Hey, I like a good party like anyone else. I’ve been drooling over some of the projects coming out of burning man for years. However, the ratio of “gettin’ crazy” to “build awesome stuff” seems to be slanted in favor of the party experience. There’s absolutely nothing wrong with that. However, when I saw this, my eyes welled up with tears of joy.
ToorCamp is Burning Man with less drugs and more hacking. This summer ToorCamp will take place on the northwest corner of the staggeringly beautiful Olympic Peninsula. Just get yourself out there!
Located at the Hobuck beach resort near Neah Bay WA, Toorcamp is a 4 day event that should pull in roughly 1,000 enthusiastic hackers. There are four “villages” that you can wander through; the lock picking village, the hardware hackers village, the maker’s village, and the crafting village. All should include bountiful talks and hands on workshops. There’s also a quiet camp if you really really want to avoid the inevitable sporadic parties.
The 2009 edition of the Black Hat security conference in Las Vegas has just begun. The first interesting talk we saw was [Andrea Barisani] and [Daniele Bianco]’s Sniff Keystrokes With Lasers/Voltmeters. They presented two methods for Tempest style eavesdropping of keyboards.
Continue reading “Black Hat 2009: Powerline and optical keysniffing”
Annual hacker conference LayerOne will be held May 23-24th in Anaheim, CA. They’ve completed the speaker lineup and have quite a few interesting talks. [David Bryan] Will be focusing on practical hacking with the GNU Radio. It’s a software defined radio that we’ve covered in the past for GSM cracking. [Datagram] will present lockpicking forensics. While lockingpicking isn’t as obvious as brute force entry, it still leaves behind evidence. He’s launched lockpickingforensics.com as a companion to this talk. LayerOne is definitely worth checking out if you’re in the Los Angeles area.
The registration desk hasn’t opened yet at ShmooCon 2009, but we’re already running into old friends. We found [Larry Pesce] and [Paul Asadoorian] from the PaulDotCom Security Weekly podcast showing off their latest ShmooBall gun. ShmooBalls have been a staple of ShmooCon from the very beginning. They’re soft foam balls distributed to each of the attendees who can then use them to pelt the speakers when they disagree. It’s a semi-anonymous way of expressing your dismay physically. [Larry] has been building bigger and better ways to shoot the ShmooBalls for the last couple years. You may remember seeing the 2008 model. This year the goal was to make the gun part much lighter. The CO2 supply is mounted remotely with a solenoid valve and coiled air line. The pistol grip has a light up arming switch and trigger. The gun is fairly easy to transport: the air line has a quick disconnect and the power is connected using ethernet jacks.
[Chris Paget] is going to be presenting at ShmooCon 2009 in Washington D.C. this week. He gave a preview of his RFID talk to The Register. The video above demos reading and logging unique IDs of random tags and Passport Cards while cruising around San Francisco. He’s using a Symbol XR400 RFID reader and a Motorola AN400 patch antenna mounted inside of his car. This is industrial gear usually used to track the movement of packages or livestock. It’s a generation newer than what Flexilis used to set their distance reading records in 2005.
The unique ID number on Passport Cards doesn’t divulge the owners private details, but it’s still unique to them. It can be used to track the owner and when combined with other details, like their RFID credit card, a profile of that person can be built. This is why the ACLU opposes Passport Cards in their current form. The US does provide a shielding sleeve for the card… of course it’s mailed to you with the card placed outside of the sleeve.
Technology exists to generate a random ID every time an RFID card is being read. The RFIDIOt tools were recently updated for RANDOM_UID support.
The 25th Chaos Communication Congress is underway in Berlin. One of the first talks we dropped in on was [script]’s Solar-powering your Geek Gear. While there are quite a few portable solar products on the market, we haven’t seen much in the way of real world experience until now.
Continue reading “25C3: Solar-powering your gear”
The 25C3 team has a post highlighting some of the hardware workshops that will be happening at Chaos Communication Congress this year. Our own [Jimmie Rodgers] will be in the microcontroller workshop area building kits with many others. The folks from mignon will be bringing several of their game kits for another workshop. We saw quite a few quadcopters at CCCamp and the team from Mikrokopter will be back to help you construct your own drone. They say it only takes five hours for the full build, but space is limited.