Hacking A KVM: Teach A Keyboard Switch To Spy

August 8, 2015 by Mike Szczys 11 Comments

When it comes to large systems, there are a lot more computers than there are people maintaining them. That’s not a big deal since you can simply use a KVM to connect one Keyboard/Video/Mouse terminal up to all of them, switching between each box simply and seamlessly. The side effect is that now the KVM has just as much access to all of those systems as the human who caresses the keyboard. [Yaniv Balmas] and [Lior Oppenheim] spent some time reverse engineering the firmware for one of these devices and demonstrated how shady firmware can pwn these systems, even when some of the systems themselves are air-gapped from the Internet. This was their first DEF CON talk and they did a great job of explaining what it took to hack these devices.

Continue reading “Hacking A KVM: Teach A Keyboard Switch To Spy” →

Cory Doctorow Rails Against The Effect Of DRM And The DMCA

August 8, 2015 by Mike Szczys 30 Comments

If you weren’t at [Cory Doctorow’s] DEF CON talk on Friday you missed out. Fighting Back in the War on General Purpose Computing was inspiring, informed, and incomparable. At the very lowest level his point was that it isn’t the devices gathering data about us that is the big problem, it’s the legislation that makes it illegal for us to make them secure. The good news is that all of the DEF CON talks are recorded and published freely. While you wait for that to happen, read on for a recap and to learn how you can help the EFF fix this mess.

Continue reading “Cory Doctorow Rails Against The Effect Of DRM And The DMCA” →

DEF CON Uber Badge So Hot It’s Radioactive

August 7, 2015 by Mike Szczys 21 Comments

I went to the Opening Ceremonies of DEF CON 23 this morning to get more information on the badge challenge and I was not disappointed. The talk covered the Uber badge, which is hot in a literally radioactive sense. This badge, which is also known as the black badge, is reserved for people who are first to solve one of the official DEF CON challenges. It grants lifetime free admission and opens just about any door when listed on your resume.

DEF CON 23 Uber Badge (front)

(back)

Lichtenberg Figures

The triangle of acrylic itself is adorned with Lichtenberg Figures. This is a bolt of lightning on the badge. By building up extremely high voltages, the discharge leaves a unique pattern. In this case it was a 5 million volt, 150 kW particle accelerator that made the figures.

There is a medallion affixed to this triangular base-plate which is obviously part of the puzzle everyone is trying to solve this weekend. What is less clear is how the radioactive isotopes of this badge play into this challenge.

Whoa, oh, oh, oh, I’m Radioactive, Radioactive

Trinitie Photo by Shaddack - CC BY 3.0 — Trinitie Photo by Shaddack – CC BY 3.0

[LoST] took inspiration from [Richard Feynman] to a new level with this badge. [Feynman] was involved with “The Gadget” experiment which I know better as Trinity, the first detonation of a nuclear weapon. This badge contains isotopes from that detonation.

Trinitite (get it, from the Trinity explosion?) is a green glassy substance generated from a Plutonium-based bomb explosion. [LoST] made a point of explaining that the samples of Trinitite in this badge create a unique radioactive signature that not only traces back to this explosion, but actually indicates a precise distance form the epicenter of the explosion.

Also embedded in the badge are glass spheres doped with 3% Uranium 238. Tritium, used in exit signs, is a third source of radioactivity on the badge. This is joined by another marker that is a combination of Uraninite, Pitchblende, Carnotite, Gummit, and Yellowcake.

Interesting story, Tritium is highly regulated in this country but it is hypothetically possible to import it from Europe by a seller who ships it sealed inside packets of coffee. Hypothetically.

The opening ceremonies talk concluded with some inspirational remarks from [Dark Tangent]. Pictures of that as well as a few of [L0ST’s] slides are found below. If you’re working on the badge challenge, join in on the collaborative Badge deciphering we’ve started on Hackaday.io. If you’re at DEF CON, make sure to show up for breakfast with us on Sunday.

Continue reading “DEF CON Uber Badge So Hot It’s Radioactive” →

Help Decipher The DEFCON Badge

August 6, 2015 by Mike Szczys 25 Comments

The 23rd DEFCON — the Western Hemisphere’s largest hacker conference — doesn’t start until tomorrow but Thursday has become the de facto start for regulars. [Brian] and I rolled into town this afternoon and are working on gathering as much information as possible about the badge challenge.

This year the badge is a 7″ vinyl record. Traditionally the badge alternates years of electronic badges and ones that aren’t. Spend your weekend pulling your hair our trying to solve the puzzles. Check out all the pictures and information (updated as we gather it) and work together collaboratively for a solution by requesting to join the crew on the Badge Hacking page.

Hackaday Breakfast on Sunday

If you’re in town Sunday morning, come nurse your hangover with [Brian], [Eric], and me. We’re headed to Va Bene Caffè at 10:30am on 8/9/15. It’s just across the street in the Cosmopolitan. Request to join this event and I’ll send you a reminder so you don’t forget. You can also hit me up on Twitter for a reminder. See you then (and don’t forget to bring hardware to show off if you have some!).

PS- The Hackaday WiFi Hat is in play. Anyone have the chops to hack it this year?

LightBlue Bean+ Adds Battery, Connectors, Price

August 5, 2015 by Mike Szczys 2 Comments

PunchThrough, creators of the LightBlue Bean, have just launch a Kickstarter for a new version called LightBlue Bean+. The tagline for the hardware is “A Bluetooth Arduino for the Mobile Age” which confirms that the hardware is targeted at a no-hassle, get it connected right now sort of application.

For those unfamiliar, the original LightBlue Bean is a single board offering meant to marry Bluetooth connectivity (think Cellphones with BTLE) to the capabilities of a microcontroller-based hardware interface. The Bean+ augments this hardware with a 300m+ range increase, an integrated LiPo (600mAh or more), and headers/connectors where there were only solder pads before.

On the software side of things the Bean+ has four firmware options that make it speak MIDI, ANCS, HID, or Peer-to-Peer, only not all at the same time. The good news is that these are ecosystem upgrades and will work for existing Bean hardware too. The entire thing comes with online-platform integration and easy to use Smartphone tools to guide you through connecting and making something useful.

The board includes a battery tending circuit that allows it to be charged via the USB port but can run over a year between recharges if you use it judiciously. There is a slider switch near the pin sockets marked “A3, A4, A5” which toggles between 3.3v and 5v so that no level shifters are needed for sensors and other hardware you might use with it. The white connectors seen near the bottom of this image are Grove connectors. These provide I2C and Analog support to that ecosystem of add-on boards.

All in all this is a pretty sweet upgrade. The MSRP will be $45 but early backers can get in around 10-25% less than that. The price doesn’t mean it’s a no-brainer to pick one up, but the header options make this much more versatile and reusable than the original Bean and we like the idea of a rechargeable battery of the coin cells used by Bean+’s predecessor. It is an each choice for drop-in no hassle connectivity when bottom line isn’t your top concern.

Original LightBlue Bean is available in the Hackaday Store.

The Right Way To Do A Hacker Conference

August 3, 2015 by Mike Szczys 14 Comments

DEFCON is huge. Last year attendance tipped at about 16k, and we’d wager this year will be even bigger. [Brian] and I will both be among those attending (more on that below) but I wanted to take this time to show you the right way to do a Hacker Conference.

Build Your Own Badge

We met a ton of people at DEFCON 22 last year, but the Whiskey Pirates made a lasting impression. I first ran across two of their crew walking the hallways of the con with this awesome badge. How can you not stop and strike up a conversation about that? Turns out this group of friends have been meeting up here for years. This year they went all out, designing one badge to rule them all. And like any good hacker project, they weren’t able to finish it before getting to the hotel.

Set Up Your Electronics Lab

Binoc microscope for rework

This badge’s LEDs changed to purple

Rack of equipment

Scopes

Hot air and more

So, you didn’t stuff your boards before leaving home? For the Whiskey Pirates this is not even remotely a problem. They just brought the electronics lab to their suite in the Rio Hotel.

On the bathroom vanity you find the binocular microscope which was good for troubleshooting an LED swap on the official conference badge. An entire cart with hot-air, multiple solder stations, oscilloscopes, and more was on hand. I populated the surface mount LEDs on the badge the crew gave to me. When I was having trouble seeing my work they called the front desk for an additional lamp. You should have seen the look on the bellhop’s face when he walked in!

A bit of marathon assembly and everyone from the Whiskey Pirates (plus me) had a working badge, demonstrated in the video below. But this isn’t where the fun stops.

Continue reading “The Right Way To Do A Hacker Conference” →

The Countdown Begins — Last Two Weeks For Entries

August 1, 2015 by Mike Szczys 13 Comments

Procrastination is a wonderful thing, but now is the time to stop delaying. Get those hacks documented and entered in the 2015 Hackaday Prize. We’ll close entries in just about two weeks. There’s a handy little countdown on the Prize page which lets you know that your entry must be in by August 17th at 1:50pm PDT (UTC-7).

There’s a lot at stake here, so let’s take another look at what this is all about: Build something that solves a problem faced by a lot of people and you could score a Trip to Space, $100,000 for Best Product, or 2nd-5th place prizes worth $5,000-10,000 each.

Of course the goal is to show off your build. This could end up inspiring others to Build Something that Matters and that means to win you need to document your work. Join us after the break to see the minimum needed for your entry to qualify for judging.

Continue reading “The Countdown Begins — Last Two Weeks For Entries” →