Our trip to Germany wouldn’t be complete without a trip to a proper European hackerspace, and the Munich Chaos Computer Club was more than accommodating in allowing us to invade their space.
Before even walking in the door, you’re greeted with one of the coolest displays you’ve ever seen. Half of the front of their building is a gigantic flipdot display. It’s astonishing in person, and although no dots were flipped during our visit, we can imagine the noise would be deafening. Simply awesome.
Walking in the door, you’re greeted with the general meeting area, conference room, couches, and a Twilight Zone pinball machine. The machine didn’t quite work when we arrived, but within five minutes, [Sprite_TM] was behind the backglass and had everything fixed within an hour.
The back room and basement have the usual assortment of tools – a 3D printer, CNC, lathe, and electronics workbench. If you need a key made, head to the basement. You’ll also find an ATM in the basement. The story with that is that the news station in Munich wanted to do a story on how easy it was to get USB access to the Windows system in an ATM. The station couldn’t do it – but they faked it – and put the ATM up on eBay. Not much money later, the ATM found its way to the space’s basement.
MuCCC is more than just a space with tools, though: in the european hackerspace tradition, there are frequent presentations and talks that would fit in at an academic conference. Last Tuesday, [nicolas] presented a few techniques to protect cryptographic keys from physical integrity attacks, i.e. an evil maid attack or a SWAT team invading your router closet. It’s a daemon that listens to an AVR loaded up with sensors through a GPIO pin. If there is physical intrusion in the device – barometric pressure or light – keys resident in memory can be erased.
You can check out a gallery of pics from the space below.
The stores of Club Mate. There was also a vending machine.
Flip dot display in a junk box.
This test equipment was donated, but it’s still amazingly good
No, that’s not a Darwin. It’s close, though, and the only printer of this design I’ve seen at a hackersapce
There’s an ATM in the basement. Apparently, a news station in Munich bought an ATM to demonstrate how easy it is to crack. The news station couldn’t crack it. It was then sold on eBay and wound up at the space. Yes, you can now play Solitaire on it.
[Sprite_TM] came into the space and found a broken Twilight Zone game. 30 minutes later, it was fixed.
ARRL handbook in Germany. Okay.
Outside of the space.
We hope that some of our readers are currently at this year’s Chaos Communication Congress (schedule can be found here and live streams here), as many interesting talks are happening. One of them addressed hacking the memory controllers embedded in all memory cards that you may have. As memory storage density increases, it’s more likely that some sectors inside the embedded flash are defective. Therefore, all manufacturers add a small microcontroller to their cards (along with extra memory) to invisibly ‘replace’ the defective sectors to the operating system.
[Bunnie] and [xobs] went around buying many different microSD cards in order to find a hackable one. In their talk at 30C3 (slides here), they reported their findings on a particular microcontroller brand, Appotech, and its AX211/AX215. By reverse engineering the firmware code they found online, they discovered a simple “knock” sequence transmitted over manufacturer-reserved commands that dropped the controller into a firmware loading mode. From there, they were able to reverse engineer most of the 8051 microcontroller function-specific registers, allowing them to develop novel applications for it. Some of the initial work was done using a FPGA/i.MX6-based platform that the team developed named Novena, which we hope may be available for purchase some day. It was, among others, used to simulate the FLASH memory chip that the team had previously removed. A video of the talk is embedded below.
Continue reading “Hacking SD Card & Flash Memory Controllers”
Emf Electromagnetic Field Camp is a three-day camping festival for people with an inquisitive mind or an interest in making things: hackers, geeks, scientists, engineers, artists, and crafters.
There will be people talking about everything from genetic modification to electronics, blacksmithing to high-energy physics, reverse engineering to lock picking, crocheting to carpentry, and quadcopters to beer brewing. If you want to talk, there’ll be space for you to do so, and plenty of people who will want to listen.
EMF is a volunteer effort by a non-profit group, inspired by European and US hacker camps like CCC, HAR, and toorcamp. This year on Friday 31st August – Sunday 2nd September 2012 Will hold the first Uk meeting of its kind.
Events and activities will run throughout the day and into the evening, everything else (chats, debates, impromptu circus performances, orbital laser launches) will run as long as your collective energy lasts.
The Event is to be held at Pineham Park, Milton Keynes, UK.
As a Hackaday viewer you can get discounted tickets.
The Klackerlaken is a combination of LED throwie and bristlebot. The bauble is easy to build and really has no other purpose than to delight the masses. The diminutive devices were first seen in the wild at the 2011 CCC (Chaos Communications Camp) as a hands-on workshop. Check out the clip after the break and you’ll see why this really sucks in the spectators.
We’ve seen a ton of Bristlebots before (this tiny steerable version is one of our favorites) and were intrigued to see bottle caps used as the feet instead of the traditional toothbrush head. In fact, that video clip shows off several different iterations including two caps acting as an enclosure for the button cell and vibrating motor. Googly eyes on the top really complete the look on that one.
Decorating the robots with LEDs, fake eyes, tails, and feathers helps to temper the technical aspects that kids are learning as they put together one of their own. We’re glad that [Martin] shared the link at the top which covers the creations seen at a workshop held by Dorkbot Berlin. This would be a great activity for your Hackerspace’s next open house! Perhaps its possible to have follow-up classes that improve on the design, using rechargeable cells instead of disposable buttons, or maybe supercaps would work.
Continue reading “Klackerlaken gets the common man excited about electronics”
The 28th Annual Chaos Communications Congress just wrapped things up on December 31st and they’ve already published recordings of all the talks at the event. These talks were live-streamed, but if you didn’t find time in your schedule to see all that you wanted, you’ll be happy to find your way to the YouTube collection of the event.
The topics span a surprising range. We were surprised to see a panel discussion on depression and suicide among geeks (hosted by [Mitch Altman]) which joins another panel called Queer Geeks, to address some social issues rather than just hardcore security tech. But there’s plenty of that as well with topics on cryptography, security within web applications, and also a segment on electronic currencies like Bitcoins.
There really is something for everyone and they’ve been thoughtful enough to include playlists for all talks, just the lightning talks, and lightning talks categorized by the day they occurred. Get those links from their YouTube channel description, or find them after the break.
Continue reading “Watch all of the freshly published talks from 28c3″
Want to listen in on cellphone calls or intercept test messages? Well that’s a violation of someone else’s privacy so shame on you! But there are black-hats who want to do just that and it may not be quite as difficult as you think. This article sums up a method of using prepaid cellphones and some decryption technology to quickly gain access to all the communications on a cellular handset. Slides for the talk given at the Chaos Communications Congress by [Karsten Nohl] and [Sylvain Munaut] are available now, but here’s the gist. They reflashed some cheap phones with custom firmware to gain access to all of the data coming over the network. By sending carefully crafted ghost messages the target user doesn’t get notified that a text has been received, but the phone is indeed communicating with the network. That traffic is used to sniff out a general location and eventually to grab the session key. That key can be used to siphon off all network communications and then decrypt them quickly by using a 1 TB rainbow table. Not an easy process, but it’s a much simpler method than we would have suspected.
Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.
We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.
Continue reading “PS3 hacking start-to-finish – CCC”