The 2009 edition of the Black Hat security conference in Las Vegas has just begun. The first interesting talk we saw was [Andrea Barisani] and [Daniele Bianco]’s Sniff Keystrokes With Lasers/Voltmeters. They presented two methods for Tempest style eavesdropping of keyboards.
Annual hacker conference LayerOne will be held May 23-24th in Anaheim, CA. They’ve completed the speaker lineup and have quite a few interesting talks. [David Bryan] Will be focusing on practical hacking with the GNU Radio. It’s a software defined radio that we’ve covered in the past for GSM cracking. [Datagram] will present lockpicking forensics. While lockingpicking isn’t as obvious as brute force entry, it still leaves behind evidence. He’s launched lockpickingforensics.com as a companion to this talk. LayerOne is definitely worth checking out if you’re in the Los Angeles area.
The registration desk hasn’t opened yet at ShmooCon 2009, but we’re already running into old friends. We found [Larry Pesce] and [Paul Asadoorian] from the PaulDotCom Security Weekly podcast showing off their latest ShmooBall gun. ShmooBalls have been a staple of ShmooCon from the very beginning. They’re soft foam balls distributed to each of the attendees who can then use them to pelt the speakers when they disagree. It’s a semi-anonymous way of expressing your dismay physically. [Larry] has been building bigger and better ways to shoot the ShmooBalls for the last couple years. You may remember seeing the 2008 model. This year the goal was to make the gun part much lighter. The CO2 supply is mounted remotely with a solenoid valve and coiled air line. The pistol grip has a light up arming switch and trigger. The gun is fairly easy to transport: the air line has a quick disconnect and the power is connected using ethernet jacks.
[Chris Paget] is going to be presenting at ShmooCon 2009 in Washington D.C. this week. He gave a preview of his RFID talk to The Register. The video above demos reading and logging unique IDs of random tags and Passport Cards while cruising around San Francisco. He’s using a Symbol XR400 RFID reader and a Motorola AN400 patch antenna mounted inside of his car. This is industrial gear usually used to track the movement of packages or livestock. It’s a generation newer than what Flexilis used to set their distance reading records in 2005.
The unique ID number on Passport Cards doesn’t divulge the owners private details, but it’s still unique to them. It can be used to track the owner and when combined with other details, like their RFID credit card, a profile of that person can be built. This is why the ACLU opposes Passport Cards in their current form. The US does provide a shielding sleeve for the card… of course it’s mailed to you with the card placed outside of the sleeve.
Technology exists to generate a random ID every time an RFID card is being read. The RFIDIOt tools were recently updated for RANDOM_UID support.
[Thanks Zort]
The 25th Chaos Communication Congress is underway in Berlin. One of the first talks we dropped in on was [script]’s Solar-powering your Geek Gear. While there are quite a few portable solar products on the market, we haven’t seen much in the way of real world experience until now.
The 25C3 team has a post highlighting some of the hardware workshops that will be happening at Chaos Communication Congress this year. Our own [Jimmie Rodgers] will be in the microcontroller workshop area building kits with many others. The folks from mignon will be bringing several of their game kits for another workshop. We saw quite a few quadcopters at CCCamp and the team from Mikrokopter will be back to help you construct your own drone. They say it only takes five hours for the full build, but space is limited.
Hacking at Random, an international technology and security conference, has just announced the dates for their 2009 event. The four day outdoor technology camp will be held August 13-16 near Vierhouten, Netherlands. HAR2009 is brought to you by the same people who held What the Hack, which we covered in 2005. They’ve done this every four years for the last 20. We’ll be sure to attend. We loved CCCamp in Germany last year and plan on attending ToorCamp in Seattle this year too.
[photo: mark]
November 1st means that registration for ShmooCon 2009 has opened. The DC hacker convention is entering the fifth year. They’re releasing the tickets in blocks; after today’s are gone the next won’t be available till December 1st. Today is also the closing of first round consideration for their call for papers, but you still have another month before the final deadline.
We’ve always enjoyed our time at ShmooCon. In 2008 we saw talks on cracking GSM encryption and recovering data from SSDs.
Maker Faire Austin is happening this weekend, October 18 & 19, 2008 at the Travis County Expo Center in Austin, TX. Maker Faire is a showcase of all things DIY. You’ll see robots, sculptures, live performances, and other wonders including many of the projects we cover here every day. We enjoyed our time in San Mateo earlier this year and the show keeps getting better and better. You can see photos from previous events on Flickr. If you’ve got a chance to go, take it.
Long before we started reporting on [Dan Kaminsky]’s DNS chicanery, he contributed a guest post about one of our favorite sources of new technology: SIGGRAPH. The stars have aligned again and we’re happy to bring you his analysis of this year’s convention. [photo: Phong Nguyen]
So, last week, I had the pleasure of being stabbed, scanned, physically simulated, and synthetically defocused. Clearly, I must have been at SIGGRAPH 2008, the world’s biggest computer graphics conference. While it usually conflicts with Black Hat, this year I actually got to stop by, though a bit of a cold kept me from enjoying as much of it as I’d have liked. Still, I did get to walk the exhibition floor, and the papers (and videos) are all online, so I do get to write this (blissfully DNS and security unrelated) report.
Hack a Day serves up fresh hacks each day, every day from around the web and a special How-To hack each week.
Powered by WordPress
