Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

A View from Erica Naone

Hardware Insecurity

Vulnerabilities of embedded systems on display at Black Hat.

  • February 21, 2008

Today at the computer security conference Black Hat 2008, in Washington, DC, several impressive displays made clear that embedded systems, such as those used for keyless entry to cars or garage-door openers, could be an important security battleground in coming years. Breaking into embedded systems requires a different set of skills than those needed to crack websites. Instead of breaking in by using code written in computer languages that are relatively widely known, getting access to embedded systems can call for hands-on techniques, such as exposing a chip to ultraviolet light or probing it with needles.

Christopher Tarnovsky of Flylogic Engineering gave a virtuosic presentation in which he showed how he had taken over chips made by major manufacturers including Atmel, Motorola, and Infineon. Tarnovsky emphasized that, although the manufacturers stress the security features of their devices, he often finds it relatively easy to circumvent the very features that are being touted.

Later, Job de Haas, a senior specialist at Riscure, showed how he could extract keys from embedded devices without needing to open them up. The technique relies on measuring the electromagnetic field surrounding a device and analyzing patterns to make guesses at the processing going on within the system.

While in both cases, specialized skills and equipment are needed to pull off the attack, embedded systems are increasingly being used to guard access to valuable information or equipment that could make it worth the effort to break into them.

More from Business Impact

How technology advances are changing the economy and providing new opportunities in many industries.

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.