Adam Laurie



Partner at IBM X-Force

Talk Title:

Taking the guess out of Glitching !


Fault Injection / Glitching is probably the fastest-growing methodology in hardware hacking today. Although its been around for quite some time, it is now rapidly growing in popularity for many reasons: cheaper tools, better media/blog coverage, multiple success stories, etc. In this talk we will look at some of the challenges faced when first trying to get into this technique and provide some practical hints and tips and what to do and what not to do to get results, how to answer some of the fundamental questions: when do I glitch? How hard/often to I glitch? Is my glitch having any effect? I'll also introduce an innovative technique for figuring out one of the most crucial of the above variables... When Do I Glitch ?


Adam Laurie is a security consultant working in the field of electronic communications, who specializes in reverse engineering of secure embedded systems. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other minicomputers, and then on various Unix, Dos and CP/M based microcomputers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company that rapidly grew to become Europe's largest specialist in that field (A.L. Downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and wrote the world's first CD ripper, 'CDGRAB'. At this point, he became interested in the newly emerging concept of 'The Internet', and was involved in various early open source projects, the most well known of which is probably 'Apache-SSL', which went on to become the de-facto standard secure web server. Since the late Nineties he has focused his attention on security and has been the author of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of re-using military data centers housed in underground nuclear bunkers as secure hosting facilities.

Adam aka "Major Malfunction" has been a senior member of staff at DEFCON since 1997 and is the POC for the London DEFCON chapter DC4420. Over the years has given presentations on forensics, magnetic stripe, EMV, InfraRed, RF, RFID, Terrestrial and Satellite TV hacking, and, of course, Magic Moonbeams. He is the author and maintainer of the open-source python RFID exploration library 'RFIDIOt', which can be found at Twitter: @rfidiot

Copyright © 2023 | Nullcon India | International Security Conference | All Rights Reserved