Luca Glockow
Luca Glockow is a security researcher based in Berlin. In his day to day work he supports companies with their (device) security at Security Research Labs. Luca first looked into security during his Masters where he specialised in embedded security with a focus on telco devices.
Session
The Hexagon baseband, a proprietary Qualcomm component in iPhones and many Android phones, has been a black box in mobile security for a long time.
Its opaque nature, high complexity and the lack of full-system emulation capabilities have hindered in-depth analysis, making it a prime target for high-impact exploitation. In this talk, we present the first full system emulation-based fuzzer for Hexagon basebands, enabling targeted fuzzing of the telco stack that is present in everyone’s pocket. Additionally, we provide tooling and documentation around reverse-engineering these firmware blobs.