EEVblog Electronics Community Forum

Electronics => Microcontrollers => Topic started by: phil from seattle on January 05, 2025, 12:29:26 am

Title: RP2350 Hacker challenge winner?
Post by: phil from seattle on January 05, 2025, 12:29:26 am

It looks like someone has won (https://www.tomshardware.com/raspberry-pi/it-looks-like-the-raspberry-pi-rp2350-hacking-challenge-has-been-beaten-hacker-gains-access-to-the-otp-secret-by-glitching-the-risc-v-cores-to-enable-debugging) the RP2350 hacker challenge.

Title: Re: RP2350 Hacker challenge winner?
Post by: ataradov on January 05, 2025, 01:22:15 am

Yeah, when you have a pin named  USB-OTP_VDD, you are asking for injection attacks. Imagine doing half the work for the attacker by conveniently separating the critical pin.

They really need to work on their power supply topology. Not only it will free up half the pin for I/O, it will also significantly reduce the attack surface.