Saturday, December 5, 2009

Volunteers to help cleanup Wordpress problems?

Whenever the blog is enabled, spammers are able to deface the mainpages index.html file replacing it with hundreds of spam links to software.

The only way we can stop it is to stop the blog. We've tried cleaning the blog up but they still get in somehow through Wordpress :(.

If you think you can help us, please email tech at


Tuesday, January 13, 2009

Blackhat USA 2009 Poll - Rev Eng Class

During last years Blackhat and Defcon conferences, several individuals asked me about possibly giving classes on the security model of commonly found microcontrollers.  Jeff Moss' group setup a poll here.  Given todays Silicon technology has become so small yet so large, it would be best to determine which architecture and which devices everyone is most interested in.  The current poll will determine which brand micro to target (Atmel AVR or Microchip PIC) and after this is decided, we will need more input to narrow the class down to a few devices of the chosen family.

While the classes are not cheap, all participants will learn and understand the chosen targets security model.  Armed with such knowledge will help you to understand and recognize potential risks in future design work allowing you to avoid the possiblity of compromise (and I suppose this would also enhance job security :).   Full mosaic blowups of the targets, decapsulated devices, use of a probe station and all users will "modify" the security model of their devices themselves (unless they ask for some help).  I don't believe such a class has ever been given and seating will be limited per class.

Feel free to comment here but Blackhat really needs the feedback.


Thank you,

-Christopher Tarnovsky