Our work on solving @raspberrypi.com's RP2350 Hacking Challenge is now online! 5 different attacks and lots of lessons learned. Joint work with Aedan Cullen, Kévin Courdesses, @stacksmashing.bsky.social, and Andrew Zonenberg! Paper: www.usenix.org/system/files... Repo: github.com/bhamsec/woot...

Two winners of the RP2350 Hacking Challenge will present their results at WOOT! Muench et al. break its secure boot guarantees through voltage, electromagnetic, and laser fault injection 💥 techniques: www.usenix.org/conference/w...

📢 Excited to announce that the results on BaseBridge, our project on improving cellular baseband emulation, are going public this week. Dyon will present at IEEE S&P on Monday 3pm, while David and I will be on stage at @offensivecon.bsky.social on Saturday 11am with even more details! 1/6

I'm proud to announce that myself and @AtipriyaBajaj have created the Workshop on Software Understanding and Reverse Engineering (SURE), which will be co-located at CCS 2025. sure-workshop.org/ Please follow our workshop account @sureworkshop and RT it for visibility :).

No joke, another video! Marius and Tomasz share the ins and outs of modern SIM hacking!

Really enjoyed speaking at the inaugural edition of @re-verse.io! You can find Tomasz' and my slides on tricks with SIMs and interposers here: tinyurl.com/reverse25-si...

Looking forward to share our latest research on hostile SIMs and interposers at the upcoming RE//verse conference!

(please re-post for reach - thank you!) Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share? Write a 1-page article for the #6 issue of Paged Out! :) pagedout.institute?page=cfp.php Soft deadline is Feb 1st.

happy new year 🎉 to continue the tradition, here is some of my favorite firmware & embedded security research of 2024: Defeating the new Raspberry Pi's RP2350 Security Features [1] Reversing and Hacking Firmware of an in-orbit Satellite to Re-establish Lost Communication [2]