Circuit Break Podcast #414: Net Running the Nut Runners with Joe Grand

Podcast Title: Net Running the Nut Runners with Joe Grand

Release Date: 2024-01-23

Episode: #414

This week Parker and Stephen welcome Joe Grand to the show to discuss insecure IoT devices. Inspired by a recent incident where Bosch wrenches were infected by ransomware called DRILLCRYPT, the guys asked Joe to join them to talk about how attackers could compromise the safety of the wrench and cause safety issues for users. Of course, this kind of breach could impact almost any company and its products, and so many topics were covered, including:

Podcast Audio:

Podcast Notes:

  • “Actually, it’s Dr. Grand…”
  • If you’re in attack mode, firmware updates are great
  • Supply chain issues are hard enough to manage without these security breaches
  • A lack of security can be a business decision
  • Give me convenience or give me threats
  • The hardware industry isn’t as well-versed as the software industry is
  • How to update 10,000 devices in the field
  • Hacking is problem-solving (someone tell the FBI)
  • “If you’re not being sued, you’re not working hard enough’
  • Sourcing parts and the risk of getting counterfeit parts
  • Why a firmware update shouldn’t disable your car
  • Resisting Big Toilet
  • Subscription models for…everything…
  • The importance of Design For Security measures
  • Is getting hacked more of a marketing problem than an engineering issue?
  • Engineering ethics and hacking and design

Relevant Links:

About Our Guest:

Joe Grand, also known as Kingpin, is a computer engineer, hardware hacker, teacher, advisor, daddy, honorary doctor, and occasional video maker. He has been creating, exploring, and manipulating electronic systems since the 1980s. This is his third appearance on our show and first since 2019!

I had way to much fun making the images for this podcast episode.

Did Joe say there is or is not a good database of hardware / IoT vulnerabilities?

No, there isn’t a good database of this kind of information.