Preview Mode Links will not work in preview mode

Jul 24, 2020


[blog] Build your own custom TCP/IP stack:

Another custom TCP/IP stack:

RIPPLE 20 Whitepaper: 


Part 1:

Background on the report

Why is it called RIPPLE20? What’s the RIPPLE about? 

Communications with Treck (and it’s Japanese counterpart)

Were you surprised about the reaction? Positive or negative?

Types of systems affected?


Embedded systems


What precipitated the research?

What difficulties did you face in finding these vulns? Deadlines? 

What tools were used for analysis? (I think you mentioned Forescout --brbr)

What kind of extensibility are we talking about? TCP sizes? 

What did JSOF gain by doing this? 

What were the initial benefits of using the TCP/IP stack?

Speed? Size?
Do these vulns affect other TCP/IP stacks? 

Did Treck give you access to source? Any specific requirements set by Treck? Any items that were off-limits? 

Updates since the report was released?

Are your vulns such that they can be detected online?

Part 2:

Supply chain issues

What should companies do when they don’t know what’s in their own tech stack?


Software bill of materials:

PicoTCP link above does not release all code, because they use binary blobs that make proper code review next to impossible

“Unfortunately we can't release all the code, a.o. because some parts depend on code or binaries that aren't GPL compatible, some parts were developed under a commercial contract, and some consist of very rough proof-of-concept code. If you want to know more about the availability under the commercial license, or the possibility of using our expert services for porting or driver development, feel free to contact us at”

BLoBs =

Vendor Contact

How many organizations are affected by these vulnerabilities? 

Are some devices and systems more vulnerable than others?

 How many are you still investigating to see if they are affected?


What’s the initial email look like when you tell a company “you’re vulnerable to X”?

Who are you dealing with initially? What is your delivery when you’re routed to non-technical people?

How did you tailor your initial response when you learned of the position of the person?

Lessons Learned:
What would you have done differently next time?

Any additional tooling that you’d have used?

BlackHat talk: 05 August

What should companies do to reduce or mitigate the chances of the types of vulnerabilities found by your org?,March%202003%20and%20November%202007.


Check out our Store on Teepub!

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email

#Brakesec Store!:




#Youtube Channel:

#iTunes Store Link:

#Google Play Store:

Our main site:

#iHeartRadio App:


Comments, Questions, Feedback:

Support Brakeing Down Security Podcast by using our #Paypal OR our #Patreon

#Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM :

#Stitcher Network:

#TuneIn Radio App: