DENCON

dencon

Defcon, the world’s largest hacker convention, is this coming weekend in Las Vegas. While the convention generally focuses on breaking new technology, digital archivist [Jason Scott] has an interesting surprise for attendees this year. With some help from VintageTech, he’ll be assembling a massive den of retro computing machinery. They’ll have fully functional systems like the PDP-11/70 for people to play with. It sure to be one of the more unique things to see at the con.

Defcon 17: early badge details

had_badge1

Every year, the Defcon badge takes a technological step forward. The details are starting to emerge for this years hardware lineup. Last years badge, pictured above, had LED status indicators and an IR transceiver. There’s no telling what this years badge will do, but we do know it has a new processor. They have chosen the Freescale MC56F8006 to build everything around this year. We think it would be cool to see some RFID, maybe a heat map of the traffic in the facility. Maybe some distributed computing would be cool. What could we do with an embedded camera? We eagerly await more details.

Binary reversing comic

b300

Last month, in preparation for Defcon 17, the qualifiers were held for capture the flag, one of Defcon’s most well known events. One participant, [mongii], did a writeup on how to solve problem B300. The challenge was to find the decryption key used by a program that had several twists that hindered debugging. After grappling with self-modifying code and junk instructions, the team was finally able to find the answer. This win helped Sapheads place in the top 10.  Over at xchng.info, they are collecting solutions to the other problems. Sadly, they’re not all in comic form.

Defcon 17 Call for Papers

defcon

Notorious hacker conference Defcon has just published their Call for Papers. The 17th annual event will happen July 30th through August 2nd. Most of the announcement is the same boilerplate they’ve included for the past two years. Like last year, they’re not defining the specific speaking track themes and will come up with them based on submissions. New for this year is a half-day of workshops on the Thursday before Defcon for anyone that’s showing up early. This pre-con event is targeted at newbies. It certainly sounds like an interesting way to ease into Defcon instead of the usual delays and fire marshals. We’ve been attending every year since 2005 and love seeing new things. You should definitely consider presenting this year (we want to see more hardware!).

Defcon calls for new CTF organizer

Kenshoto, organizer of the official Defcon Capture the Flag contest for the last four years, has stepped down from the position, and thus Defcon is looking for a new organizer for the event. If you’re highly competent, and maybe a little crazy, this might be your chance to step in and run one of the most well-known and prestigious hacking contests in the world. Please understand that the staff is looking for someone who wants to take ownership of the contest and make something new, unique, and challenging, and that Kenshoto has left extremely huge shoes to fill. Merely offering to replicate the existing contest and keep things mostly unchanged isn’t going to cut it.

If you’re up to the challenge, check out Dark Tangent’s post on the Defcon forums (which, for some odd reason, sounds strikingly like his 2005 post calling for a CTF organizer), where he comprehensively lays out what the staff is looking for in a new event organizer. If it jives well with you, get in touch with the Defcon staff, and maybe we’ll be covering your contest later this year.

BSoDomizer blue-screens your enemies

In case you were wondering what industrious hacker [Joe Grand] was doing when he’s not building stuff for Prototype This!, designing Defcon badges, or testifying before congress, it’s this: The BSoDomizer is a VGA pass through device that displays an image of your choice on the victim’s screen. It can do this either periodically or via an IR trigger. The image of choice is a Windows style Blue Screen of Death. It’s powered by a watch battery. The project site has all the schematics you need plus ASCII goatse imagery; you’ve been warned. Embedded below is a demo of the device. We unfortunately didn’t get to see it when it was originally presented during Defcon 16. [Read more...]

Subway hacker speaks


Popular Mechanics has an interview with [Zach Anderson], one of the MIT hackers that was temporarily gagged by the MBTA. The interview is essentially a timeline of the events that led up to the Defcon talk cancellation. [Zach] pointed out a great article by The Tech that covers the vulnerabilities. The mag stripe cards can be easily cloned. The students we’re also able to increase the value of the card by brute forcing the checksum. There are only 64 possible checksum values, so they made a card for each one. It’s not graceful, but it works. The card values aren’t encrypted and there isn’t an auditing system to check what values should be on the card either. The RFID cards use Mifare classic, which we know is broken. It was NXP, Mifare’s manufacturer, that tipped off the MBTA on the actual presentation.

Follow

Get every new post delivered to your Inbox.

Join 92,149 other followers