June 2, 2026/
How UPnP and SSDP expose connected products, opening firewall ports and leaking device details, and how to reduce the exposure.
- All Posts
- Cryptography
- Firmware
- Hardware
- Industry
- Learning
- Pen Testing
- Protocols
- Secure Boot
- Secure Development
- Side-Channel
- Threat Modeling
- Tutorials
- Back
- STM32
June 2, 2026/
How to threat model an IoT product with STRIDE, finding design flaws before a line of code is written, and...
June 2, 2026/
How a TPM binds secrets to a known-good boot state on embedded Linux, with sealed storage, measured boot, and attestation.
June 2, 2026/
How to test TLS certificate validation on embedded clients by intercepting their traffic, and why encryption without validation fails.
June 2, 2026/
How sniffing I2C and SPI buses reveals EEPROM contents, command traffic, and keys, and why secrets must never cross a...
June 2, 2026/
How to secure over-the-air firmware updates with signed manifests, rollback protection, and TLS, the three controls you must have.
June 2, 2026/
How embedded secure boot builds a chain of trust, how to prove it rejects tampering, and why rollback protection is...
June 2, 2026/
How to reverse engineer firmware with Ghidra, pivoting from strings and cross-references to the decompiled logic and hidden backdoors.
June 2, 2026/
How weak random number generation silently breaks keys and nonces on embedded devices, how to audit entropy, and how to...