cons

1386 Articles

Nixie Tube Conference Badge

April 18, 2011 by 13 Comments

troopers11_badge

Maker [Jeffrey Gough] was recently asked to construct a set of badges for the TROOPERS11 IT security conference held in Heidelberg last month. The badges were to reflect the overall theme of this year’s conference – personal progression, education, and striving to become better IT security professionals. To do this, he designed a badge that tracked a conference attendee’s participation in various activities.

The badge sports a center-mounted nixie tube that is used to show the attendee’s score. It is worn around the neck using a Cat-5 cable that acts as a LANyard as well serves as a power switch for the badge. The badge can be plugged in to a special programmer used by conference organizers, which updates the attendee’s score after completing each activity.

[Jeffrey] made sure to add all sorts of extra goodies to the badge, including a capacitive touch button that displays a secret message via the nixie, as well as plenty of hole and SMT pads so that hackers could get their game on.

Overall, the reception of the badge was extremely positive. All of the conference attendees had lots of fun exploiting the badges as well as adding components such as LEDs and speakers.

Continue reading to check out a quick demonstration video [Jeffrey] put together, highlighting the badge’s features.

Continue reading “Nixie Tube Conference Badge”

8th ACM Conference On Creativity & Cognition Call For Papers

March 6, 2011 by 2 Comments

acm_cnc2011

[Jim Davies] from the Association for Computing Machinery wrote us to let us know about a conference being hosted this fall, the 8th ACM conference on Creativity and Cognition. C&C 2011 has a lot to offer, providing an opportunity for artists, scientists, designers and educators to gather together and share their expertise via a series of group meetings, tutorials, and workshops.

We wanted to bring C&C 2001 to the attention of our readers as it is likely many of you had some level of interaction with your college or university’s local ACM chapter in the past. [Jim] wanted to point out that though the conference is slated for the first week of November, there is a deadline of April 25th for all papers and proposals. If you are interested in submitting something to the conference, it would be wise to get started soon.

The overall theme of this year’s conference is Creativity and Technology, which fits the hacking community quite well. Good luck to any of you who decide to give it a shot!

Ossmann Talks About Ubertooth At Schmoocon

February 9, 2011 by 9 Comments

[Michael Ossmann’s] talk from Schmoocon about his open source Bluetooth test tool called Ubertooth is now available to watch online. The video really fills in the gaps from the first time we looked at the project, as he covers why he took on the challenge, and what has happened since. He talks about how his work with the IM-ME helped in choosing hardware along the way, and the choices he made while developing the USB dongle. His hardware considerations included parts that didn’t require a nondisclosure agreement (keeping it open source) and that were available in single quantities so that individuals could build and populate their own boards quite easily.

We’ve embedded the talk after the break. The project is coming along great, and his Kickstart funds have almost doubled the original goal.

Continue reading “Ossmann Talks About Ubertooth At Schmoocon”

A Look Back At DefCon 18 Badges

January 7, 2011 by 7 Comments

As he does every year, [Joe Grand] gave a talk explaining the development process for Defcon 18 badges. We looked in on these when details started trickling out back in July. They feature a neat bit of tech in the form of an LCD that acts much like ePaper. It doesn’t take any electricity to hold the image, only to change the display. This is a valuable feature for a battery powered device and allowed him to get about 9 days of juice out of a CR2032. This year’s badges also used laser-etched Aluminum as a substrate.

We’ve embedded the talk after the break and found it interesting enough to watch the entire hour. If you’re more interested in the hacks that came out of the badge, we’ve put together a playlist of videos [Joe] took while at the conference.

Continue reading “A Look Back At DefCon 18 Badges”

GSM Hacking With Prepaid Phones

December 30, 2010 by 32 Comments

Want to listen in on cellphone calls or intercept test messages? Well that’s a violation of someone else’s privacy so shame on you! But there are black-hats who want to do just that and it may not be quite as difficult as you think. This article sums up a method of using prepaid cellphones and some decryption technology to quickly gain access to all the communications on a cellular handset. Slides for the talk given at the Chaos Communications Congress by [Karsten Nohl] and [Sylvain Munaut] are available now, but here’s the gist. They reflashed some cheap phones with custom firmware to gain access to all of the data coming over the network. By sending carefully crafted ghost messages the target user doesn’t get notified that a text has been received, but the phone is indeed communicating with the network. That traffic is used to sniff out a general location and eventually to grab the session key. That key can be used to siphon off all network communications and then decrypt them quickly by using a 1 TB rainbow table. Not an easy process, but it’s a much simpler method than we would have suspected.

[Thanks Rob]

PS3 Hacking Start-to-finish – CCC

December 30, 2010 by 94 Comments

Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.

We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.

Continue reading “PS3 Hacking Start-to-finish – CCC”

A Hacker’s Marginal Security Helps Return Stolen Computer

December 25, 2010 by 76 Comments

Gather round and hear the story of how a hacker outsmarts a criminal. [Zoz] was robbed and they got his desktop computer. Gone, right? Nope. Because of a peculiar combination of his computer’s configuration, and the stupidity of the criminal, he got it back. He shares the tale during his Defcon 18 talk (PDF), the video is embedded after the break.

[Zoz’s] first bit of luck came because he had set up the machine to use a dynamic DNS service, updated via a script. Since the criminal didn’t wipe the hard drive he was able to find the machine online. From there he discovered that he could SSH into it, and even use VNC to eavesdrop on the new owner. This, along with a keylogger he installed, got him all the information he needed; the guy’s name, birth date, login and password information for websites, and most importantly his street address. He passed along this juicy data to police and they managed to recover the system.

Continue reading “A Hacker’s Marginal Security Helps Return Stolen Computer”