If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
This talk will present the journey through the analysis of the Chipolo ONE
Bluetooth tracker. As for lots of IoT devices, this analysis mixes both hardware
and software attacks so this talk will be packed with lots of techniques that
can be applied to other devices as well:
- Using fault injection to bypass the debug locking mechanism on a chip that has
apparently never been broken before.
- Reverse engineering an unknown firmware with Ghidra, a PDF and parts of a SDK
- Analyzing weak cryptographic algorithms to be able to authenticate to any
device
- Finding a buffer overflow and achieve code execution over Bluetooth
- Disclosing an unpatchable vulnerability to the vendor