The Raspberry Pi RP2350 Hacking Challenge results are in @Raspberry_Pi

All chips have vulnerabilities, and most vendors’ strategy is not to talk about them. Raspberry Pi consider this to be suboptimal, so they entered into the DEF CON hacking spirit by offering a one-month, $10,000 prize to the first person to retrieve a secret value from the one-time-programmable (OTP) memory on the device.

Their aim was to smoke out weaknesses early, so that they could be fixed before RP2350 became widely deployed in secure applications. This open approach to security engineering has been generally well received: call it “security through transparency”, in contrast with the “security through obscurity” philosophy of other vendors.

Nobody claimed the prize by the deadline, so in September, Raspberry Pi extended the deadline to the end of 2024 and doubled the prize to $20,000.

On January 14, 2025, Raspberry Pi announced that they received not one but four valid submissions, all of which require physical access to the chip, with varying degrees of intrusiveness. The winners:

  • “Hazardous threes” – Aedan Cullen
  • USB bootloader single-instruction fault with supply-voltage injection – Marius Muench
  • Signature check single-instruction fault with laser injection – Kévin Courdesses
  • Extracting antifuse secrets from RP2350 by FIB/PVC – IOActive

Outside of the contest, Thomas “stacksmashing” Roth and the team at Hextree also discovered a vulnerability: Glitch detector evaluation, and OTP read double-instruction fault with EM injection.

Read all the details in the Raspberry Pi News post here.


Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7:30pm ET! To join, head over to YouTube and check out the show’s live chat and our Discord!

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Join over 38,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 11/15/2024 Featuring Adafruit bq25185 USB / DC / Solar Charger with 3.3V Buck Board! (Video)

Python for Microcontrollers – Adafruit Daily — Python on Microcontrollers Newsletter: A New Arduino MicroPython Package Manager, How-Tos and Much More! #CircuitPython #Python #micropython @ThePSF @Raspberry_Pi

EYE on NPI – Adafruit Daily — EYE on NPI Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

Adafruit IoT Monthly — The 2024 Recap Issue!

Maker Business – Adafruit Daily — Apple to build another chip at TSMC Arizona

Electronics – Adafruit Daily — SMT Tip – Stop moving around!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !


1 Comment

  1. 10k or 20k reward does not bring real players to the game.

Sorry, the comment form is closed at this time.