Insecure computer systems in the wild can enable consequences ranging from crime to mass surveillance to (in the case of cyberphysical systems) physical destruction or even death. But how can anyone know if a particular computer system is insecure? One can rely on the representations of the system designers or manufacturers; however, the history of computers is replete with examples of claims that products are secure which are subsequently proven false. This is, in part, because computer systems tend to exhibit unanticipated, unintended, or poorly-understood behaviors that have complex interactions. As a result, the best way to learn about the security of a system is to take a detailed look at the hardware and software that comprise the system, and their interactions. In the common case where hardware designs and software source code are not available, reverse engineering the system is often the best way to derive ground-truth data on how the system functions.
In this talk, I’ll describe some of my recent research where reverse engineering played a key role, covering TLS implementations with backdoors as well as cyberphysical systems. I’ll also describe the scientific nature of reverse engineering as well as the positive, real-world impact reverse engineering can have on security and safety.
Speaker Biography
Stephen Checkoway is an Assistant Research Professor in the Department of Computer Science at Johns Hopkins University and a member of the Johns Hopkins University Information Security Institute. Checkoway’s research focuses on the security of embedded and cyberphysical systems. He has demonstrated exploitable vulnerabilities in such embedded systems as electronic voting machines, laptop webcams, automobiles, and airport scanners. He received his Ph.D. in Computer Science from the University of California, San Diego in 2012.