(Click here for more SOURCE Spotlight interviews)

Today we're presenting Joe 'Kingpin' Grand.  Joe Grand (aka Kingpin) is an electrical engineer, hardware hacker, and president of Grand Idea Studio, Inc. (www.grandideastudio.com), where he specializes in the invention, design, and licensing of consumer products, video game accessories, and modules for electronics hobbyists. He has also spent many years finding security flaws in hardware devices and educating engineers on how to increase security of their designs.

SOURCE: How did you get into the field of security?

Joe Grand: I started experimenting with computer and electronics when I was seven years old. I was also active in the hacker underground/bulletin board scene at the time. When I joined up with the L0pht in the early 1990s, it was only natural to apply my passion of hardware and electronics to the security industry, especially because most people were focused on application or network security at the time and there was (and still is) so much to explore.

SOURCE: What are your favorite security related information sources (blogs,websites, etc)?

Joe Grand: It's practically impossible to keep up with every aspect of the security community, so I try to focus on reading about topics I enjoy. I follow Hackaday (www.hackaday.com), even though it isn't specifically security-related, it's a great resource to see what other people are hacking on and sometimes gives me good ideas on how to approach breaking the security of a product. I also check out SecurityFocus once in a while.

SOURCE: What security-related topics are you most interested in and why?

Joe Grand: I remain primarily interested in hardware security and the secure design of embedded systems and products. I enjoy looking into authentication/access control systems and new technologies, specifically portable and battery-powered devices that could be attacked in a short amount of time without the legitimate owner ever knowing. There's something thrilling about that.

The other half of my business (Grand Idea Studio) revolves around the actual design and licensing of consumer electronics, so I like to see both sides of the coin. Breaking existing products, but also designing new ones.

SOURCE: What are the biggest challenges facing the security industry?

Joe Grand: There are so many in the hardware space alone.

I think the biggest challenge is that most electrical engineers aren't trained in security, even though they are designing "secure" products. Whereas there is starting to be lots of training in security coding practices, etc. there is nothing like that on the hardware side. Some common hardware-related security problems I discovered ten years ago are still showing up in products today. It's frustrating.

Another challenge is that implementing security mechanisms into a hardware product can be very expensive, as can trying to remedy a discovered breach or security problem. Most of the time, it's not as simple as just releasing a patch online like it is with software applications. So, I argue that hardware will remain to be vulnerable and more insecure that the network or application space.

SOURCE: What projects are you working on currently?

Joe Grand: I just finished filming the season of Prototype This, an engineering entertainment program on Discovery Channel. That wasn't security related, but it was a lot of fun and an interesting challenge to make engineering look sexy.

I'm also designing a few new electronics modules for hobbyists and analyzing a hardware-based authentication system of some sort, but can't say much more than that :)

SOURCE: What do you hope the top lessons learned from your session at SOURCE Boston will be?

Joe Grand: The session focuses on my experiences learned while filming Prototype This. Being an engineer, I had to come up with methods to share my technical information and research with non-technical people, namely the producers, editors, and mainstream audience. The top lesson is really that sometimes you have to be creative about the way you share information in order to get your point across. I've never given a talk like this before - I usually focus on technical topics - but it will be a fun and informative session.