Here be Dragons
A Bedtime Tale for Sleepless Nights
Have you ever wanted to know what happens deep in the boot cycle on the Qualcomm Snapdragon SoC? Have you been curious about why Trust Zone is only on Core 0? Have you simply pondered the underlying security of Qualcomm SoC platforms? We did!
Over the past X months, we spent considerably too much time digging into the internal workings of the Qualcomm Snapdragon platforms. We explored the bootloader, we explored Trust Zone, we explored the hardware, we explored the leaked internal docs, we fuzzed the dragon. Now we want to share our experiences and all the fun stuff we learned along the way.
We will detail what happens at the hardware and bootloader layer upon power-on. We will detail everything we know about eFuses / QFPROM technologies and how Qualcomm stores crypto keys (and what you can store there as well). We will even chat a bit about Trust Zone and why it remains a PITA to work with. We will round the talk out with some highlights from the shortcomings we found on the platform in general, and some ideas on where to poke next.
Speakers
 |
Josh "m0nk" Thomas |
|
Nathan Keltner |