#1 - Joseph FitzPatrick


Manage episode 282671840 series 2855931
由Player FM以及我们的用户群所搜索的Avast — 版权由出版商所拥有,而不是Player FM,音频直接从出版商的伺服器串流. 点击订阅按钮以查看Player FM更新,或粘贴收取点链接到其他播客应用程序里。

In this episode, Joe recollects about the first hack he ever presented at a conference. It was a Nikon D800 camera. The high-end apparatus used a very expensive proprietary Wi-Fi adaptor, and Joe didn’t understand why a generic $50 adaptor, at a tenth the cost, shouldn’t work just as effectively. Applying some electrical engineering skill and technical know-how, Joe hacked the device and made the cheaper adaptor work like a charm on it.

Aside from leading Joe down the road to many more camera hacks, this also led him to a passionate new hobby – armchair hacking (his term). Joe says that armchair hacking is among the most important steps in a successful hack because it’s the critical first step. It entails using a discerning eye to study the object that’s going to be hacked, looking at it, seeking holes in the armour, and plotting the angle of approach.

One of Joe’s most significant hacks would be the time he hacked Direct Memory Access (DMA). DMA is a protocol that allows add-in cards to directly access memory instead of asking the CPU to fetch it. After some armchair hacking, Joe took a testing chip that used USB, he added a little hardware, added a little software, wrote a Python script, and suddenly he had a drive-less way to push and pull data from the system’s memory.

The point of all this hacking? It tests the integrity of systems. If there is any vulnerability in the tech being used by governments, businesses, or the masses, it’s a much more desirable situation for Joe and his colleagues to find it first so it can be fixed rather than for bad actors to discover it and cause harm. “We can’t always assume the hardware works as we think it does,” says Joe. “And we can’t always assume the hardware is fully trustworthy and perfect and infallible. A protocol is not secure until you have the tools to poke at it and inspect it.”

Joe offers his own official training to be a white-hat hacker, but he also has advice for those just starting out. “Figure out your core skill set – electronics, software, interpersonal communication, politics, etc. You’re dealing with understanding a system, and when you combine that with the desire to see how a system works, you get the ability to reverse engineer and take apart and manipulate that system, which makes you productive as a hacker, someone who makes a change.” As for where hackers should begin – Joe says hardware hacking villages at conferences are a great place to start. Also, he advises, you can always go to a thrift store, buy some cheap hardware, take it home, and take it apart. That’s hacking at its core.

History can be seen as a series of “Aha!” moments, and we’re excited to trace those milestones that have shaped our digital age. Hear Joe go deeper in-depth on the topics mentioned above as well as much more in our premiere episode of Avast Hacker Archives.