In much the same way that no lockbox is permanently safe when left in a room with a determined and skilled lockpicker, no electronic device is ever truly safe when left with a determined and skilled hardware hacker. Password protections can be bypassed with techniques such as voltage glitching (or even simpler ones such as a timing analysis!), but they may not enter a project's threat model if the engineers on that project don't know they exist. The objective of this talk is to bring awareness to the current suite of techniques a person has at their disposal to reverse engineer or otherwise "hack" an electronic device if they can hold it in their hands and probe it on their workbench. The techniques discussed will include "easy" ones (such as the password timing analysis mentioned above, and probing unencrypted, on-board signal lines), "medium" ones (such as clock- and voltage-glitching), and "hard" ones (such as differential power analysis and chip decapping). Mitigation strategies will be briefly discussed at the end (so as to not end on a sour note!), though this is not the main objective of the talk.