Gather round and hear the story of how a hacker outsmarts a criminal. [Zoz] was robbed and they got his desktop computer. Gone, right? Nope. Because of a peculiar combination of his computer’s configuration, and the stupidity of the criminal, he got it back. He shares the tale during his Defcon 18 talk (PDF), the video is embedded after the break.
[Zoz’s] first bit of luck came because he had set up the machine to use a dynamic DNS service, updated via a script. Since the criminal didn’t wipe the hard drive he was able to find the machine online. From there he discovered that he could SSH into it, and even use VNC to eavesdrop on the new owner. This, along with a keylogger he installed, got him all the information he needed; the guy’s name, birth date, login and password information for websites, and most importantly his street address. He passed along this juicy data to police and they managed to recover the system.
Continue reading “A hacker’s marginal security helps return stolen computer”
This is [Michael Ossmann’s] RGB LED stroboscopic guitar tuner. If his name is familiar that’s because we mentioned he’d be giving a talk with [Travis Goodspeed] at ToorCon. But he went to DefCon as well and spent the weekend in his hotel room trying to win the badge hacking contest.
Despite adversity he did get his tuner working. It’s built into a toy guitar that he takes on road trips with him. By adding a row of RGB LEDs between two of the frets he can use the vibration frequency of an in-tune string to flash the three different colors. If the string is not in tune the three colors will dance around but matching it with the LED frequency produces a stable color. He then uses that big yellow button to advance to the next string. See his demonstration after the break.
This is basically a built-in plectrum tuner that uses one LED package instead of two.
Continue reading “RGB stroboscopic guitar tuning”
[Jason Scott], data historian extraordinaire gave this fantastic speech at Defcon 18 about the history of inter-pirate piracy. At an hour long, it is an enthralling journey through computer history, especially pertaining to piracy. Take a seat, no matter how much you know about security and piracy, you are likely to learn a few things. We find the lesser discussed issues like pirates stealing other pirates work interesting, as well as the part where pirates have to crack really boring software to have a release when there’s nothing better out there. Also worth noting, according to [Jason], the demoscene evolved from the little opening sequences from cracks. There are just too many interesting aspects to note here, even some porn related stories during the BBS days.
This is a great lesson from someone who is both knowledgeable and entertaining. [Jason] teaches this stuff without ever sounding stuffy, boring, or overly technical. Catch the video after the break.
Continue reading “You’re stealing it wrong: a speech by Jason Scott”
The details are out for the DefCon 18 badges. The new design has a lot of goodies packed into it, most notably a 128×32 LCD display. You can’t see it in the image above because it’s on the other side of the badge; the ribbon cable passes through a slit in the substrate to reach the connector on the back. The board has a mini-USB connector and is meant to get even the unseasoned novice up and running with some firmware tweaks. The Freescale processor (which is the same chip as last year’s badge) is running a bootloader that can be accessed and flashed using a terminal program. Yeah… impressive.
But it doesn’t stop with the component selection or firmware mastery, these badges are beautiful too. What you see above is the prototype, but the 7780 badges produced come in seven different flavors (as usual), laser etched on a PCB that uses Aluminum as the substrate. Line up all the badges side-to-side and you get a graphic art storyboard. [Joe] outdid himself this year, and he’s been nice enough to share the development details (PDF) which we spent way too much time drooling over.
Wired took a look at this year’s Ninja Party badges. We were giddy about all the goodies involved in last year’s must-have badge that served as an invitation to the party. It was tailor-made for hacking, including an on-board disassembler. This year’s details are still a bit sparse but the offering is more along the lines of a market-ready product. The badges come in hand held gaming format, with a d-pad and two buttons. They can connect wirelessly with each other and with hidden base stations, allowing participants to fight in the digital realm for LED-indicated achievements. The teaser is tantalizing and we can’t wait to hear details about the real/digital gaming adventure soon to unfold.
In 2006, Defcon 14 premiered a unique electronic badge. All it did was blink, but it raised the bar for what was expected from a hacker conference badge. In 2007, they went from 2 LEDs to 95 in a scrolling marquee. Along with a POV mode, the badge had two capacitive switches to let the user edit the displayed text. Defcon 16’s badge featured an IR transmitter and receiver for transferring files from an SD card. It worked as a TV-B-Gone and had pads to access a USB bootloader. That was the same year that The Last Hope debuted their RFID tracking badges.
This year the official Defcon badge reacted to sound, but they were no longer the only game in town. Ninja Networks brought their 10 character party badges with a built in debugger. The Arduino compatible HackTheBadge 1.0 also made an appearance. With these new entrants into the field, we wondered what you’d want to see in your ideal badge. What badge would you want to see at next year’s Defcon? Leave you comments below and keep in mind that it should be an idea that is easy to cheaply mass produce.
UPDATED: Forgot to mention the Neighborcon 2 badge based on the GoodFET20.
[Photo: Ninja Networks]
[Martin] tipped us off to HackTheBadge 1.0. Possibly more elusive than the NinjaBadge, HackTheBadge has a Dpad, a 3×5 LED matrix, Arduino compatable headers, and 46 GPIO channels. You can download the open source plans if you didn’t get one at Defcon. You probably didn’t, there were only 14 given out. You can also order one pre assembled. This makes us wonder, does being low in quantity qualify this as elusive?