Hardware & Embedded Systems: A little early effort in security can return a huge payoff

Editor's note: This piece was originally published by embedded.com There’s no shortage of companies that need help configuring devices securely, or vendors seeking to remediate vulnerabilities. But from our vantage point at NCC Group, we mostly see devices when working directly with OEMs confronting security issues in their products — and by this point, it’s … Continue reading Hardware & Embedded Systems: A little early effort in security can return a huge payoff

Practical Considerations of Right-to-Repair Legislation

Background For some time there has been a growing movement amongst consumers who wish to repair their own devices in a cost effective manner, motivated to reduce their expenses, and reduce e-waste. This is becoming ever more difficult to achieve as devices reach ever higher levels of complexity, and include more electronics and firmware. The … Continue reading Practical Considerations of Right-to-Repair Legislation

Embedded Device Security Certifications

For those who have not attended previously, Hardwear.io is a technical conference focused on hardware security. While the conference is only in their 4th year, both the training and speakers have been world-class since its inception, and its success is obvious; it has expanded to a twice-a-year format, and even begun holding sessions in North … Continue reading Embedded Device Security Certifications

Much Ado About Hardware Implants

By now most people have seen the three Bloomberg articles detailing the alleged conspiracy to install back-doors on servers assembled by SuperMicro via a tiny microchip. There are plenty of great takes already (1, 2, 3, 4, 5, 6, 7). Supply chain attacks are not new, nor are those using hardware implants. But this is high profile, alleged to be government perpetrated, and affects a large number of companies worldwide. Several … Continue reading Much Ado About Hardware Implants