The Amp Hour Electronics Podcast #698 – Hardware Security with Matt Brown
Jul 17, 2025
Matt Brown, a security researcher at Brown Fine Security and YouTuber, dives into the intriguing world of IoT and hardware security. He shares his experiences reverse engineering a smart smoker controller and discusses the critical need for secure design in consumer devices. Key topics include managing private keys, vulnerabilities of Linux-based devices, and the importance of threat modeling. Matt also explores advanced security techniques, essential tools for reverse engineering, and his upcoming IoT security newsletter, all while emphasizing the evolving challenges in connected technology.
AI Snips
Chapters
Transcript
Episode notes
Reverse Engineering Smart Devices
- Matt Brown reverse engineers smart devices like IoT smokers to understand their internal workings.
- He studies firmware, device types, and their communication to uncover design and security details.
Smart Device Trust Issues
- Most consumer devices now integrate smart features, complicating trust due to cloud data transmission.
- Cheap devices from unknown sources often send data back to unknown cloud services, raising security concerns.
Keys Stored Unencrypted in Flash
- Matt found private keys stored unencrypted in flash memory on an ESP32-based smart smoker.
- The keys weren't rotated after factory reset, leaving the device vulnerable and permanently linked to one cloud account.
