The Race to Secure Texas Instruments Graphing Calculators

Presented at PhreakNIC 23 (2019), Nov. 8, 2019, 7 p.m. (60 minutes).

Over the years, Texas Instruments graphing calculators have evolved from simple programmable devices with fixed ROMs to complex, USB- and wifi-capable Flash upgradeable computers. Because of their widespread adoption for use in classrooms, Texas Instruments is forced to implement security measures that prevent tampering of the calculator's operating system, storage and usage of notes during tests, temporarily crippling or disabling built-in features, and even outright code execution.

For well over a decade, I have implemented and released exploits that enable writing to Flash memory, allow unsigned code execution, bypass teacher restrictions (which can be enabled by anyone, not just teachers), and open up the hardware to its full potential, even going so far as using it to jailbreak a PS3 or boot a desktop PC via USB flash drive simulation.

In this talk, I will provide a technical overview of the history of achieving and maintaining unsigned code execution on the various graphing calculator models Texas Instruments has released over many years, as well as a personal recollection on how the first Flash unlock exploits were created and evolved to keep up with TI's fixes, how the 512-bit RSA OS signing keys were factored and the legal fallout, and the current challenge to find and utilize new vulnerabilities for the latest models.


Presenters:

  • Brandon Wilson
    Brandon Wilson is an East Tennessee State University graduate, software developer, application security consultant, and hacker and collector of random things like game consoles and TI graphing calculators. He also collects DMCA takedown notices for fun.

Links:

Similar Presentations: