cons

1382 Articles

GSM Hacking With Prepaid Phones

December 30, 2010 by 32 Comments

Want to listen in on cellphone calls or intercept test messages? Well that’s a violation of someone else’s privacy so shame on you! But there are black-hats who want to do just that and it may not be quite as difficult as you think. This article sums up a method of using prepaid cellphones and some decryption technology to quickly gain access to all the communications on a cellular handset. Slides for the talk given at the Chaos Communications Congress by [Karsten Nohl] and [Sylvain Munaut] are available now, but here’s the gist. They reflashed some cheap phones with custom firmware to gain access to all of the data coming over the network. By sending carefully crafted ghost messages the target user doesn’t get notified that a text has been received, but the phone is indeed communicating with the network. That traffic is used to sniff out a general location and eventually to grab the session key. That key can be used to siphon off all network communications and then decrypt them quickly by using a 1 TB rainbow table. Not an easy process, but it’s a much simpler method than we would have suspected.

[Thanks Rob]

PS3 Hacking Start-to-finish – CCC

December 30, 2010 by 94 Comments

Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.

We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.

Continue reading “PS3 Hacking Start-to-finish – CCC”

A Hacker’s Marginal Security Helps Return Stolen Computer

December 25, 2010 by 76 Comments

Gather round and hear the story of how a hacker outsmarts a criminal. [Zoz] was robbed and they got his desktop computer. Gone, right? Nope. Because of a peculiar combination of his computer’s configuration, and the stupidity of the criminal, he got it back. He shares the tale during his Defcon 18 talk (PDF), the video is embedded after the break.

[Zoz’s] first bit of luck came because he had set up the machine to use a dynamic DNS service, updated via a script. Since the criminal didn’t wipe the hard drive he was able to find the machine online. From there he discovered that he could SSH into it, and even use VNC to eavesdrop on the new owner. This, along with a keylogger he installed, got him all the information he needed; the guy’s name, birth date, login and password information for websites, and most importantly his street address. He passed along this juicy data to police and they managed to recover the system.

Continue reading “A Hacker’s Marginal Security Helps Return Stolen Computer”

RGB Stroboscopic Guitar Tuning

November 3, 2010 by 15 Comments

This is [Michael Ossmann’s] RGB LED stroboscopic guitar tuner. If his name is familiar that’s because we mentioned he’d be giving a talk with [Travis Goodspeed] at ToorCon. But he went to DefCon as well and spent the weekend in his hotel room trying to win the badge hacking contest.

Despite adversity he did get his tuner working. It’s built into a toy guitar that he takes on road trips with him. By adding a row of RGB LEDs between two of the frets he can use the vibration frequency of an in-tune string to flash the three different colors. If the string is not in tune the three colors will dance around but matching it with the LED frequency produces a stable color. He then uses that big yellow button to advance to the next string. See his demonstration after the break.

This is basically a built-in plectrum tuner that uses one LED package instead of two.

Continue reading “RGB Stroboscopic Guitar Tuning”

DefCon 18 Official Badges

July 31, 2010 by 18 Comments

The details are out for the DefCon 18 badges. The new design has a lot of goodies packed into it, most notably a 128×32 LCD display. You can’t see it in the image above because it’s on the other side of the badge; the ribbon cable passes through a slit in the substrate to reach the connector on the back. The board has a mini-USB connector and is meant to get even the unseasoned novice up and running with some firmware tweaks. The Freescale processor (which is the same chip as last year’s badge) is running a bootloader that can be accessed and flashed using a terminal program. Yeah… impressive.

But it doesn’t stop with the component selection or firmware mastery, these badges are beautiful too. What you see above is the prototype, but the 7780 badges produced come in seven different flavors (as usual), laser etched on a PCB that uses Aluminum as the substrate. Line up all the badges side-to-side and you get a graphic art storyboard. [Joe] outdid himself this year, and he’s been nice enough to share the development details (PDF) which we spent way too much time drooling over.

[Thanks Kim]

2010 Ninja Party Badge

July 30, 2010 by 19 Comments

Wired took a look at this year’s Ninja Party badges. We were giddy about all the goodies involved in last year’s must-have badge that served as an invitation to the party. It was tailor-made for hacking, including an on-board disassembler. This year’s details are still a bit sparse but the offering is more along the lines of a market-ready product. The badges come in hand held gaming format, with a d-pad and two buttons. They can connect wirelessly with each other and with hidden base stations, allowing participants to fight in the digital realm for LED-indicated achievements. The teaser is tantalizing and we can’t wait to hear details about the real/digital gaming adventure soon to unfold.

HOPE Badge Proximity Sensor

July 26, 2010 by 14 Comments

The HOPE conference was last weekend and [Nathan] spent some time with fellow members of Makers Local 256 developing this badge proximity sensor. They took one of the HOPE badges, which have a radio on board for the tracking network, and wrote code for its MSP430 to detect other badges nearby. It uses a Geiger counter they brought with them as an enclosure, re-purposing the analog gauge to reflect the level of active radio signals in the area. You’ll find their demo clip embedded after the break.

If you managed to get your hands on one of these badges, don’t be shy about sharing your hacks. We want to see them.

Continue reading “HOPE Badge Proximity Sensor”