Team NetSPI goes to Tokyo to share expertise and insight at BSides Tokyo. BSides is a community-driven framework for organizing information security conferences and events that foster knowledge sharing, collaboration, and networking within the security community.
Laser Beams & Light Streams: Building affordable light-based hardware security tools that give hackers the power to “pew pew”
Location: Shibuya Fukuras 16th floor, 1-2-3 Dogenzaka, Shibuya-ku, Tokyo
Date: Saturday, May 17, 2025
Time: 4:45-5:15 pm
Sam Beaumont
Director, Transportation, Mobility & Cyber-Physical Systems
Larry “Patch” Trowell
Director, Hardware and Embedded Systems
Historically, hardware storage devices have been designed to be “light sensitive”. For example, memory consists of a series of transistors whose physical states represent 1 and 0. Early EEPROM memory could be erased using UV (ultraviolet) light before new data could be written to it.
While this was originally useful, it also gave attackers a way to selectively manipulate the memory using light or other optical techniques. As chips evolved, they were coated with an opaque UV-reflecting resin to “temporarily” block this vulnerability.
Today, laser and optical hardware attacks are often seen as something only nation-state actors could do, as they require expensive equipment and specialized techniques. In fact, today’s sophisticated hardware labs use high-frequency infrared lasers to penetrate plastic.
This project shows that with a limited budget and a hacker-maker spirit, similar results can be achieved in a home or garage. By combining an open-source, low-cost microscope modification, a homemade beam splitter, and a replaceable diode laser, we have demonstrated that results can be reproduced with consumer lasers that rival more expensive equipment such as YAG lasers.
Leveraging cheaper technology alternatives, we are venturing into the areas of hardware malware visualization, supply chain chip swap detection, and laser logic state imaging. Our approach integrates optical techniques, laser selection, and machine learning components.
Speaker Bios
Sam Beaumont
Sam Beaumont (PANTH13R) is the Director of Transportation, Mobility and Cyber-Physical Systems at NetSPI, where he leads the development and delivery of technology strategy and solutions for hardware and integrated systems.
With over 10 years of experience in cybersecurity and technology, Sam has built a strong reputation for “hacking anything with a chip in it” – including hardware and embedded systems as well as “anything that flies, sails, or runs.”
Her deep expertise provides NetSPI customers with unparalleled technical leadership and advanced service delivery, helping them protect assets that reside in the physical space from evolving threats.
Throughout her career, she has held technical roles including Principal Offensive Security Consultant, Red Teamer, Exploit Developer and Vulnerability Researcher, which has uniquely enabled her to bridge the gap between business and regulatory requirements and the most theoretically salient vulnerabilities.
Sam’s hands-on approach to cyber-physical systems and ongoing contributions to the cybersecurity community have established her as a pragmatic thought leader in the industry. Through her research, speaking and mentoring, she is committed to advancing opportunities for women in cybersecurity to build a safer, more inclusive future.
Larry “Patch” Trowell
As the Director of NetSPI, Larry is responsible for conducting and leading penetration testing on IoT/embedded devices, as well as researching new security techniques to ensure the safety of embedded systems. Larry has a Master’s in Mathematics from Georgia Southern University, with a concentration in Computer Science and Artificial Intelligence.
He has worked as an embedded systems engineer and security expert for multiple Fortune 250 companies, with a focus on medical devices. He has contributed to the design and security of a wide variety of devices in the automotive, financial, medical, wireless communications, and multimedia industries, and has published in medical journals and spoken at conferences around the world. Larry has extensive knowledge of bare metal and low-level embedded device design.
Explore More Events and Webinars
Meet NetSPI at the GDS Security Insight Summit
Schedule a 1:1 with Team NetSPI at the GDS Security Insight Summit May 28-29 at the Fairmont Dallas in Dallas, Texas
NetSPI at Secure360 2025
Meet NetSPI at Secure360, May 14-15 in Prior Lake, MN. Discover how our platform enhances vulnerability visibility and prioritization. Visit our booth today!
Boca Grande Classic
NetSPI is a proud sponsor of the Boca Grande Classic supporting the Cystic Fibrosis Foundation in Boca Grande, Florida October 27-29.