Ever wonder why the S in SD cards stands for Secure? Well, it turns out that it is possible to read and/or write protect these cards by software using specific commands. As you might expect, this process isn’t as «secure» as the name implies leading to multiple issues. This talk will present some of these features and the vulnerabilities discovered while poking at cards from various manufacturers. The equipment used in this talk is quite easily attainable allowing for easy replication and learning about these attacks.
Nicolas works as a security researcher for Kudelski Security in Switzerland. His research focuses on embedded devices and communication protocols. In his spare time, he now spends more time designing CTF challenges than solving them. He is also one of the main developers of the Hydrabus hardware hacking tool and part of the BlackAlps security conference committee.