The first full day of DEF CON was packed with hacking hardware and cars. I got to learn about why your car is less secure than you might think, pick some locks, and found out that there are electronic DEF CON badges after all. Keep reading for all the detail.
I’ve arrived at the Rio Casino in Las Vegas, Nevada for DEF CON 21. Over the next couple of days, I’ll be talking about what I get up to here.
The main event today is registration, which means getting a neat badge. This year’s badge was designed by [Ryan Clarke]. According to the DEF CON booklet, they are “non-electronic-electronic” badges this year, and DEF CON will be alternating between electronic badges every other year.
The playing card design is printed on a PCB, and uses the silkscreen, solder mask, and copper layers to provide three colors for the artwork. The badge is a crypto challenge, featuring some cryptic characters, numbers, and an XOR gate. I don’t have any ideas about it yet, but some people are already working hard on cracking the code.
Tomorrow, I’ll be heading to a few talks including one on hacking cars that we discussed earlier, and one on decapping chips. I’ll also be checking out some of the villages. The Tamper Evident Village is premiering this year, and they’ll be showing off a variety of tamper proofing tech. I’ll also try to get to the Beverage Cooling Contraption Contest, where competitors build devices to cool beverages (ie, beer) as quickly as possible.
If you have any DEF CON tips, let me know in the comments.
A team of researchers from Georgia Tech unveiled their findings yesterday at the Blackhat conference. Their topic is a power charger exploit that installs malware on iOS devices. Who would have thought that there’d be a security hole associated with the charging port on a device? Oh wait, after seeing hotel room locks exploited through their power jack this is an avenue that should be examined with all device security.
The demonstration used a charger and an BeagleBoard. Plugging in the charger is not enough to trigger the exploit, the user must unlock the screen while charging for it to go into action. But once that’s done the game is over. Their demo removes the Facebook app and replaces it with an infected impostor while leaving the icon in the same place on your home screen. They notified Apple of their findings and a patch will roll out with iOS7. So when would you plug your device into an untrusted charger? Their research includes a photo from an airport where an iPad is connected to the USB port of a public charging station.
The summary on the Blackhat site has download icons for the white paper and presentation slides. At the time of writing we had a hard time getting them to download but succeeded after several tries.
Take a look at this sexy piece for open hardware. It’s what you’ll be wearing around your neck at the Open Hardware Summit this year. WyoLum teamed up with Repaper for the display and Seeed Studios for the boards.
It’s called the BADGEr and it’s both an Arduino and and Arduino shield. There are several different power options; coin-cell, microUSB, unpopulated barrel jack, or the lanyard terminals if you want to wear the power supply around your neck. You can see the five momentary push buttons see above, but on the back you’ll find the microSD card slot along with a power switch for preserving the coin cell.
Check out the video below for a quick look. In addition to acting as your credentials the conference schedule comes preloaded. And of course, this is an Open Source design so you can dig through schematic, board artwork, and code at the page linked above. Oh, and the first hack has already been pulled off. Here’s the badge reading Crime and Punishment.
Speaking of conference badges, DEF CON starts this week. Hackaday writer [Eric Evenchick] will be there and we hope he has a chance to look in on some of the badge hacking at the event.
This is Hackaday writer [Eric Evenchick]. He’s headed off to DEF CON, the annual hacking conference held every year at this time in Las Vegas. He’s hoping to see some cool stuff and make some networking connections that lead to a real job. If you’re not attending the conference here’s your chance to live vicariously. He’ll be writing on Thursday, Friday, and Saturday of next week (August 1-3) about all the stuff he encounters at the event.
If you are attending, keep your eyes open for him. We’re sorry that we didn’t manage to get any swag to him for handing out to loyal readers (not his fault, we’ve been a bit preoccupied). If you know of something he just shouldn’t miss email him: eric at hackaday.com. This includes invites to any awesome parties you’ve got planned.
Oh, and don’t be shy about making him pose with you for pictures…. just make sure to Tweet it to @hackaday if you do.
The 2013 IEEE International Conference of Robotics and Automation was held early in May. Here’s a video montage of several robots shown off at the event. Looks like it would have been a blast to attend, but at least you can draw some inspiration from such a wide range of examples.
We grabbed a half-dozen screenshots that caught our eye. Moving from the top left in clockwise fashion we have a segmented worm bot that uses rollers for locomotion. There’s an interesting game of catch going on in the lobby with this sphere-footed self balancer. Who would have thought about using wire beaters as wheels? Probably the team that developed the tripod in the upper right. Just below there’s one of the many flying entries, a robot with what looks like a pair of propellers at its center. The rover in the middle is showing off the 3D topography map it creates to find its way. And finally, someone set up a pool of water for this snake to swim around in.
[Dynotronix] wrote in to share the news that he won the 2013 LayerOne badge hacking contest. In addition to the good news he included a description of his badge hack.
We got a good look at the hardware included on the badge several days ago. You may remember that it’s outfitted with footprints for 48 LEDs around the perimeter which are driven by two ICs. Looking at the image above it’s hard to miss the fact that [Dyno] didn’t populate any of that. He went right for the power of the XMEGA processor to analyze and generate signals.
But what specifically can you do with the signal this thing generates? Turns out a rather simple circuit can make it into a transmitter. [Dyno] concedes that it’s a remarkably finicky setup, but just a few components on a scrap of copper clad turned this into an FM transmitter. Check out the video where you can hear the sweeping alarm-type sounds pushed to an FM radio via his voltage controlled oscillator circuit which has a range of about fifteen feet.