Travis Goodspeed: Building an Actively Antiforensic iPod
SkyDogCon 2013
We trust disks to act as well-behaved block devices, but they are in fact little computers of their own. They have a CPU, they run software, and the USB or SATA bus they use to communicate with their host is really just a network. A disk, in a way, isn't so different from a webserver.
This lecture first demonstrates how a disk can infer the intentions of the host to identify malicious actions, then shows how to patch an iPod's firmware to do the same. Imaging the presenter's iPod will cause the disk to erase itself.
Travis Goodspeed is a neighborly reverse engineer from what used to be Caswell County in the Free Republic of Franklin. He keeps there a Low-Earth-Orbit satellite tracking station built out of Navy Surplus hardware. His sweet ride, which you can see in the hotel parking lot, is a TV News Van with a fifty foot telescoping microwave tower and a V10 engine.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek