A forensic analysis of the Google Home: repairing compressed data without error correction
Hadrien Barral, Georges-Axel Jaloyan, Fabien Thomas-Brans, Matthieu Regnery, Rémi Géraud-Stewart, Thibaut Heckmann, Thomas Souvignet, David Naccache
Code Available — Be the first to reproduce this paper.
ReproduceCode
- github.com/enssec/squashfs_bitflip_repairOfficialIn papernone★ 0
Abstract
This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dumping the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a corrupted SquashFS filesystem, under the assumption of a single or double bitflip per gzip-compressed fragment. Finally, a new method to handle multiple possible repairs using three-valued logic is presented.