Giving us a view of security from an alternate angle, ethical hacker, Alexander Pick, highlights the methods, challenges and trends in device hacking.
What inspired you to start exploring and hacking hardware?
I began in the early 2000s, at a time when making money from security was rare, so it was more of a hobby. I published and reported findings on mailing lists and later transitioned into software development, maintaining an interest in security. Eventually, I moved into management but didn’t enjoy it, so I returned to technical roles. Hardware always intrigued me because it’s a crossover field combining software, electronics, and different types of systems, which not everyone is doing. The diversity of high-level and low-level devices, and the unique challenges of working with both hardware and software, kept me engaged.
What are the biggest challenges you face when reverse engineering devices?
Reverse engineering hardware comes with several challenges, especially around cryptography. Increasingly, firmware is being encrypted to prevent dumping, making it harder to extract and analyse. Hardware protections, like read-out and tamper protections, are also becoming more common, with some high-end devices even breaking when opened. These measures slow the process, but with enough patience, it’s still possible to dump firmware and reverse engineer devices. Over time, I’ve grown accustomed to working around these obstacles, but they’re certainly a challenge that requires persistence.
How do you approach finding vulnerabilities in hardware systems?
There are different approaches, but I generally look for poor physical design choices or overlooked security flaws. For high-level devices, I focus on finding leftover debug interfaces, which are often helpful for developers but can also provide a way in for hackers. From my software development experience, I know that if something is useful for a developer, it’s useful for a hacker. I look for debug ports or hardware-level interfaces, like JTAG, which can give access to the system. The approach depends on the device, and sometimes I start with hardware and other times with software, but the goal is always to gain access.
What trends are you seeing in hardware security and where is the industry heading?
There’s a clear trend toward more sophisticated security measures. Hardware engineers are increasingly introducing read-out protections and tamper safeguards. Firmware is now often cryptographically secured, either by encrypting the entire firmware or signing binaries to ensure only authorised code runs. Companies have become much better at removing leftover development files from firmware, a common vulnerability a few years ago. Overall, the industry is moving toward cleaner, more secure systems.
What advice would you give to beginners who want to get into hardware hacking?
To start, it’s important to have a strong understanding of software development and the software development process. This knowledge helps you understand how hardware is developed and how to spot potential vulnerabilities. You’ll also need some familiarity with electronics, as this will be essential for hardware hacking. Proficiency in soldering is critical too, since you often need to attach tiny wires to a PCB. Learning about classic hardware design patterns and getting comfortable with reading data sheets is key; much of hardware hacking involves analysing and interpreting these sheets.