Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

A View from Erica Naone

Hardware Insecurity

Vulnerabilities of embedded systems on display at Black Hat.

  • February 21, 2008

Today at the computer security conference Black Hat 2008, in Washington, DC, several impressive displays made clear that embedded systems, such as those used for keyless entry to cars or garage-door openers, could be an important security battleground in coming years. Breaking into embedded systems requires a different set of skills than those needed to crack websites. Instead of breaking in by using code written in computer languages that are relatively widely known, getting access to embedded systems can call for hands-on techniques, such as exposing a chip to ultraviolet light or probing it with needles.

Christopher Tarnovsky of Flylogic Engineering gave a virtuosic presentation in which he showed how he had taken over chips made by major manufacturers including Atmel, Motorola, and Infineon. Tarnovsky emphasized that, although the manufacturers stress the security features of their devices, he often finds it relatively easy to circumvent the very features that are being touted.

Later, Job de Haas, a senior specialist at Riscure, showed how he could extract keys from embedded devices without needing to open them up. The technique relies on measuring the electromagnetic field surrounding a device and analyzing patterns to make guesses at the processing going on within the system.

While in both cases, specialized skills and equipment are needed to pull off the attack, embedded systems are increasingly being used to guard access to valuable information or equipment that could make it worth the effort to break into them.

More from Business Impact

How technology advances are changing the economy and providing new opportunities in many industries.

Want more award-winning journalism? Subscribe to MIT Technology Review.
  • Print + All Access Digital {! insider.prices.print_digital !}* Best Value

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivery each weekday to your inbox

    The MIT Technology Review App

  • All Access Digital {! insider.prices.digital !}*

    {! insider.display.menuOptionsLabel !}

    The digital magazine, plus unlimited site access, our online archive, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    Digital magazine (6 bi-monthly issues)

    Access to entire PDF magazine archive dating back to 1899

    The Download: newsletter delivery each weekday to your inbox

  • Print Subscription {! insider.prices.print_only !}*

    {! insider.display.menuOptionsLabel !}

    Six print issues per year plus The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Print magazine (6 bi-monthly issues)

    The Download: newsletter delivery each weekday to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.