Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hacking Apple's USB-C Controller: ACE3 Security Analysis and Exploitation

media.ccc.de via YouTube

Overview

Explore a technical conference talk from the 38th Chaos Communication Congress that delves into hacking Apple's new USB-C controller, the ACE3. Learn about the progression from the ACE2 controller to the more sophisticated ACE3, examining how researchers combined hardware vulnerability exploitation, reverse engineering, RF side-channel analysis, and electromagnetic fault-injection techniques to achieve code execution on this custom chip. Discover the challenges faced when approaching an undocumented custom chip with internal ROM firmware, including the process of bypassing cryptographic validation, determining precise timing for security checks, and implementing successful fault injection attacks. Follow the investigation of the ACE3's expanded capabilities beyond basic USB power delivery, including its role in JTAG access, internal SPMI bus control, and potential for persistent firmware implants. Gain insights into the security implications of USB-C controllers in Apple devices and the methodologies used to research these under-explored but security-critical components.

Syllabus

38C3 - ACE up the sleeve: Hacking into Apple's new USB-C Controller

Taught by

media.ccc.de

Reviews

Start your review of Hacking Apple's USB-C Controller: ACE3 Security Analysis and Exploitation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.