With the GDPR taking effect some time ago, a lot of companies are still in deep water trying to both comply with the statutory provisions as well as harmonize internal processes. The stakes are high, and individuals seem to be more aware of the value and privacy of their own data, than ever before.
Learn about the process of initial reverse engineering the pinout of unknown ASICs by using moderate methods. The two described ICs are good examples out of many industry-solutions and have been chosen to demonstrate how design decisions from vendors are made. The exploited potential leak of the supply-chain can be leveraged by a hardware reverse engineer to extract internal information about such systems.
The German government-issued identity card (nPA) allows German citizens to not only prove their identity in person, but also against online services (by using the embedded RFID chip). SEC Consult conducted a short security test on a software component commonly used to implement this authentication mechanism.