--Originally published at Information Security A01229898

Hi everyone, On this post I will talk about Security and videogames, yes, finally something about software, so let’s start this.

On this post as I mention I will talk about videogames, I was searching on internet and I found a post from welivesecurity esset and they talk about this topic, they interview Andres Rossi the CEO of an Argentine company that develops videogames for social networks, so I grab some information of that post so you can know a little of what they talk and at the end of the post I will put the link so you can check all the post of esset

Andres told that with his experience he has seen a lot of incidents related with security like payment-card frauds, cyberattacks targeting gamers and the subsequent claim of prizes, to exploitation of servers just for the sake of playing, but he says that the most common problem is that players leave their accounts open in machines that do not belong to them. He said that there is a lot of ignorance among video games developers regarding security implementation and one example is that the online Playstation platform was compromised a few years ago, the problem is that there are so many games that, as is to be expected, the challenge is still only focused on the largest and most famous game companies.

At last, I want to say that the security problems that the video game industry it’s because on the past, the industry didn’t need to take care for security, because all games were offline, so, it was not possible to extract information of other players, but with the online games the problem started but is difficult to try to secure all games.

Link of the interview: https://www.welivesecurity.com/2016/08/16/security-transversal-issue-video-games-development/

--Originally published at Information Security A01229898

Hi everyone, on the other post I talk a little about some protocols, but I want to talk more about I2C, so let’s start.

As I explained on the other post I2C means  Inter-Integrated Circuit and it is a synchronous, multi-master, multi-slave, packet switched, single-ended, serial computer bus invented in 1982 by Philips Semiconductor (now NXP Semiconductors). It is widely used for attaching lower-speed peripheral Integrated Circuits to processors and microcontrollers in short-distance, intra-board communication.

I2C uses only two bidirectional open-drain lines, Serial Data Line (SDA) and Serial Clock Line (SCL), on the SDA the master and the slave will send and receive information and the SCL is the clock that the master provides, that clock will determine the velocity of the the transmission.

The bus has two roles for nodes: master and slave:

• Master node – node that generates the clock and initiates communication with slaves.
• Slave node – node that receives the clock and responds when addressed by the master.

The bus is a multi-master bus, which means that any number of master nodes can be present. Additionally, master and slave roles may be changed between messages (after a STOP is sent).

There may be four potential modes of operation for a given bus device, although most devices only use a single role and its two modes:

• master transmit – master node is sending data to a slave,
• master receive – master node is receiving data from a slave,
• slave transmit – slave node is sending data to the master,
• slave receive – slave node is receiving data from the master.

So this is a little of I2C, but the real question on this post is, WHY ARE YOU TALKING ABOUT COMMUNICATION PROTOCOLS ON MICROCONTROLLERS IF THIS A INFORMATION SECURITY POST?

The answer is easy, I’m an electronic engineer and I have more knwoledge of microcontrollers, I don’t work too much with software and don’t Continue reading "I2C" →

--Originally published at Information Security A01229898

Hi everyone, on this topic I will talk a little about Communication protocols, this topic is related with microcontrollers, because I’m talking about the communications protocols that microcontrollers use, I’m not going to talk about all the communications protocols, so let’s start.

-CAN: I know that I talk about CAN in other post, in fact, I have a post that talks only talks about CAN, but it is a important protocol and I think that I should mention it.

CAN is a protocol that in short words, is a bus, it has two cables and that’s it, it doesn’t have any security, so once your are in, you can know everything and technically you can interfer the system, if you want to know more about CAN protocol you can check my post of CAN and there I explain more and there’s a video that explains more.

-UART: Universal Asynchronous Receivert Transmitter (UART)  is a computer hardware device for asynchronous serial communication in which the data format and transmission speeds are configurable. The electric signaling levels and methods are handled by a driver circuit external to the UART. A UART is usually an individual integrated circuit used for serial communications over a computer or peripheral device serial port. One or more UART peripherals are commonly integrated in microcontroller chips.

-I2C: Inter-Integrated Circuit (I2C) is a synchronous, multi-master, multi-slave, packet switched, single-ended, serial computer bus invented in 1982 by Philips Semiconductor (now NXP Semiconductors). It is widely used for attaching lower-speed peripheral Integrated Circuits to processors and microcontrollers in short-distance, intra-board communication.

-LIN: Local Interconnect Network (LIN) is a serial network protocol used for communication between components in vehicles. The need for a cheap serial network arose as the technologies and the facilities implemented in the car grew, while the CAN bus was too expensive to implement for every component in the car. European car manufacturers started using different serial communication topologies, which led to compatibility problems.

There are other protocols that I could Continue reading "Communication protocols" →

--Originally published at Information Security A01229898

Hi everyone, This time I will talk a little about Microcontrollers and security, I talk about that topic on class a few classes ago and I realize it could be a good topic for my blog, I think that microcontrollers will need to get upgrades on security, since all this thing of IoT started the quantity of microcontrollers connected to the world has increased and will increase more, a lot of products and projects related with IoT are using microcontrollers and with that we have the problem that they are not secure and maybe they aren’t secure because normally a microcontroller won’t need that security, because no one cared about getting information of a microcontroller, but now,  I think that security is becoming a must have, because maybe it will be easier to try to get information from the microcontroller than trying to hack other thing.

This post is related with the other posts because most of the security problems that we have and we will have are going to be related with IoT, having everything connected to the net is really usefull for the users, but is a two-edged knife, having everything connected means that people could access to your personal information and that could be problematic, now with the microcontrollers getting directly connected to the for the Internet of Things could be really dangerous, microcontrollers don’t have that security with the data they transfer, it’s relatively easy to get the data of a microcontroller, for example, in some classes, to know that what we are sending is ok, we check with a oscilloscope what we are sending, and that is just connecting the oscilloscope to the transmit of the microcontroller, so, if we can get that information that easy, imagine if that kind of security could be Continue reading "Microcontrollers and security" →