22C3 Day 10 and 11 Round Up

bb
Now that the CCC is over, we finally dug ourselves out of a ginormous pile of cables (Kabelsalat ist gesund!) to bring you this round up post about the best stuff from the last two days of the con.

First up on day 10 was I See Airplanes!, Eric Blossom’s excellent speech on creating hardware for making homebrew radars and software using the GnuRadio project. He uses bistatic passive receivers in the 100 MHz range doing object detection using other peoples’ transmitters. The project has a lot yet to accomplish including the use of helical filters (if there are any antenna freaks reading this, contact Eric, he’s looking for a bit of help).

Next on the third day we attended Ilja van Sprundel‘s huge fuzzing  extravaganza. Fuzzers generate bad data that is designed to look like good data and will hopefully break something in an interesting way. Our fav part? When the list of irc clients broken by his ircfuzz tool was so long he had to use 10pt font to get it all on one slide (see slide 53)! His paper can be found here and the slides here.

We then wandered to Harald Welte‘s talk on hacking the Motorola EZX series phones (which we’ve reported on here before). In case you forgot, the EZX series has a linux kernel. Incidentally the phone runs lots of stuff it really doesn’t need (like glibc, 6 threads for just sound processes, and even inetd). He presented the project for the first time in an official context since we saw him at 0Sec in October. Apparently lots of kinks have been worked out and there’s an official code source tree here.

The clincher for day 11 was FX and FtR of Phenoelit‘s semi-controversial talk on Blackberry security (covering both handheld devices and server based RIM products). This talk was a bit of a wake up call for RIM and thus the slides are still not available online so keep a sharp eye out for the video when it’s released by the CCC.

Also available from the CCC are the full proceedings in a downloadable pdf (also available in paper format for you physical-space-doodle-in-the-margin freaks).

Comments

  1. mewse says:

    the irc fuzz seemed really interesting (MAN it broke a lot of irc clients!!), the source code is available here:

    http://ilja.netric.org/files/fuzzers/ircfuzz.c

  2. Josh says:

    Sounds like you had a good time. I’m looking at the GnuRadio project right now.

  3. blah says:

    You can make simple airplane detectors by tuning an old TV to a weak UHF TV signal, then pointing a high-gain corner reflecter or Yagi antenna towards the sky. When a plane flys over, the weak video signal will become much more clear.

    Ham radio ops have been bouncing signals off airplanes to extend non line-of-sight microwave communications for over 40 years.

  4. tweak says:

    When someone finds either the video or the slides for the BB Security, let us know. I am very intrested to see what was presented.

  5. The actual slides I used at 22c3 can be found at:
    http://ilja.netric.org/files/22c3-fuzzing.pdf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 92,288 other followers