Syntax - Tasty Web Development Treats

963: Hardware Hacking with Matt Brown

22 snips
Dec 15, 2025
Guest
Matt Brown
Join Matt Brown, a YouTuber and security consultant specializing in hardware and IoT penetration testing, as he dives into the fascinating world of hacking everyday devices. He reveals his curiosity-driven journey and shares methods for extracting firmware and cracking passwords. Legal boundaries and ethics of hacking are discussed, along with entertaining stories of his wild hacks, like escaping in-flight displays. Plus, Matt offers insights on using logic analyzers and smart home security practices, bringing a captivating mix of tech and storytelling.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
ADVICE

Respect Legal Boundaries

  • Buy and test with devices you own and use separate accounts when testing cross-account API behavior.
  • Stay within 'good faith' security research norms and check local laws before probing cloud APIs.
INSIGHT

Embedded Web Servers Are Custom Attack Surfaces

  • Many IoT devices host embedded web servers or binary CGI handlers that implement business logic.
  • These bespoke servers often lack standard frameworks and create unique security bugs requiring custom reverse engineering.
ADVICE

Emulate Devices Locally

  • Emulate device API calls with custom Python scripts or browser tooling to test authentication and cross-account behavior.
  • Extract device keys or client certs from firmware to replicate device identity for testing.
Get the Snipd Podcast app to discover more snips from this episode
Get the app