stacksmashing
@stacksmashing.bsky.social
Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of
hextree.io. Contact: [email protected]
hextree.io. Contact: [email protected]
Call for flash-chips at DEF CON!
If you have leftover or rare SPI flash-chips that I can have for testing some tooling I’m building I’d be very thankful.
Also if you have devices where you had trouble dumping in-system I’d love to give it a try. I’ll be at Embedded Systems Village :)
If you have leftover or rare SPI flash-chips that I can have for testing some tooling I’m building I’d be very thankful.
Also if you have devices where you had trouble dumping in-system I’d love to give it a try. I’ll be at Embedded Systems Village :)
August 5, 2025 at 8:49 PM
Call for flash-chips at DEF CON!
If you have leftover or rare SPI flash-chips that I can have for testing some tooling I’m building I’d be very thankful.
Also if you have devices where you had trouble dumping in-system I’d love to give it a try. I’ll be at Embedded Systems Village :)
If you have leftover or rare SPI flash-chips that I can have for testing some tooling I’m building I’d be very thankful.
Also if you have devices where you had trouble dumping in-system I’d love to give it a try. I’ll be at Embedded Systems Village :)
DigiKey goes brrrrrrrt
August 5, 2025 at 8:38 PM
DigiKey goes brrrrrrrt
Why do so many aspects of my life involve connecting FT232s to random pins 😂
July 31, 2025 at 4:07 PM
Why do so many aspects of my life involve connecting FT232s to random pins 😂
Finally, ClimateGPT✨
April 8, 2025 at 7:36 PM
Finally, ClimateGPT✨
AMA request: The person that keeps uploading 64MB text-files to the Black Hat CFP
April 4, 2025 at 11:39 AM
AMA request: The person that keeps uploading 64MB text-files to the Black Hat CFP
Does someone know whether it's possible to get recorded traces from a Rigol DHO800/900 using SCPI?
:RECord:WREPlay:FCURrent 2
:WAV:DATA?
...does not seem to work
:RECord:WREPlay:FCURrent 2
:WAV:DATA?
...does not seem to work
March 31, 2025 at 11:58 AM
Does someone know whether it's possible to get recorded traces from a Rigol DHO800/900 using SCPI?
:RECord:WREPlay:FCURrent 2
:WAV:DATA?
...does not seem to work
:RECord:WREPlay:FCURrent 2
:WAV:DATA?
...does not seem to work
Having some fun with EM measurements today - side-channels are awesome!
March 29, 2025 at 1:57 PM
Having some fun with EM measurements today - side-channels are awesome!
Wanted to slightly warm up the chip with a heat-lamp and ended up melting the jumper-wires 🔥😅
March 22, 2025 at 2:35 PM
Wanted to slightly warm up the chip with a heat-lamp and ended up melting the jumper-wires 🔥😅
Okay going to have @liveoverflow.bsky.social make all silkscreens for me going forward :D
March 19, 2025 at 4:09 PM
Okay going to have @liveoverflow.bsky.social make all silkscreens for me going forward :D
Wow modern cars suck.
A relay is not opening/closing reliably.
The relay is epoxied into a PCB assembly.
Replacement cost for the 5EUR (being generous here) relay is 400EUR because you can only buy the entire assembly.
A relay is not opening/closing reliably.
The relay is epoxied into a PCB assembly.
Replacement cost for the 5EUR (being generous here) relay is 400EUR because you can only buy the entire assembly.
March 6, 2025 at 10:43 PM
Wow modern cars suck.
A relay is not opening/closing reliably.
The relay is epoxied into a PCB assembly.
Replacement cost for the 5EUR (being generous here) relay is 400EUR because you can only buy the entire assembly.
A relay is not opening/closing reliably.
The relay is epoxied into a PCB assembly.
Replacement cost for the 5EUR (being generous here) relay is 400EUR because you can only buy the entire assembly.
Are you teaching or warning?
February 16, 2025 at 10:02 AM
Are you teaching or warning?
Business idea: Amazon but with original products instead of counterfeit ones.
Pretty sure there’s a market there.
Pretty sure there’s a market there.
February 13, 2025 at 10:14 AM
Business idea: Amazon but with original products instead of counterfeit ones.
Pretty sure there’s a market there.
Pretty sure there’s a market there.
Dared to call German customs, was starting to describe my situation (nicely) and immediately got interrupted and yelled at. Wow.
The German customs system is so hopelessly broken...
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
February 11, 2025 at 12:36 PM
Dared to call German customs, was starting to describe my situation (nicely) and immediately got interrupted and yelled at. Wow.
The German customs system is so hopelessly broken...
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
February 8, 2025 at 3:29 PM
The German customs system is so hopelessly broken...
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
It's faster to send something from the UK to Finland, import it there, and then forward it to Germany than trying to import something from the UK to Germany directly.
Electronic music or something, idk I'm not a DJ
February 5, 2025 at 7:46 PM
Electronic music or something, idk I'm not a DJ
Reposted by stacksmashing
Looks like Garmin released an update causing a boot loop, how nice of them to celebrate the return of Pebble like that 😊
January 28, 2025 at 1:00 PM
Looks like Garmin released an update causing a boot loop, how nice of them to celebrate the return of Pebble like that 😊
This afternoon I asked Ole about a bug with Frida & iOS simulator. 2 hours later he had a fix committed and just now he published a new release including the fix ❤️
Absolute legend, thanks for everything you do.
frida.re/news/2025/01...
Absolute legend, thanks for everything you do.
frida.re/news/2025/01...
Frida 16.6.6 Released
Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX
frida.re
January 27, 2025 at 8:52 PM
This afternoon I asked Ole about a bug with Frida & iOS simulator. 2 hours later he had a fix committed and just now he published a new release including the fix ❤️
Absolute legend, thanks for everything you do.
frida.re/news/2025/01...
Absolute legend, thanks for everything you do.
frida.re/news/2025/01...
Reason 516 why you should work with lasers: You get to wear cool sunglasses all day 😎
January 23, 2025 at 12:34 PM
Reason 516 why you should work with lasers: You get to wear cool sunglasses all day 😎
Me: Today I’ll go to bed early!
My fuzzer just before bedtime:
My fuzzer just before bedtime:
January 20, 2025 at 9:40 PM
Me: Today I’ll go to bed early!
My fuzzer just before bedtime:
My fuzzer just before bedtime:
Finally giving backside IR imaging a try
January 19, 2025 at 5:24 PM
Finally giving backside IR imaging a try
Waking up to fresh microscope parts 🥰
January 17, 2025 at 11:18 AM
Waking up to fresh microscope parts 🥰
Wow, some of the articles on my ACE3 research are so bad...
No, you are not facing any "new security risks" because of the "critical USB component"
No, you are not facing any "new security risks" because of the "critical USB component"
January 14, 2025 at 10:04 PM
Wow, some of the articles on my ACE3 research are so bad...
No, you are not facing any "new security risks" because of the "critical USB component"
No, you are not facing any "new security risks" because of the "critical USB component"
Does anyone have a live-build config that successfully generates an Arm64 Ubuntu image?
January 12, 2025 at 3:11 PM
Does anyone have a live-build config that successfully generates an Arm64 Ubuntu image?
Tried to get an appointment to get a new national ID.
Now I have three vulns in their webapp and still no appointment. 😐
Now I have three vulns in their webapp and still no appointment. 😐
January 7, 2025 at 4:41 PM
Tried to get an appointment to get a new national ID.
Now I have three vulns in their webapp and still no appointment. 😐
Now I have three vulns in their webapp and still no appointment. 😐
Moxa must be banned in all critical infrastructure.
Probably the least responsible player in the industry.
Probably the least responsible player in the industry.
Why do vendors claim reliable and secure and then have vulns like this?? Let me guess, ping again?? www.moxa.com/en/support/p...
Privilege Escalation and OS Command Injection Vulnerabilities
www.moxa.com
January 3, 2025 at 9:42 PM
Moxa must be banned in all critical infrastructure.
Probably the least responsible player in the industry.
Probably the least responsible player in the industry.