The Long Path to 20 Bytes of Firmware

When I began my approach for a By-Pass Lock screen solution, I knew that the USB/PCI Express Bridge chip I was using had the capability to enable DMA attacks. But I wasn’t sure how to configure it properly. In the end 20 Bytes of firmware did it. But getting to the 20 bytes of firmware…

Make it Light

So a while ago I put together a hardware security project. The device I was building was a PCIExpress device to do DMA (Direct Memory Access) attacks on a computer. The idea being you would have a card that you could put in a slot into the computer. Then this card would basically use its…

Hardware to Bandwidth to Software Flipped Around

So here’s another occasion with a similar scenario where a small kludge solution turns a complicated design into something really easy but it requires a separate perspective on the problem. This is from my work on the CPU debug team at Intel, circa 2007. Engineers in my group were trying to resolve a problem. We…

First Week Impact

My approach to engineering craft has evolved to knowing when the easy solution exists and grabbing that instead of going with a complicated solution. Sometimes that’s a hack or sometimes it’s a different perspective.  A newbie’s perspective can often provide that different perspective. Within my first week at Intel I surprisingly contributed immediately to my…