HOPE 2008: Wikiscanner 2.0


[Virgil] presented the next version of Wikiscanner at The Last HOPE today. To build the original Wikiscanner, he scanned the monthly database dump of anonymous edits and compared that against a purchased list of known company IP addresses. The 34.5 million edits account for nearly 21% of all edits. The idea was to unearth businesses and groups white washing critical pages. This only handles anonymous edits though. Users could log in to avoid having their IP reversed.

In the new version, [Virgil]‘s team developed a Poor Man’s CheckUser. If you spend too much time editing a talk page, your session could end and when you hit save it attaches your IP. Most regular users will then log in and remove their IP. They found 13,000 username/IP address pairs by searching for IPs being removed and replaced with usernames. These are some of the most active users. Using this list, they could potentially uncover sockpuppets or potential collusion by top editors.

[Read more...]

HOPE 2008: Cold boot attack tools released


The team from Princeton has released their cold boot attack tools at The Last HOPE. Earlier this year they showed how to recover crypto keys from the memory of a machine that had been powered off. Now they’ve provided the tools necessary to acquire and play around with your own memory dumps. The bios_memimage tool is written in C and uses PXE to boot the machine and copy the memory. The package also has a disk boot dumper with instructions for how to run it on an iPod. There’s also efi_memimage which implements the BSD TCP/IP stack in EFI, but it can be problematic. aeskeyfind can recover 128 and 256bit AES keys from the memory dumps and rsakeyfind does the same for RSA. They’ve also provided aesfix to correct up to 15% of a key. In testing, they only ever saw 0.1% error in there memory dumps and 0.01% if they cooled the chips first.

[Read more...]

HOPE 2008: The impossibility of hardware obfuscation


The Last HOPE is off and running in NYC. [Karsten Nohl] started the day by presenting The (Im)possibility of Hardware Obfuscation. [Karsten] is well versed in this subject having worked on a team that the broke the MiFare crypto1 RFID chip. The algorithm used is proprietary so part of their investigation was looking directly at the hardware. As [bunnie] mentioned in his Toorcon silicon hacking talk, silicon is hard to design even before considering security, it must obey the laws of physics (everything the hardware does has to be physically built), and in the manufacturing process the chip is reverse engineered to verify it. All of these elements make it very interesting for hackers. For the MiFare crack, they shaved off layers of silicon and photographed them. Using Matlab they visually identified the various gates and looked for crypto like parts. If you’re interested in what these logic cells look like, [Karsten] has assembled The Silicon Zoo. The Zoo has pictures of standard cells like inverters, buffers, latches, flip-flops, etc. Have a look at [Chris Tarnovsky]‘s work to learn about how he processes smart cards or [nico]‘s guide to exposing standard chips we covered earlier in the week.

Music and visual arts at The Last HOPE

[Peter Kirn] from Create Digital Music has an article up highlighting many of the great music and visual performance pieces planned for The Last HOPE on Friday night. If you are around New York and not accustomed to hacking conferences, this could be a great excuse to go check it out. Here are some of our favorite projects.

[Read more...]

Toool picksets at The Last HOPE

Speaking of laser engraving, the blackbag blog announced that Toool has designed 2 unique picksets for The Last HOPE this year. First is the credit card sized snap-off set seen above. They have named this one The Last HOPE emergency pickset. The other pickset is a new version of the ‘double sided pick’ series. This set consists of picks with the same tool on either end, but they are sized differently. This set will contain 8 picks with promised improvements. If you are interested in more complex picks, check out the centipede.

The Last Hope schedule finalized, preregister now


The schedule for this year’s The Last Hope conference in New York City has been finalized, and there’s still time to preregister. Today is the last chance for overseas attendants to preregister, and the rest of you have until July 6th. A/V volunteers are still needed, so step up if you have the desire and skills.

The three-day conference will feature three tracks of scheduled talks, plus one track for unscheduled talks by registered attendees. You can view the full schedule interactively, in wiki format, or in conventional format. It takes place between July 18th and July 20th; hurry up and snag your tickets now. We’re interested in all the talks, but [Chris Seidel]‘s talk on biohacking, NYC Resistor’s presentation about collaborative hardware hacking, and [Ray]‘s demonstration on escaping high security handcuffs have us waiting in rapt anticipation. So who’s going? What are you looking forward to? Let us know in the comments.

The Best of 2600


2600 editor [Emmanuel Goldstein], has decided to publish The Best of 2600. It features some of the best essays on lockpicking, phone phreaking, social engineering, and other topics that the hacker quarterly had to offer.

Founded in 1984, 2600 was one of the major catalysts that got the modern hacker scene going. They published controversial articles on topics like red boxing and spawned monthly meetings. This firsthand account of the development of hacker culture will be released in July at The Last HOPE in New York.