Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the persistent security challenges of Software Development Kit (SDK) vulnerabilities in this DEF CON 33 conference talk. Discover how SDKs - collections of binaries, proprietary services, and code samples that help board designers integrate complex chips into their environments - create widespread security risks when vulnerabilities are discovered. Learn about the near-impossible task of updating bundled code across various product lines from different vendors, leading to hundreds of thousands of affected devices spanning years of releases. Examine the attack surfaces present in SDKs from major chipset manufacturers and understand how botnet authors exploit these persistent vulnerabilities. Analyze both historical and zero-day exploits while considering potential solutions to address the ongoing challenge of zombie SDK vulnerability plagues across internet-connected devices.
