The team from Princeton has released their cold boot attack tools at The Last HOPE. Earlier this year they showed how to recover crypto keys from the memory of a machine that had been powered off. Now they’ve provided the tools necessary to acquire and play around with your own memory dumps. The bios_memimage tool is written in C and uses PXE to boot the machine and copy the memory. The package also has a disk boot dumper with instructions for how to run it on an iPod. There’s also efi_memimage which implements the BSD TCP/IP stack in EFI, but it can be problematic. aeskeyfind can recover 128 and 256bit AES keys from the memory dumps and rsakeyfind does the same for RSA. They’ve also provided aesfix to correct up to 15% of a key. In testing, they only ever saw 0.1% error in there memory dumps and 0.01% if they cooled the chips first.
The Last HOPE is off and running in NYC. [Karsten Nohl] started the day by presenting The (Im)possibility of Hardware Obfuscation. [Karsten] is well versed in this subject having worked on a team that the broke the MiFare crypto1 RFID chip. The algorithm used is proprietary so part of their investigation was looking directly at the hardware. As [bunnie] mentioned in his Toorcon silicon hacking talk, silicon is hard to design even before considering security, it must obey the laws of physics (everything the hardware does has to be physically built), and in the manufacturing process the chip is reverse engineered to verify it. All of these elements make it very interesting for hackers. For the MiFare crack, they shaved off layers of silicon and photographed them. Using Matlab they visually identified the various gates and looked for crypto like parts. If you’re interested in what these logic cells look like, [Karsten] has assembled The Silicon Zoo. The Zoo has pictures of standard cells like inverters, buffers, latches, flip-flops, etc. Have a look at [Chris Tarnovsky]‘s work to learn about how he processes smart cards or [nico]‘s guide to exposing standard chips we covered earlier in the week.
[Peter Kirn] from Create Digital Music has an article up highlighting many of the great music and visual performance pieces planned for The Last HOPE on Friday night. If you are around New York and not accustomed to hacking conferences, this could be a great excuse to go check it out. Here are some of our favorite projects.
Speaking of laser engraving, the blackbag blog announced that Toool has designed 2 unique picksets for The Last HOPE this year. First is the credit card sized snap-off set seen above. They have named this one The Last HOPE emergency pickset. The other pickset is a new version of the ‘double sided pick’ series. This set consists of picks with the same tool on either end, but they are sized differently. This set will contain 8 picks with promised improvements. If you are interested in more complex picks, check out the centipede.
The schedule for this year’s The Last Hope conference in New York City has been finalized, and there’s still time to preregister. Today is the last chance for overseas attendants to preregister, and the rest of you have until July 6th. A/V volunteers are still needed, so step up if you have the desire and skills.
The three-day conference will feature three tracks of scheduled talks, plus one track for unscheduled talks by registered attendees. You can view the full schedule interactively, in wiki format, or in conventional format. It takes place between July 18th and July 20th; hurry up and snag your tickets now. We’re interested in all the talks, but [Chris Seidel]‘s talk on biohacking, NYC Resistor’s presentation about collaborative hardware hacking, and [Ray]‘s demonstration on escaping high security handcuffs have us waiting in rapt anticipation. So who’s going? What are you looking forward to? Let us know in the comments.
2600 editor [Emmanuel Goldstein], has decided to publish The Best of 2600. It features some of the best essays on lockpicking, phone phreaking, social engineering, and other topics that the hacker quarterly had to offer.
Founded in 1984, 2600 was one of the major catalysts that got the modern hacker scene going. They published controversial articles on topics like red boxing and spawned monthly meetings. This firsthand account of the development of hacker culture will be released in July at The Last HOPE in New York.
We’re headed to Cleveland at the end of the week (we’ve heard rumors it rocks) and thought it would be good to list the events we’re planning on hitting in the next five months.
- Notacon / Blockparty April 4-6 Cleveland, OH – This will be a first for us, but we’re definitely excited, especially for the demoscene madness at Blockparty (like Trixter’s MONOTONE PC speaker tracker).
- ToorCon Seattle April 18-20 Seattle, WA – In its second year, this small gathering is sure to be a blast just like last year.
- The Last HOPE July 18-20 New York, NY – Our first HOPE and the last one ever.. since the hotel is being torn down.
- Black Hat US August 2-7 Las Vegas, NV – If anything gets released this year, it’ll be here.
- DefCon August 8-10 Las Vegas, NV – The first con we ever went to. It’s not the best con, but it’s always interesting.
- SIGGRAPH August 11-15 Los Angeles, CA – SIGGRAPH is where you need to be if you want to see cutting edge graphics and interaction projects. It’s a favorite of ours and a nice break from computer security.
Anything we’re missing?
UPDATE: Maker Faire May 3-4 San Mateo, CA – Can’t believe we forgot it. Thanks [pt]!