ARM hasn’t sat idle in the face of such threats: last month it announced a free hardened BIOS as part of a strategy to improve Thing security. Adrian Tang and his co-conspirators found a way past ARM’s TrustZone by watching its power messages. In September, for example, we noted this demonstration at Usenix. Microsoft has today announced the first preview build of Windows 10 on ARM to support 64-bit app emulation in addition to the x86 emulation.
Hackers are showing growing interest in ARM-based processors as well, because they’re the dominant architecture in Internet-of-Things products (which have to be lightweight and low-power). Limbo is a QEMU-based emulator for Android supports emulation for these architectures: x86/x8664 ARM/ARM64. If you're a newbie looking to get into reverse engineering low-level code or practicing on new CPU architectures, these VMs are for you.Įxploits at the firmware level have hit the headlines this year, with most attention directed towards the dominant Intel architecture (such as, for example, Chipzilla’s Intel Management Engine, which shipped without a password, and it turned out, also has an attack path via USB). It's pretty easy to set up a non-x86 virtual machine if you know what you're doing.
