A Detailed Look At Avoiding Secure Boot On A Google Nest Hub

Source: Hackaday A Detailed Look At Avoiding Secure Boot On A Google Nest Hub

Installing Ubuntu On An Old Google Nest Hub

The bad news for those wanting to try this process is that Google found and patched the vulnerability used to bypass the secure boot on the Google Nest Hub, so chances are you will not be able to modify your device.  On the other hand, the process is so well documented it is worth a look just to learn more about how this sort of thing is accomplished.   They discuss not only the vulnerability but also what they were looking for on the hardware that allowed them to leverage it.

It starts with a look at the insides of the Google Nest Hub, to examine the charger and USB daughterboard pin-out to find a way to interface with the board.  Their examination revealed a UART port they could use to connect and send a variety of malformed data to see if they could find possible flaws in the chip or board.  Their fuzzing attack revealed a buffer overflow flaw, which was all the information they needed to be able to build some hardware to leverage the vulnerability and bypass the secure boot loader.

If you are interested in the full details of what they did, how they did it and what they used to accomplish it, check out the post at Hackaday.

This story gives plenty of background and insight into both the code that was being investigated, and the way that attack targets were chosen.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!