Basilisk: Remote Code Execution by Laser Excitation of P-N Junctions Without Insider Assistance

Explore a groundbreaking 15-minute conference talk from USENIX WOOT '24 demonstrating how low-power lasers can be used to remotely execute code on electronic devices through P-N junction manipulation without insider access. Learn about a novel security vulnerability where attackers with line-of-sight access can use off-the-shelf hardware to perform various attacks including system crashes, memory alterations, program instruction modifications, and communication bus interference. Understand the technical details of how precision laser targeting can bias P-N junctions to achieve arbitrary code execution, backed by quantitative measurements and working proof-of-concept demonstrations. Examine why traditional security measures fall short and why hardware-level changes may be necessary to mitigate these newly discovered attack vectors presented by researchers from Netoir.com and the University of Oxford.