Voltage glitching, not just for music makers.
06-28, 11:00–11:50 (America/Los_Angeles), Prime Dome

There are some fun tools to be had, and attacks that can bypass code or instructions in code if you either inject voltage at the right time or enough EMI that it can flip bits. or scramble/overwrite segments of memory that it will bypass security controls with-in the code.


Talk will focus on the basics of what injection is and how it can be useful. We will show of a one or two demos of example code, and injection attacks that work consistently. We will also talk about methods for preventing these types of attacks, and what tools you can use to recreate these attacks.

David M. N. Bryan is a Hacker with X-Force Red, IBM’s elite security testing team. David has 25+ years of Information Security experience and knowledge that he uses to create custom attack scenarios for/with our clients. His primary skill sets involve penetration testing embedded computing/hardware, ATMs, and mainframes. David runs and leads many projects, and often acts as a liaison with clients.

David has been a defender of security at a top ten bank, setup and secured the DEF CON network, and has run hundreds of engagements with clients. David has been a participant in the information security community for 25+ years, first starting out as a DEF CON volunteer (Goon) - and now is on the board that runs Thotcon, a Chicago Information Security conference. For the last 15+ years David has been the attacker in many scenarios as a penetration tester covering hardware, mainframe, network, embedded, wireless, web applications, and physical security. David has presented at BlackHat, DEF CON, ToorCon, LayerOne, ToorCamp, BSides Events, and AppSecUSA.