Making Magic Leap past Nvidia's secure bootchain and breaking Tesla Autopilots

https://fahrplan.events.ccc.de/congress/2025/fahrplan/event/making-the-magic-leap-past-nvidia-s-secure-bootchain-and-breaking-some-tesla-autopilots-along-the-way

69•rguiscard•1w ago

Comments

cj•17h ago

Huh, I thought Magic Leap went out of business.

Didn't know they were still around!

GenericDev•16h ago

Unfortunately they are. They're a former shell of what they were. I think they're changing their focus to lenses or something. Last I heard they're partnering with Google and it's absolute ass. The company is effectively dead and being carved out for parts by Google is my take.

It's a real bummer because they were the only company I was actually interested in seeing pursue Augmented Reality. Now it's literally the most evil companies Meta, Google, and Apple.

The 90s optimism of future tech is dead and all that's left is whatever this is.

Analemma_•15h ago

Your sympathy is severely misplaced. Magic Leap was Theranos-sized fraud from the beginning: they never had the goods, put out a whole bunch of misleading hype to persuade consumers and gullible investors that they had the goods [0], and eventually it caught up to them. Good riddance.

[0]: https://www.youtube.com/watch?v=E9r2Z5v_E9o

goldenarm•6h ago

I agree they hyped the product too much, but contrary to Theranos, they did ship two products that actually moved AR tech forward. They just weren't efficient enough and the product market fit wasn't there. Even Apple is failing at AR.

robert_foss•17h ago

Sounds really interesting. CCC is an amazing event.

willk•16h ago

Here is the talk if anyone is interested: https://media.ccc.de/v/39c3-making-the-magic-leap-past-nvidi...

Graziano_M•16h ago

I hope Nvidia's new offerings (Orin, Thor, etc) don't have the same issue in their bootROM. That would be an incredibly expensive mistake.

userbinator•14h ago

I hope they do, for those who want actual ownership of what they bought.

bigyabai•6h ago

Yeah, I'm sure it sucks for the OEM but my Nintendo Switch would be abandonware if not for Hekate bootloader.

amelius•15h ago

Just curious, how fast can these embedded systems boot?

saidinesh5•12h ago

It really depends on the application.

With the similar/even weaker socs (imx6 etc..), in the automotive domain, we used to target sub 5 second latency.. we had to get rid of things like even init and directly start the application..

Eg: 1.5 seconds here: https://youtu.be/QbEYhQIjlQc

opello•9h ago

There's a popular slide deck[1] with common techniques for paring it back too.

[1] https://bootlin.com/doc/training/boot-time/boot-time-slides....

einsteinx2•14h ago

> The Tegra X2 is an SoC used in devices such as the Magic Leap One, and Tesla's Autopilot 2 & 2.5 promising a secure bootchain.

I guess they didn’t learn from the Tegra X1 which was famously responsible for the boot rom exploit on the original model of the Nintendo Switch.

einsteinx2•14h ago

Here’s the video of the talk. Not sure why the schedule page was linked.

https://media.ccc.de/v/39c3-making-the-magic-leap-past-nvidi...

London–Calcutta Bus Service

Mathematics for Computer Science (2018) [pdf]

Kagi releases alpha version of Orion for Linux

Linux Runs on Raspberry Pi RP2350's Hazard3 RISC-V Cores (2024)

When Kitty Litter Caused a Nuclear Catastrophe

How wolves became dogs

Sorted string tables (SST) from first principles

How to Code Claude Code in 200 Lines of Code

How Will the Miracle Happen Today?

Samba Was Written (2003)

Hacking a Casio F-91W digital watch (2023)

Embassy: Modern embedded framework, using Rust and async

Sopro TTS: A 169M model with zero-shot voice cloning that runs on the CPU

European Commission issues call for evidence on open source

What happened to WebAssembly

Bose has released API docs and opened the API for its EoL SoundTouch speakers

"They Saw a Protest": Cognitive Illiberalism and the Speech-Conduct Distinction [pdf]

Richard D. James aka Aphex Twin speaks to Tatsuya Takahashi (2017)

The Jeff Dean Facts

Show HN: Executable Markdown files with Unix pipes

Photographing the hidden world of slime mould

The unreasonable effectiveness of the Fourier transform

AI coding assistants are getting worse?

Replit founder Amjad Masad isn’t afraid of Silicon Valley

1ML for non-specialists: introduction

Why I left iNaturalist

Anthropic blocks third-party use of Claude Code subscriptions

Ushikuvirus: Newly discovered virus may offer clues to the origin of eukaryotes

Systematically Improving Espresso: Mathematical Modeling and Experiment (2020)

Google AI Studio is now sponsoring Tailwind CSS