In many parts of the world, days after a good rainfall, it’s fairly common to see various species of mushrooms popping up out of the ground. These mysterious organisms aren’t the whole story, though. The living being is a vast network of hidden fibers, called mycelium, spreading through the ground and into any other organic material it can colonize. Its air of mystery and its vast reach are the inspiration for entire Star Trek shows and, of course, projects like this LoRa-based mesh network called Mycelium.
Mycelium is the invention of [Catamine] and includes many novel features compared to more typical mesh networks. For one, it is intended to be used in low power applications to give users the ability to send messages over a distributed network rather than a centralized network like a cell phone service provider. For another, the messages are able to be encrypted and authenticated, which is not currently possible with other mesh networks such as APRS. The idea is that a large network of people with nothing more complicated than an ESP32, an antenna, and this software would be able to communicate securely in situations where a centralized network is not available, whether that is from something like a natural disaster or from a governmental organization disabling the Internet during a political upheval.
The mesh network is currently in active development, and while messages can not yet be sent, the network is able to recognize nodes and maintain a keybase. There are certainly plenty of instances where something like this would be useful as we’ve seen before from other (non-encrypted) LoRa-based network solutions which are built around similar principles.
Thanks to [dearuserhron] for the tip!
Small aircraft with streaming video cameras are now widely available, for better or worse. Making eyes in the sky so accessible has resulted in interesting footage that would have been prohibitively expensive to capture a few years ago, but this new creative frontier also has a dark side when used to violate privacy. Those who are covering their tracks by encrypting their video transmission should know researchers at Ben-Gurion University of the Negev demonstrated such protection can be breached.
The BGU team proved that a side-channel analysis can be done against behavior common to video compression algorithms, as certain changes in video input would result in detectable bitrate changes to the output stream. By controlling a target’s visual appearance to trigger these changes, a correlating change in bandwidth consumption would reveal the target’s presence in an encrypted video stream.
Continue reading “Watching The Watchers: Are You The Star Of An Encrypted Drone Video Stream?” →
[Tyler Spilker’s] DDD project is a Digital Dead Drop system based on Python and a Raspberry Pi as a server. It’s pretty rough around the edges at this point — which he freely admits. But we like the concept and figure it might spark an interesting conversation in the comments section.
Now by far our favorite dead drop concept is this USB drive lewdly sticking out of a brick wall. But you actually need to be on-site where this drive is mortared into the wall in order to access it. [Tyler] instead developed a webpage that gives him a text box to enter his messages. These are encrypted using key pairs and pushed to his remote RPi server. This way he can write down his thoughts knowing they’re stored securely and never in danger of being accessed from a lost or stolen cellphone.
If free thought isn’t what you’re trying to transfer from one place to another you probably want something like a Pirate Box.
A new attack on automotive keyless entry systems is making headlines and we want to know how you think it’s being done. The Today Show reports that vehicles of different makes and models are being broken into using keyless entry on the passenger’s side of the car. It sounds like thieves steal items found inside rather than the vehicles themselves which makes these crimes distinctly different from the keyless ignition thefts of a year ago.
So how are they doing this? Here are the clues: The thieves have been filmed entering only the passenger side of the car. They hold a small device in their hand to unlock the doors and disable the alarm. And there is evidence that it doesn’t work on 100% of vehicles they try. Could it be some hidden manufacturer code reset? Has an encryption algorithm been hacked to sniff the keyfob identifier at a previous time? Or do you think we’re completely off track? Let us know your opinion by leaving a comment.
Build a better lock and someone will make a tool to open it without the key. Or in this case they’ve made a tool to discover the key using a trip to through the deep freeze. The Forensic Recovery of Scrambled Telephones — or FROST — uses cold temperatures and a custom recovery image to crack Android encryption keys.
Cold boot hacks go way back. They leverage use of low temperatures to slow down the RAM in a device. In this case, the target phone must already be powered on. Booting a phone that uses the encryption offered by Android 4.0 and newer requires the owner’s pass code to decrypt the user partition. But it then remains usable until the next power cycle. By freezing the phone, then very quickly disconnecting and reconnecting the battery, researchers were able to flash their own recovery image without having the encryption key cleared from RAM. As you can see above, that recovery package can snoop for the key in several different ways.
[Damcave] decided to try out some bar code reader projects. He got his hands on a CueCat years ago. The problem is that it outputs encrypted character sets instead of a clear text string. To get around this he used his Arduino to decrypt the CueCat’s data output.
Originally you could get you hands on a CueCat for free. It was meant to work like QR codes do now — you see a bar code, you scan it to get to a web address. It never really took off but you can still get your hands on one for about twelve clams. We’ve seen projects that clip a pin on the processor to disable to encryption. But [Damcave] didn’t want to mess with the hardware. Instead he connected the Arduino via the PS/2 connector and used software to translate the data. The encryption format has long been know so it was just a matter of translating the steps into an Arduino function.
[Thice] discovered a vulnerability in encrypted portable storage a few years ago. He’s just pointing about the exploit now. He mentions that he notified manufacturers long ago and we’d guess the wait to publish is to give them a chance to patch the exploit.
He calls it the Plug-Over Attack and for those who were involved with original Xbox hacking, this technique will sound very familiar. The Xbox used hard drive keys to lock the device when not in use. When you booted up the console it checked the hardware signature to make sure it was talking to the right motherboard. But if you booted up the device, then swapped the IDE cable over to a computer without cutting the power you could access the drive without having the password.
This attack is pretty much the same thing. Plug in a drive, unlock it on the victim system the normal way, then replug into the attacking system. In the image above you can see that a USB hub will work for this, but you can also use a hacked USB cable that patches a second jack into the power rail. For some reason the encryption system isn’t able to lock itself when the USB enumerates on the new system, only when power is cycled. Some of them have a timer which watches for drive idle but that still doesn’t protect from this exploit.