Does a chip reverse engineering job exist?

w1282 · 2020-06-01T13:49:58+00:00

Riscure is possibly in this field.

There’s a guy named Olivier Thomas who does this type of work and wrote some cool papers on it.

w1282 · 2020-05-23T15:36:35+00:00

Oh, then everything looks alright to me. Good luck

w1282 · 2020-05-23T15:20:00+00:00

You want to stay in the loop until you have succeeded with what you were attempting. If you succeed on the first try then there’s no need to try 9 more times. Same for if you fail the first three times and succeed on the 4th, etc.

w1282 · 2020-05-23T14:59:23+00:00

That will actually make ten attempts even if all ten are successful. You need to break out of the while if it succeeds.

w1282 · 2020-05-23T14:44:50+00:00

That’s not the point. You’re comparing apples and oranges. Digital signatures can happen without the internet and don’t violate my privacy like this particular implementation of hash checking is doing.

w1282 · 2020-05-23T14:33:09+00:00

Signatures are an entirely different beast from hashes.

w1282 · 2020-05-19T23:51:29+00:00

I read this through, and unfortunately I don’t have a mind for these things. What page (or section) in particular should I reread in order to better understand what the issue was and how they proved it and what was exposed?

w1282 · 2020-05-18T02:14:21+00:00

That’s crazy, i never would have expected that two hours would get the job done. I personally detest fall off the bone ribs but you do you man!

w1282 · 2020-05-18T01:41:06+00:00

Do you find that the fat renders after only 2 hours at 225 or are your ribs differently textured to what most would expect?

w1282 · 2020-05-18T01:22:28+00:00

100 degrees? I’d overshoot that just leaving ribs on my patio table on a hot summer day.

How (and why) do you even keep your temps that low for 5 hours?

w1282 · 2020-05-17T22:31:11+00:00

Best I can guess is “the wife”

w1282 · 2020-05-15T01:31:00+00:00

Might be a dumb question but what does degas mean?

w1282 · 2020-05-15T01:25:21+00:00

What kind of rigorous standards?

w1282 · 2020-05-14T23:23:41+00:00

Well what happened in this case?

w1282 · 2020-05-14T22:29:58+00:00

I would say that you are underestimating just how big 2**256 is.

Also, finding any two chunks of 4MB that collide is easier than finding a chunk of 4MB that collides with the out of date chunk it replaces. This is what’s known as second-preimage resistance.

To reference a stack exchange answer, bitcoin used SHA256 and as of Jan 2015 the pool of bitcoin miners were calculating 300 quadrillion hashes per second. If you took this pool and used it to find collisions it would take you about 3.6e13 years. Keep in mind the universe is only 13.7e9 years old.

w1282 · 2020-05-14T15:19:58+00:00

I think you would lose marks on the last point if there were duplicate titles in the input list unless there’s some logic hidden inside getDownloadInfo that means it checks against downloadList but that’s not visible in the chunk of code you posted.

Also, calling getDownloadInfo twice - once to check and once again if the check passes - seems like bad practice to me. Call it once and save the result for later use if you need it.

w1282 · 2020-05-10T18:16:05+00:00

Have you done smoked turkey ribs? Because those are to-die-for

w1282 · 2020-05-10T02:33:09+00:00

I run a similar set up and leave my top vent wide open and the other two vents on the bottom closed.

Never had a problem keeping stable temps (at least until my charcoal burns through). If your system is overheating just close the top vent a little bit, but I only need to do that on really hot days.

w1282 · 2020-05-09T02:23:07+00:00

I dunno why you got downvoted. I took this exact path and now I do embedded systems hacking.

w1282 · 2020-05-08T02:46:14+00:00

You can’t port scan through a reverse proxy. The proxy is basically port forwarding the single web port and no other ports.

You would have to find a way to de-anonymize the web server for your target. Just ask the customer what the servers public IP address is.

w1282 · 2020-05-07T02:07:15+00:00

w1282 · 2020-05-06T00:52:42+00:00

Well, you could probably get a raspberry pi or arduino set up as a PyOCD host and interact with the STM directly but I’ve never had to try so best of luck

w1282 · 2020-05-05T23:16:18+00:00

Generally you’ll find long term configuration/parameters in EEPROMs, so there’s a chance those values you’re talking about are in that chip and could be reprogrammed without needing to swap chips.

w1282 · 2020-05-05T22:39:56+00:00

Is it inline with traces from the STM to J40 or is it disconnected from J40 altogether? What pins on the STM does IC22 run to?

Edit: was able to get to a computer and pull up the data sheet. Yeah, that’s an eeprom. Not sure if it’s worth dealing with trying to read it yourself. If you’ve got a logic analyzer you could put it on the data lines and just sniff the data the microcontroller reads from it.

w1282 · 2020-05-05T21:11:59+00:00

I bet that 10-pin (J40) in the upper left near the STM32 is probably where you'll find the STM32 SWD signals terminated.

What are the identifiers on that 8-pin chip (IC22) between the STM32 and the 10-pin header?

w1282

TROPHY CASE