Forensics Impossible: Self-Destructing Thumb Drives BRANDON WILSON
|
|
- Susan Knight
- 7 years ago
- Views:
Transcription
1 Forensics Impossible: Self-Destructing Thumb Drives BRANDON WILSON
2
3 What is a USB flash drive? Answer: a computer Processor RAM Firmware I/O USB controller LED(s) NAND flash chip USB is just the transport mechanism
4 How does a computer interact with a flash drive? USB Device Descriptor Vendor and Product IDs Device class, subclass, and protocol Configuration Descriptor Interface Descriptor(s) Device class, subclass, and protocol Endpoint Descriptor(s) Control (0) Bulk Interrupt Isochronous
5 How does a computer interact with a flash drive? USB Mass Storage Device Class Bulk-Only Transport Protocol One incoming bulk endpoint One outgoing bulk endpoint Command Block Wrapper (CBW) Optionally, either: Incoming data, or Outgoing data CBW (Command Block Wrapper) Incoming Data Outgoing Data Command Status Wrapper (CSW) CSW (Command Status Wrapper)
6 How does a computer interact with a flash drive? USB Floppy Interface (UFI) Protocol SCSI Command Set Inquiry Get Capabilities Request Sense Data Read Sector Write Sector (*) Vendor-Specific Commands (*)
7 How does the flash drive work? Phison controller:
8 Can we change the code that executes? Trigger some kind of buffer overflow with the commands? Find the firmware upgrade tools and study them
9 What do we have to work with? Chinese manufacturing/qa tools MPALL UPTool GetInfo Patriot Memory firmware upgrade utility Firmware leaks
10 How do we see what the tools are doing? Software USB analyzer HHD USB Monitor USBSnoop USBlyzer Fake the device using an Arduino or other USB peripheral Hardware USB analyzer
11 Analyze the upgrade process
12 Analyze the upgrade process Get Info I N F O Transfer Image Send Header: B1 <byte1> <data> Get Response: B For each 512-byte chunk: Send Body: B1 <byte2> AH AL BH BL <data> Get Response: B Firmware Upgrade Transfer Image (byte1 = 01, byte2 = 00) Unknown: EE Transfer Image (byte1 = 03, byte2 = 02) Unknown: EE Unknown: EE Unknown: EE 00 01
13 What are the image blocks? Reconstruct from traffic logs into BIN files Fire up IDA Pro? Apparently Intel 8051 compatible chip
14 Study the 8051 code images
15 Firmware image layout Page 1 0xEFF F 0x Page 2 Page 3 Page n Page 10 0x4000 0x3FF F Base Page (Page 0) 0x0000
16 Boot process Boot ROM swapped into address 0x code execution begins at address 0x0000 Read firmware area of NAND Is firmware present? Yes, load first 32KB from special area of NAND to RAM at address 0x0000 and pass control to it No, sit and wait for firmware/flashing code to be sent for execution
17 Burner image Send command BF (jump to boot ROM) Send 32KB image burner image Send command B3 (jump to RAM) Send 241KB image firmware image Send command B3 (jump to RAM)
18 Writing new tools Drive communication implemented in Python Windows Linux OS X Send the original firmware Success! But can we modify it and send it? What should we modify?
19 Patch the firmware and try to flash it What could we change and easily see? Hard-coded strings? Don t see any Cripple functionality? Prevent one or more SCSI commands from working
20 Recovering from failed flash Read firmware area of NAND Is firmware present? Yes, load first 32KB from special area of NAND to RAM at address 0x0000 and pass control to it No, sit and wait for firmware/flashing code to be sent for execution
21 Recovering from failed flash Short the NAND data pins
22 Kinds of patches we can make Create hidden partitions Expose only one half of drive at a time (manipulate LBAs sent to drive) Password protection bypass Send raw NAND chip commands ourselves Get the chip ID Erase blocks Hmm maybe we can do some damage Self-destructing drive patch
23 Self-destructing drive patch Add concept of a locked vs. unlocked state Drive starts in locked state While locked, the drive reports no media inserted/present No reads/writes/accesses to any data Only special SCSI command can unlock drive When the drive is idle, increment a counter over and over (pseudo-timer) Counter is only reset via special SCSI command Script on PC sends this command over and over, enabling normal use When counter reaches maximum value (several seconds of inactivity): Erase firmware area of NAND Lock up Evil laughter ensues
24 Self-destructing drive patch Steal some bytes from RAM (*) Locked/Unlocked flag Timer counter Patch initialization routine Reset unlocked flag Reset counter to 0 Patch infinite loop If unlocked, increment counter If counter hit threshold Disable all interrupts Erase firmware area of NAND (*) And anything else we can Patch to add commands: Set unlocked flag Reset counter to 0 Patch request sense command: If locked, return no media present Patch read sector command: If locked, do nothing
25 Self-destructing drive patch: Stealing bytes from RAM We have no idea what RAM is in use by the firmware But we do know it doesn t modify itself Page 0 runs from 0x0000 0x? Other pages run from 0x4000 0xEFFF It ll probably be okay if we steal a little from ~0x3FF0
26 Self-destructing drive patch: Patching in calls to subroutines 8051 lcall instruction is 3 bytes lcall opcode + 2 byte address Find a block of code at least 3 bytes long Replace with call to empty area at end of page, where we ll place code we want to run Replace any extra bytes with NOPs In code we want to run, place the instruction(s) we originally replaced
27 Let s put on our FBI/attacker hat Proper drive behavior is now reliant on the computer script that sends the unlock and (continuous) counter-reset commands yay! But what if the computer script gets leaked to the Police? FBI? CIA? Girlfriend? Bad people? Require a drive-specific passphrase in the counter-reset command, to be checked by the firmware? Vulnerable to USB traffic sniffing, which can even be done in software
28 Let s put on our FBI/attacker hat What if we scramble the traffic between host and PC? Disney Infinity: Console generated random seed, sent (scrambled) to USB portal Portal descrambled and stored the random seed Portal generated random number and sent (scrambled) back to console Console generated same random number, and if it didn t match portal s, freak out and de-authenticate Prevents USB traffic sniffing As long as peripheral is only one that can descramble
29 Let s put on our FBI/attacker hat Okay, fine, we won t plug it in Dump the NAND chip Direct access to firmware and the data We ll patch the read/write commands to use encryption The data s now protected, but what about the firmware? Calculate the key based on information sent to drive beforehand Computer script can prompt for password, send that to drive, which then gets used to calculate the key This could go on forever
30 Demos
31 Links
32 In conclusion If you want to preserve the state of a device Don t apply power to it See what you can physically get access to first Be careful brandonlw@gmail.com Web: YouTube:
70-271. Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Q&A. DEMO Version
Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Q&A DEMO Version Copyright (c) 2007 Chinatag LLC. All rights reserved. Important Note Please Read Carefully For demonstration
More informationType Message Description Probable Cause Suggested Action. Fan in the system is not functioning or room temperature
Table of Content Error Messages List... 2 Troubleshooting the Storage System... 3 I can t access the Manager... 3 I forgot the password for logging in to the Manager... 3 The users can t access the shared
More informationDesign Considerations for USB Mass Storage
Design Considerations for USB Mass Storage Steve Kolokowsky Cypress Semiconductor syk@cypress.com June 12, 2002 2 Mass Storage The Killer App June 12, 2002 3 Outline Mass Storage Class Bridge Selection
More informationActive@ Password Changer for DOS User Guide
Active@ Password Changer for DOS User Guide 1 Active@ Password Changer Guide Copyright 1999-2014, LSOFT TECHNOLOGIES INC. All rights reserved. No part of this documentation may be reproduced in any form
More informationDESIGNING SECURE USB-BASED DONGLES
DESIGNING SECURE USB-BASED DONGLES By Dhanraj Rajput, Applications Engineer Senior, Cypress Semiconductor Corp. The many advantages of USB Flash drives have led to their widespread use for data storage
More informationChapter 8: Installing Linux The Complete Guide To Linux System Administration Modified by M. L. Malone, 11/05
Chapter 8: Installing Linux The Complete Guide To Linux System Administration Modified by M. L. Malone, 11/05 At the end of this chapter the successful student will be able to Describe the main hardware
More informationHow to design and implement firmware for embedded systems
How to design and implement firmware for embedded systems Last changes: 17.06.2010 Author: Rico Möckel The very beginning: What should I avoid when implementing firmware for embedded systems? Writing code
More informationAddendum. Additional materials of interest to Stellaris users
Addendum Additional materials of interest to Stellaris users USB Examples for EKx-LM3S3748 Evaluation Kit USB Boot Loader Demos 1 and 2... 3 USB Generic Bulk Device... 4 USB HID Keyboard Device... 4 USB
More informationAndroid Physical Extraction - FAQ
Android Physical Extraction - FAQ Nadav Horesh June, 2012 1 Table of Contents Introduction... 3 Android Debugging Bridge (ADB)... 4 Q: What does ADB stand for and how does it work?...4 Q: So can ADB be
More informationIndustrial Flash Storage Trends in Software and Security
January 22, 2013 Industrial Flash Storage Trends in Software and Security Many flash storage devices in embedded applications are used to save data but also function as disks for the OS. Most users are
More informationCautions When Using BitLocker Drive Encryption on PRIMERGY
Cautions When Using BitLocker Drive Encryption on PRIMERGY July 2008 Fujitsu Limited Table of Contents Preface...3 1 Recovery mode...4 2 Changes in hardware configurations...5 3 Prior to hardware maintenance
More informationTechnical Note. Micron NAND Flash Controller via Xilinx Spartan -3 FPGA. Overview. TN-29-06: NAND Flash Controller on Spartan-3 Overview
Technical Note TN-29-06: NAND Flash Controller on Spartan-3 Overview Micron NAND Flash Controller via Xilinx Spartan -3 FPGA Overview As mobile product capabilities continue to expand, so does the demand
More informationYun Shield User Manual VERSION: 1.0. Yun Shield User Manual 1 / 22. www.dragino.com
Yun Shield User Manual VERSION: 1.0 Version Description Date 0.1 Initiate 2014-Jun-21 1.0 Release 2014-Jul-08 Yun Shield User Manual 1 / 22 Index: 1 Introduction... 3 1.1 What is Yun Shield... 3 1.2 Specifications...
More informationIRON-HID: Create your own bad USB. Seunghun Han
IRON-HID: Create your own bad USB Seunghun Han Who am I? Security researcher at NSR (National Security Research Institute of South Korea) Operating system and firmware developer Author of the book series
More informationAN10860_1. Contact information. NXP Semiconductors. LPC313x NAND flash data and bad block management
Rev. 01 11 August 2009 Application note Document information Info Keywords Abstract Content LPC3130 LPC3131 LPC313x LPC313X LPC3153 LPC3154 LPC3141 LPC3142 LPC31XX LPC31xx Linux kernel Apex boot loader
More informationAdapting the PowerPC 403 ROM Monitor Software for a 512Kb Flash Device
Adapting the PowerPC 403 ROM Monitor Software for a 512Kb Flash Device IBM Microelectronics Dept D95/Bldg 060 3039 Cornwallis Road Research Triangle Park, NC 27709 Version: 1 December 15, 1997 Abstract
More informationFastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems
Fastboot Techniques for x86 Architectures Marcus Bortel Field Application Engineer QNX Software Systems Agenda Introduction BIOS and BIOS boot time Fastboot versus BIOS? Fastboot time Customizing the boot
More information150127-Microprocessor & Assembly Language
Chapter 3 Z80 Microprocessor Architecture The Z 80 is one of the most talented 8 bit microprocessors, and many microprocessor-based systems are designed around the Z80. The Z80 microprocessor needs an
More informationThinLinX TLXOS 64-bit Firmware Installation Guide for the Intel NUC Range. Materials Required
ThinLinX TLXOS 64-bit Firmware Installation Guide for the Intel NUC Range The Intel NUC is a small form factor computer that incorporates several models from Intel Core processors to the economical Single
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationTraditional IBM Mainframe Operating Principles
C H A P T E R 1 7 Traditional IBM Mainframe Operating Principles WHEN YOU FINISH READING THIS CHAPTER YOU SHOULD BE ABLE TO: Distinguish between an absolute address and a relative address. Briefly explain
More informationThat Point of Sale is a PoS
SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach
More informationSurvey of Filesystems for Embedded Linux. Presented by Gene Sally CELF
Survey of Filesystems for Embedded Linux Presented by Gene Sally CELF Presentation Filesystems In Summary What is a filesystem Kernel and User space filesystems Picking a root filesystem Filesystem Round-up
More informationUSB 2.0 Flash Drive User Manual
USB 2.0 Flash Drive User Manual 1 INDEX Table of Contents Page 1. IMPORTANT NOTICES...3 2. PRODUCT INTRODUCTION...4 3. PRODUCT FEATURES...5 4. DRIVER INSTALLATION GUIDE...6 4.1 WINDOWS 98 / 98 SE... 6
More informationPC Notebook Diagnostic Card
www.winter-con.com User s Guide PC Notebook Diagnostic Card User s Guide 1 www.winter-con.com User s Guide INTRODUCTION Notebook Diagnostic Card is a powerful diagnostic tool for technicians and administrators
More informationUSB Thumb Drive. Designer Reference Manual. HCS12 Microcontrollers. freescale.com. DRM061 Rev. 0 9/2004
USB Thumb Drive Designer Reference Manual HCS12 Microcontrollers DRM061 Rev. 0 9/2004 freescale.com USB Thumb Drive Designer Reference Manual by: Kenny Lam, Derek Lau, and Dennis Lui Applications Engineering
More information10 steps to better secure your Mac laptop from physical data theft
10 steps to better secure your Mac laptop from physical data theft Executive summary: This paper describes changes Mac users can make to improve the physical security of their laptops, discussing the context
More informationBypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken
Bypassing Local Windows Authentication to Defeat Full Disk Encryption Ian Haken Who Am I? Currently a security researcher at Synopsys, working on application security tools and Coverity s static analysis
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationExploiting USB Devices with Arduino. Greg Ose greg@nullmethod.com Black Hat USA 2011
Exploiting USB Devices with Arduino Greg Ose greg@nullmethod.com Black Hat USA 2011 Abstract Hardware devices are continually relied upon to maintain a bridge between physical and virtual security. From
More informationBypassing Endpoint Security for $20 or Less. Philip A. Polstra, Sr. @ppolstra ppolstra.blogspot.com
Bypassing Endpoint Security for $20 or Less Philip A. Polstra, Sr. @ppolstra ppolstra.blogspot.com Roadmap Why this talk? Who is this dude talking at me? Brief history of USB How does USB work? It s all
More informationLesson Objectives. To provide a grand tour of the major operating systems components To provide coverage of basic computer system organization
Lesson Objectives To provide a grand tour of the major operating systems components To provide coverage of basic computer system organization AE3B33OSD Lesson 1 / Page 2 What is an Operating System? A
More informationIntroduction to BitLocker FVE
Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk
More informationAn Introduction To Simple Scheduling (Primarily targeted at Arduino Platform)
An Introduction To Simple Scheduling (Primarily targeted at Arduino Platform) I'm late I'm late For a very important date. No time to say "Hello, Goodbye". I'm late, I'm late, I'm late. (White Rabbit in
More informationDEPARTMENT OF COMPUTER SCIENCE & ENGINEERING Question Bank Subject Name: EC6504 - Microprocessor & Microcontroller Year/Sem : II/IV
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING Question Bank Subject Name: EC6504 - Microprocessor & Microcontroller Year/Sem : II/IV UNIT I THE 8086 MICROPROCESSOR 1. What is the purpose of segment registers
More informationOverview of Data Security Methods: Passwords, Encryption, and Erase
Overview of Data Security Methods: Passwords, Encryption, and Erase Chris Budd SMART High Reliability Solutions Santa Clara, CA 1 Overview of Data Security Methods Introduction Data Protection Passwords
More informationIBM Rapid Restore PC powered by Xpoint - v2.02 (build 6015a)
IBM Rapid Restore PC powered by Xpoint - v2.02 (build 6015a) User s Reference Guide Internal IBM Use Only This document only applies to the software version listed above and information provided may not
More informationImation LOCK User Manual
Page: - 0 - Imation LOCK User Manual Security Application Program V2.0 - D Page: - 1 - Table of Contents A. Introduction... 2 B. General Description... 2 C. Features... 2 D. Before Using the Security Application
More informationHP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances
HP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances Introduction............................................................ 2 What is Virtualization?....................................................2
More informationAdvanced x86: BIOS and System Management Mode Internals SPI Flash. Xeno Kovah && Corey Kallenberg LegbaCore, LLC
Advanced x86: BIOS and System Management Mode Internals SPI Flash Xeno Kovah && Corey Kallenberg LegbaCore, LLC All materials are licensed under a Creative Commons Share Alike license. http://creativecommons.org/licenses/by-sa/3.0/
More informationField Alert - FA20030025B
FA20030025B August, 2003 Nomenclature: Harmony Network Communications Coupler Subject: Firmware upgrade instructions The firmware in the HNCC is flash firmware. As new releases come out, the firmware will
More informationIntel Solid State Drive Toolbox
3.3.5 Document Number: 325993-026US Intel technologies features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending
More informationSSD Firmware Update Utility Guide
SSD Firmware Update Utility Guide Crucial m4 2.5 SSD Firmware Revision 070H Firmware Update Guide for Windows 8 (Update from Rev 0001, 0002, 0009, 0309, 000F, 010G, 040H to Rev 070H) Introduction This
More informationEncrypting with BitLocker for disk volumes under Windows 7
Encrypting with BitLocker for disk volumes under Windows 7 Summary of the contents 1 Introduction 2 Hardware requirements for BitLocker Driver Encryption 3 Encrypting drive 3.1 Operating System Drive 3.1.1
More informationwww.dragino.com Yun Shield Quick Start Guide VERSION: 1.0 Version Description Date 1.0 Release 2014-Jul-08 Yun Shield Quick Start Guide 1 / 14
Yun Shield Quick Start Guide VERSION: 1.0 Version Description Date 1.0 Release 2014-Jul-08 Yun Shield Quick Start Guide 1 / 14 Index: 1 Introduction... 3 1.1 About this quick start guide... 3 1.2 What
More informationReview from last time. CS 537 Lecture 3 OS Structure. OS structure. What you should learn from this lecture
Review from last time CS 537 Lecture 3 OS Structure What HW structures are used by the OS? What is a system call? Michael Swift Remzi Arpaci-Dussea, Michael Swift 1 Remzi Arpaci-Dussea, Michael Swift 2
More informationIntel Solid State Drive Toolbox
3.3.6 Document Number: 325993-027US Intel technologies features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending
More informationPACKAGE OUTLINE DALLAS DS2434 DS2434 GND. PR 35 PACKAGE See Mech. Drawings Section
PRELIMINARY DS2434 Battery Identification Chip FEATURES Provides unique ID number to battery packs PACKAGE OUTLINE Eliminates thermistors by sensing battery temperature on chip DALLAS DS2434 1 2 3 256
More informationi.mx USB loader A white paper by Tristan Lelong
i.mx USB loader A white paper by Tristan Lelong Introduction This document aims to explain the serial downloader feature of i.mx SoCs on Linux (available across i.mx family starting with i.mx23). This
More informationBootloader with AES Encryption
...the world's most energy friendly microcontrollers Bootloader with AES Encryption AN0060 - Application Note Introduction This application note describes the implementation of a bootloader capable of
More informationIn this chapter, we want to make sure that your computer (and you) is ready for the Red Hat Linux installation.
CHAPTER 1 Before You Install In this chapter, we want to make sure that your computer (and you) is ready for the Red Hat Linux installation. Systems Requirements Red Hat Linux has a number of systems requirements
More information10 Ways to Not Get Caught Hacking On Your Mac
10 Ways to Not Get Caught Hacking On Your Mac Three18 is a Comprehensive Technology Solutions Provider Apple Certified Partner Microsoft Gold Partner Symantec Security Solutions Partner Novell and RedHat
More informationUSB FLASH DRIVE. User s Manual. USB 2.0 Compliant. Version A10. - 1 - Version A10
USB FLASH DRIVE User s Manual USB 2.0 Compliant Version A10-1 - Version A10 Introduction Thank you for purchasing the USB FLASH DRIVE device. The manual explains how to use the USB FLASH DRIVE software
More informationIntro to Intel Galileo - IoT Apps GERARDO CARMONA
Intro to Intel Galileo - IoT Apps GERARDO CARMONA IRVING LLAMAS Welcome! Campus Party Guadalajara 2015 Introduction In this course we will focus on how to get started with the Intel Galileo Gen 2 development
More informationIntel vpro. Technology-based PCs SETUP & CONFIGURATION GUIDE FOR
SETUP & CONFIGURATION GUIDE FOR Intel vpro Technology-based PCs This Setup Guide details what makes a true Intel vpro technology-based PC, and how to set up and configure Intel AMT (Active Management Technology)
More informationNIST Mobile Forensics Workshop and Webcast. Mobile Device Forensics: A Z
NIST Mobile Forensics Workshop and Webcast Mobile Device Forensics: A Z June 2014 Disclaimer: Certain commercial entities, equipment, or materials may be identified in this presentation. Such identification
More informationHP StorageWorks MSL2024, MSL4048, and MSL8096 Tape Libraries firmware release notes. Firmware version 4.60 (MSL2024), 6.90 (MSL4048), 9.
HP StorageWorks MSL2024, MSL4048, and MSL8096 Tape Libraries firmware release notes Firmware version 4.60 (MSL2024), 6.90 (MSL4048), 9.30 (MSL8096) Part number: AK378-96019 First edition: June 23, 2009
More informationRetrieving Internet chat history with the same ease as a squirrel cracks nuts
Retrieving Internet chat history with the same ease as a squirrel Yuri Gubanov CEO, Belkasoft http://belkasoft.com SANS Forensic Summit September 21, 2011 London, Great Britain What is Instant Messenger!
More informationSIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)
1 SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) Mohammad S. Hasan Agenda 2 Looking at Today What is a management protocol and why is it needed Addressing a variable within SNMP Differing versions Ad-hoc Network
More informationIBM Tivoli Monitoring Version 6.3 Fix Pack 2. Infrastructure Management Dashboards for Servers Reference
IBM Tivoli Monitoring Version 6.3 Fix Pack 2 Infrastructure Management Dashboards for Servers Reference IBM Tivoli Monitoring Version 6.3 Fix Pack 2 Infrastructure Management Dashboards for Servers Reference
More informationVMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED.
VMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *If you are using
More informationData Storage on Mobile Devices Introduction to Computer Security Final Project
Data Storage on Mobile Devices Introduction to Computer Security Final Project Katina Russell Tufts University, Fall 2014 Abstract While people come up with ideas about a mobile application to create,
More informationThe Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices
The Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices Introduction As organizations rely more heavily on technology-based methods of communication, many corporations
More information1. Computer System Structure and Components
1 Computer System Structure and Components Computer System Layers Various Computer Programs OS System Calls (eg, fork, execv, write, etc) KERNEL/Behavior or CPU Device Drivers Device Controllers Devices
More informationBomgar Corporation. Bomgar Application Security Assessment Summary January 26, 2015. This document is the property of Bomgar Corporation.
Bomgar Corporation Bomgar Application Security Assessment Summary January 26, 2015 This document is the property of Bomgar Corporation. Report Author Customer Project Document Control Document Control
More informationAgilent Technologies Truevolt Series Digital Multimeters
Agilent Technologies Truevolt Series Digital Multimeters (Models 34460A and 34461A) Declassification and Security Document Copyright 2013 Agilent Technologies, Inc. All rights reserved. Part Number: 5991-1950EN
More informationExploring the Remote Access Configuration Utility
Exploring the Remote Access Configuration Utility in Ninth-Generation Dell PowerEdge Servers The Remote Access Configuration Utility supports local and remote server management in ninth-generation Dell
More information1.0. User s Guide & Manual USB 2.0 FLASH DRIVE
1.0 USB 2.0 FLASH DRIVE User s Guide & Manual Index Introduction 1 CHAPTER1 Features & Specifications 2 CHAPTER2 System Requirements 4 CHAPTER3 Getting Started Installation of the Windows 98SE Driver 5
More informationNetwork Licensing. White Paper 0-15Apr014ks(WP02_Network) Network Licensing with the CRYPTO-BOX. White Paper
WP2 Subject: with the CRYPTO-BOX Version: Smarx OS PPK 5.90 and higher 0-15Apr014ks(WP02_Network).odt Last Update: 28 April 2014 Target Operating Systems: Windows 8/7/Vista (32 & 64 bit), XP, Linux, OS
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationDesigning VM2 Application Boards
Designing VM2 Application Boards This document lists some things to consider when designing a custom application board for the VM2 embedded controller. It is intended to complement the VM2 Datasheet. A
More informationEndPoint Device Secures Cloud Storage
EndPoint Device Secures Cloud Storage WeiTi Liu and Reid Augustin LucidPort Technology, Inc. www.lucidport.com Flash Memory Summit 2013 Santa Clara, CA 1 Increasing Need for Data Protection Data breaches
More informationThe Fallacy of Software Write Protection in Computer Forensics Mark Menz & Steve Bress Version 2.4 May 2, 2004
The Fallacy of Software Write Protection in Computer Forensics Mark Menz & Steve Bress Version 2.4 May 2, 2004 1.0 Table of Contents 1. Table of Contents 2. Abstract 3. Introduction 4. Problems a. Controlled
More informationEZ DUPE DVD/CD Duplicator
EZ DUPE DVD/CD Duplicator User s Manual Version 3.0 0 TABLE OF CONTENTS Introduction 2 Setup 11 LCD Front Panel Overview 2 o Auto Start Time 11 Menu Overview 3-5 o Display Mode 12 Functions 6 o Button
More informationBadUSB On accessories that turn evil
BadUSB On accessories that turn evil Karsten Nohl Sascha Krißler Jakob Lell SRLabs Template v12 Demo 1 USB s&ck takes over Windows machine 2 Agenda
More informationLearning USB by Doing. John.Hyde@intel.com
Learning USB by Doing. John.Hyde@intel.com The question that I am asked most often is how do I start a USB project? There are many alternate starting points for the design of a USB I/O device and this
More informationios Testing Tools David Lindner Director of Mobile and IoT Security
ios Testing Tools David Lindner Director of Mobile and IoT Security Who is this guy? David Lindner @golfhackerdave david.lindner@nvisium.com 15+ years consulting experience I hack and golf, sometimes at
More informationCustomizing Boot Media for Linux* Direct Boot
White Paper Bruce Liao Platform Application Engineer Intel Corporation Customizing Boot Media for Linux* Direct Boot October 2013 329747-001 Executive Summary This white paper introduces the traditional
More informationMACHINE ARCHITECTURE & LANGUAGE
in the name of God the compassionate, the merciful notes on MACHINE ARCHITECTURE & LANGUAGE compiled by Jumong Chap. 9 Microprocessor Fundamentals A system designer should consider a microprocessor-based
More informationInstalling and Upgrading to Windows 7
Installing and Upgrading to Windows 7 Before you can install Windows 7 or upgrade to it, you first need to decide which version of 7 you will use. Then, you should check the computer s hardware to make
More informationITE RAID Controller USER MANUAL
ITE RAID Controller USER MANUAL 120410096E1N Copyright Copyright 2004. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system or translated
More information8-Bit Flash Microcontroller for Smart Cards. AT89SCXXXXA Summary. Features. Description. Complete datasheet available under NDA
Features Compatible with MCS-51 products On-chip Flash Program Memory Endurance: 1,000 Write/Erase Cycles On-chip EEPROM Data Memory Endurance: 100,000 Write/Erase Cycles 512 x 8-bit RAM ISO 7816 I/O Port
More informationVMware vsphere 5 Quick Start Guide
VMware vsphere 5 Quick Start Guide This document is created to provide some basic information about VMware, and allow you, the customer, to determine when and how to engage us for support or other needs
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationSecure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft
Application Report Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Embedded RF ABSTRACT This application report describes
More informationFirmware security features in HP Compaq business notebooks
HP ProtectTools Firmware security features in HP Compaq business notebooks Embedded security overview... 2 Basics of protection... 2 Protecting against unauthorized access user authentication... 3 Pre-boot
More informationUser Manual. Copyright Rogev LTD
User Manual Copyright Rogev LTD Introduction Thank you for choosing FIXER1. This User's Guide is provided to you to familiar yourself with the program. You can find a complete list of all the program's
More informationSecurity Service tools user IDs and passwords
System i Security Service tools user IDs and passwords Version 5 Release 4 System i Security Service tools user IDs and passwords Version 5 Release 4 Note Before using this information and the product
More informationCS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study
CS 377: Operating Systems Lecture 25 - Linux Case Study Guest Lecturer: Tim Wood Outline Linux History Design Principles System Overview Process Scheduling Memory Management File Systems A review of what
More informationThe PC Boot Process - Windows XP.
The PC Boot Process - Windows XP. Power supply switched on. The power supply performs a selftest. When all voltages and current levels are acceptable, the supply indicates that the power is stable and
More informationAPPLICATION NOTE. AT07175: SAM-BA Bootloader for SAM D21. Atmel SAM D21. Introduction. Features
APPLICATION NOTE AT07175: SAM-BA Bootloader for SAM D21 Atmel SAM D21 Introduction Atmel SAM Boot Assistant (Atmel SAM-BA ) allows In-System Programming (ISP) from USB or UART host without any external
More informationEmbedded Operating Systems in a Point of Sale Environment. White Paper
Embedded Operating Systems in a Point of Sale Environment White Paper December 2008 Contents Embedded Operating Systems in a POS Environment... 3 Overview... 3 POS Operating Systems... 3 Operating Systems
More informationDetecting Hardware Keyloggers. Fabian Mihailowitsch November 26, 2010
Detecting Hardware Keyloggers Fabian Mihailowitsch November 26, 2010 Who? Fabian Mihailowitsch Former Software Developer German energy combine IT-Security Consultant cirosec GmbH Penetration Tests Source
More informationProduction Flash Programming Best Practices for Kinetis K- and L-series MCUs
Freescale Semiconductor Document Number:AN4835 Application Note Rev 1, 05/2014 Production Flash Programming Best Practices for Kinetis K- and L-series MCUs by: Melissa Hunter 1 Introduction This application
More informationNasir Memon Polytechnic Institute of NYU
Nasir Memon Polytechnic Institute of NYU SSD Drive Technology Overview SSD Drive Components NAND FLASH Microcontroller SSD Drive Forensics Challenges Overview SSD s are fairly new to the market Whereas
More informationTroubleshooting the Firewall Services Module
CHAPTER 25 This chapter describes how to troubleshoot the FWSM, and includes the following sections: Testing Your Configuration, page 25-1 Reloading the FWSM, page 25-6 Performing Password Recovery, page
More informationI/O. Input/Output. Types of devices. Interface. Computer hardware
I/O Input/Output One of the functions of the OS, controlling the I/O devices Wide range in type and speed The OS is concerned with how the interface between the hardware and the user is made The goal in
More informationInfiniium Upgrade and Recovery Guide
Infiniium Upgrade and Recovery Guide For detailed upgrade and recovery instructions, find the section of this document that pertains to your particular model number. If your model number is not printed
More informationUniKey Family 0. UniKey Time
UniKey Family 0 UniKey STD HID based driverless dongle Unique Hardware ID Automatic Protection Remote Update 4k Internal Memory API (for numerous platforms) Offline Licensing Options Customization Service
More information