://www.youtube.com/watch?v=fTKMi3Is5x8

Check out the Hardwear.io webinar entitled, “Sinking U-Boots with Depthcharge: Effective Exploitation of Boot-Time Security Debt,” presented by NCC Group’s Hardware & Embedded Systems team member Jon Szymaniak!

https://www.youtube.com/watch?v=fTKMi3Is5x8

NCC Group’s Depthcharge toolkit is designed to allow security experts to more quickly find security holes in the modifications that product engineering teams have made to Free and Open Source (FOSS)Das U-Boot bootloader. It demonstrates how seemingly innocuous configuration changes and implementation decisions can be abused to undermine a product’s security objectives – and in some really clever ways!

At a higher level, Jon’s discussion about Depthcharge touches on a critical and much more universal topic of “security debt”– where the adoption of external code, without making investments into security-focused testing and review, can lead to a security-impacting form of technical debt.

You can learn more about Jon’s Depthcharge toolkit in our blog post [1], in the project documentation [2], and on GitHub [3]. Stay tuned for future updates, as Jon works toward some new features that will make the toolkit more accessible and helpful for product engineers!

And don’t forget – the Hardwear.io Netherlands 2020 conference registration is still open! You can register for a free pass to the virtual conference here: https://hardwear.io/netherlands-2020/register.php

Links:

[1] Blog Post: https://research.nccgroup.com/2020/07/22/depthcharge

[2] Project Documentation: https://depthcharge.readthedocs.io

[3] Source Code: https://github.com/nccgroup/depthcharge

Categories

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 20 794 4737

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom