E Amazings
  • Home
  • Automotive
  • Business
  • CBD
  • Crypto
  • Education
  • Entertainment
  • Fashion
  • Finance
  • Health
  • Home Improvement
  • Law \ Legal
  • News
  • Shopping
  • Sports
  • Technology
  • Travel

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Apple AirPods Pro 2 likely to come with USB Type-C charging case

July 4, 2022

Fighting All That Can Go Wrong With Resin

July 4, 2022

NFT, BTC Scams Featured on British Army’s Compromised Twitter, YouTube Accounts

July 4, 2022
Facebook Twitter Instagram
E Amazings
  • Home
  • Automotive
  • Business
  • CBD
  • Crypto
  • Education
  • Entertainment
  • Fashion
  • Finance
  • Health
  • Home Improvement
  • Law \ Legal
  • News
  • Shopping
  • Sports
  • Technology
  • Travel
Facebook Twitter Instagram
E Amazings
You are at:Home»Technology»Breaking Google Nest Hub’s Secure Boot
Technology

Breaking Google Nest Hub’s Secure Boot

Paul EasterBy Paul EasterJune 20, 2022No Comments2 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter Pinterest WhatsApp Email


[frederic] tells a story about their team’s hack of a Google Nest Hub (2nd generation) — running Ubuntu on it, through bypassing Google’s boot image signature checks. As with many good hacks, it starts with FCC website pictures. Reverse-engineering a charger and USB daughterboard pin-out, they found a UART connection and broke it out with a custom adapter. With a debug console and insights into the process, they went on hacking, slicing through hardware and software until it was done with.

This story gives plenty of background and insight into both the code that was being investigated, and the way that attack targets were chosen. Through fuzzing, they found a buffer overflow in the bootloader code that could be triggered with help of a non-standard block size. USB flash drives tend to have these hard-coded, so they built a special firmware for a Pi Pico and shortly thereafter, achieved code execution. Then, they hooked into uboot functions and loaded Ubuntu, bypassing the boot image signature checks.

This is a wonderful documentation of a hacking journey, and an exciting read to boot (pun intended). The bug seems to have been patched for half a year now, so you probably can’t flash your Google Nest into Ubuntu anymore. However, you might be able to run an up-to-date Linux on your Amazon Echo.

We thank [Sven] for sharing this with us!



Source link

Paul Easter

Related Posts

Fighting All That Can Go Wrong With Resin

By Paul EasterJuly 4, 2022

Think You Know How Mario Kart Works?

By Paul EasterJuly 4, 2022

Dithering Makes Everything Cooler: Now Even Animated

By Paul EasterJuly 4, 2022

Moteus Open Source BLDC Controller Gets Major Upgrade

By Paul EasterJuly 4, 2022
Add A Comment

Comments are closed.

Our Picks

Apple AirPods Pro 2 likely to come with USB Type-C charging case

By Paul EasterJuly 4, 2022

Fighting All That Can Go Wrong With Resin

By Paul EasterJuly 4, 2022

NFT, BTC Scams Featured on British Army’s Compromised Twitter, YouTube Accounts

By Paul EasterJuly 4, 2022
Recent Posts
  • Apple AirPods Pro 2 likely to come with USB Type-C charging case July 4, 2022
  • Fighting All That Can Go Wrong With Resin July 4, 2022
  • NFT, BTC Scams Featured on British Army’s Compromised Twitter, YouTube Accounts July 4, 2022
  • Akasa Air showcases crew uniform; conducts proving flight test July 4, 2022
  • Air India alerts people about hoax communication; link offering Rs 6000, fake, says company July 4, 2022
  • Will recession hit Indian shores in six months? Zee Business Managing Editor Anil Singhvi decodes July 4, 2022
  • Ethereum Name Service Sells for Second-Highest Price Ever of 300 ETH July 4, 2022
Archives
  • July 2022
  • June 2022
Facebook Twitter Instagram Pinterest TikTok
  • Home
© 2022 E Amazings - All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.