Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the intricacies of Widevine DRM and Qualcomm's QTEE TrustZone implementation in this Black Hat conference presentation. Delve into the high-value nature of these technologies and gain insights into their fundamental concepts. Learn how to identify command handling logic and uncover vulnerabilities within the system. Discover the memory model of a QTEE Trusted Application (TA), including command delivery and buffer sharing between worlds. Understand techniques for information leakage, breaking ASLR, and accessing TA from user-controlled locations. Follow the step-by-step process of exploiting the Widevine TA and extracting data from QTEE's trusted storage (SFS). While prior knowledge is beneficial, it is not mandatory for this 27-minute deep dive into cybersecurity research and exploitation techniques.
