Let’s face it, we all love DEFCON. Even if you’ve never been there before, we think it would be a huge struggle to find a reader who hadn’t been enchanted by at least one of the many hacks and talks that come out of the conference every year. We’ll prove it to you in a second, but first let’s get to the business at hand. Internet historian and all around good-guy [Jason Scott] has set his documentarian skills on DEFCON and just published a nearly twenty minute preview of the film which will leave you with more questions than answers (that’s the point of a teaser, right?). He’s not new to this kind of work. We loved his film BBS: The Documentary and can’t wait to see what he’s managed to do when this is released in the new year.
Oh yeah… we were going to prove a point. Some things that came out of the yearly hacker conference which you probably drooled over after the fact include:
This is just a sliver of what this event offers. Should be fun to see all the stuff [Jason] got into that we never even knew about.
DEFCON 20 is on its way and if you want to put a team together to compete in the Tamper Evident competition now is the time! The idea of the contest is simple: your team needs to break into something without anyone every knowing. The payload is protected by the best of modern tamper evident techniques. One of the things we really like about the competition is that there are multiple levels so if it’s your first time you DO stand a chance. The number of teams accepted is limited, so don’t wait too long and miss your chance to register.
There’s a ton to be learned from the contest RULES. But perhaps a better primer is going to be [Datagram’s] fifty-two minute talk which we’ve embedded after the break. He was one of the winners of all four contest levels at DEFCON 19 last year.
Continue reading “DEFCON 20 Tamper Evident contest signup”
Although [HAD] is generally all about legal hacking, this list of demonstrated hacks could be used for the dark side as well. Hopefully by demonstrating hacks like this, most people can be more aware of how they use their information. Computer security experts also have a chance to hone their skills and see where potential vulnerabilities lie.
Some of the highlights from this article include hacking a Siemens S7 PLC, which can be used for factory automation, a “hacker drone” that we’ve featured before, and a method to deduce someone’s social security number from personal photos on social networking sites. Also scary is a method to shut down certain personal insulin pumps. Although serious in itself, one would hope that other life preserving devices would be adequately protected against intrusion.
One hack that seems like it could have interesting uses in the legal-hacking world is the idea of VoIP botnet control. Although “botnet control” obviously implies illegal use, controlling a computer with voice or touchtones can and does have many legal uses.
The crew at Defcon is hard at work getting things ready for this year’s event, taking place over the first weekend in August. While the typical call for papers has been out for almost two months now, the extra space afforded by the RIO hotel has given the organizers a chance to shake things up a bit and try something new.
Along side the call for papers, they have issued a call for workshops. Since they have about 8 spare rooms on hand, they have decided to allow people who consider themselves a leader, ‘leet hacker, or ninja in their particular field to share their knowledge in a small (30 person) workshop setting.
The organizers are not strict on content, though it should be compelling. They cite examples such as teaching people to build an impenetrable Linux installation, PS3 hacking, or even helping people prep for a Ham radio license exam.
If you have something interesting to share with the community, be sure to swing by the Defcon site and get your application started!
As he does every year, [Joe Grand] gave a talk explaining the development process for Defcon 18 badges. We looked in on these when details started trickling out back in July. They feature a neat bit of tech in the form of an LCD that acts much like ePaper. It doesn’t take any electricity to hold the image, only to change the display. This is a valuable feature for a battery powered device and allowed him to get about 9 days of juice out of a CR2032. This year’s badges also used laser-etched Aluminum as a substrate.
We’ve embedded the talk after the break and found it interesting enough to watch the entire hour. If you’re more interested in the hacks that came out of the badge, we’ve put together a playlist of videos [Joe] took while at the conference.
Continue reading “A look back at DefCon 18 badges”
The details are out for the DefCon 18 badges. The new design has a lot of goodies packed into it, most notably a 128×32 LCD display. You can’t see it in the image above because it’s on the other side of the badge; the ribbon cable passes through a slit in the substrate to reach the connector on the back. The board has a mini-USB connector and is meant to get even the unseasoned novice up and running with some firmware tweaks. The Freescale processor (which is the same chip as last year’s badge) is running a bootloader that can be accessed and flashed using a terminal program. Yeah… impressive.
But it doesn’t stop with the component selection or firmware mastery, these badges are beautiful too. What you see above is the prototype, but the 7780 badges produced come in seven different flavors (as usual), laser etched on a PCB that uses Aluminum as the substrate. Line up all the badges side-to-side and you get a graphic art storyboard. [Joe] outdid himself this year, and he’s been nice enough to share the development details (PDF) which we spent way too much time drooling over.
Following up on their post about the new Defcon 17 badges, Wired recently posted some of the best badge hacks of the con. Among the hacks featured were an LED frequency meter hack, a sound seeking dirigible powered by three badges, and a wireless geiger counter random number generator that sent random numbers back to a laptop equipped with a zigbee card. Probably one of the most impressive hacks mentioned, the hack that won the badge hacking contest, was the LED equipped baseball cap modeled above by [Joe Grand], Defcon’s defacto badge designer.
The hacked badge is connected to the cap by an ethernet cable, where the LEDs pulse on and off in order to defeat facial recognition systems. The cap’s designer told Wired that he initially designed the cap in order to sneak into [Grand]’s room to steal the über badges under his protection. Needless to say, the winner doesn’t have to worry about stealing the badges anymore as he was awarded his own über badge at the award ceremony. While we’re not completely sure who pulled off this awesome hack, we congratulate you and all of the participants of the badge hacking contest on your fantastic hacks.
Update: We’ve confirmed that the badge contest winner was in fact [Zoz Brooks], [Grand]’s co-star on the popular Discovery channel show Prototype This. From all indications, his hack seems to be legitimate and not a clever idea, however we are still looking to confirm this. Also, even though Wired’s article stated that the dirigible was sound seeking, we have confirmed that it is sound avoiding. Thank’s to everyone in the comments for pointing these things out.