• Home
  • Releases
  • Submit Vuln
  • Press
  • About
  • PGP
  • Contact
    • Contact
    • Submit Vuln
    • VDP
  • Tutorials
    • All Posts
    • Photoshop on Linux
    • macOS on Linux
  • Supporters
  • Projects
  • Training
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
  • Home
  • Releases
  • Submit Vuln
  • Press
  • About
  • PGP
  • Contact
    • Contact
    • Submit Vuln
    • VDP
  • Tutorials
    • All Posts
    • Photoshop on Linux
    • macOS on Linux
  • Supporters
  • Projects
  • Training
No Result
View All Result
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
  • Home
  • Releases
  • Submit Vuln
  • Press
  • About
  • PGP
  • Contact
    • Contact
    • Submit Vuln
    • VDP
  • Tutorials
    • All Posts
    • Photoshop on Linux
    • macOS on Linux
  • Supporters
  • Projects
  • Training
No Result
View All Result
Sick Codes - Security Research, Hardware & Software Hacking, Consulting, Linux, IoT, Cloud, Embedded, Arch, Tweaks & Tips!
No Result
View All Result
Home News

Sick Codes Speaking LIVE in-person @ Hardwear.io USA 9-10th June 2022: Supply Chain Level 0: Grinding Tractors to a Halt – Growing Pains in Agricultural Hardware Security

by Sick Codes
May 16, 2022
in News
0
Sick Codes Hardwear.io Talk 9-10th June 2022

Sick Codes Hardwear.io Talk 9-10th June 2022

I have been fortunate enough to be giving a talk on Supply Chain security this year at Hardwear.io USA 2022, a conference in Santa Clara, California, dedicated to hardware hacking & techniques.

Event: Hardware.io USA 2022: 9-10th June 2022, 2151 Laurelwood Rd, Santa Clara, CA 95054, United States

Tickets & Registration is available here: https://hardwear.io/usa-2022/register.php

The event is also being sponsored by

Google, Microsoft, Technology Innovation Institute (TII), Winbond and more!

The presentation slides will be available after the event (not immediately after, because I’ll still be at the event) and you can contact me in any way you’d like, either at the event, before, or after!

Sick Codes Hardwear.io Talk 9-10th June 2022
Sick Codes Hardwear.io Talk 9-10th June 2022

Sick Codes

Supply Chain Level 0: Grinding Tractors to a Halt – Growing Pains in Agricultural Hardware Security

Talk Title:

Supply Chain Level 0: Grinding Tractors to a Halt – Growing Pains in Agricultural Hardware Security

Abstract:

I hacked all four John Deere Telematics Gateway’s, and the John Deere Gen4 Series Display. Without those, it’s “just a tractor.” However, this is Critical Infrastructure. In fact, without Tractors, Combines & Implements: farmers cannot plant, spray or harvest. No raw materials == no food & alcohol. You will see how long I persisted over multiple months, to gain access and was able to hack these devices to the absolute binary core, warts & all. What was the bounty? Source Code, Root File Systems, FPGA compiled binaries, the works. Agricultural Security is a serious issue. Multiple ransomware attacks last year showed exactly how destructive attacks on Food & Agriculture are, and how fragile the supply chain is.

Speaker Bio:

Sick Codes is an Australian hacker, who resides somewhere in Asia: I love 0days, emulation, open source, reverse engineering, standing up for other researchers & fast motorbikes. I have worked on many interesting projects over the last few years including hacking & emulating TV’s, cars, tractors, watches, ice cream machines, and more. My heart lies with Free Software but I like to go where no researcher has gone before. My works include Docker-OSX, which regularly trends on GitHub with 22k+ stars, 250k+ downloads. I’ve spoken 2x at DEF CON, published 20+ CVEs, competed in CTFs, and I’m here to stay.

Next Post
Sick Codes DEFCON 30 Hacking The Farm Breaking Badly Into Agricultural Devices

Sick Codes @ DEF CON 30 August 11-14 2022!

CVE-2022-35414 - QEMU 4.1.50 through QEMU 7.0.0 - address_space_translate_for_iotlb allows a guest user to crash a host resulting in a denial of service.

CVE-2022-36123 asm_exc_page_fault

CVE-2022-36123 - A vulnerability in Linux kernel mainline v5.18-rc1 through v5.19-rc6 does not clear statically allocated variables in the block starting symbol (.bss) due to a failed early_xen_iret_patch leading to an asm_exc_page_fault, or arbitrary code execution

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result
  • Home
  • Releases
  • Submit Vuln
  • Press
  • About
  • PGP
  • Contact
    • Contact
    • Submit Vuln
    • VDP
  • Tutorials
    • All Posts
    • Photoshop on Linux
    • macOS on Linux
  • Supporters
  • Projects
  • Training

© 2017-2021 Sick.Codes

@sickcodes

@sickcodes

@sickcodes

Discord Server

sickcodes.slack.com

t.me/sickcodeschat

./contact_form