Collaborate Disseminate
It is absolutely no exaggeration to say that [Michael Steil] gave the Ultimate Game Boy talk at the 33rd Chaos Communication Congress back in 2016. Watch it, and if you think that there’s been a better talk since then, post up in the comments and we’ll give you the hour …read more
[LaForge] and [Holger] have been hacking around on cell phones for quite a while now, and this led to them working on the open cellphone at OpenMoko and developing the OsmocomBB GSM SDR software. Now, they are turning their sights on 3G and 4G modems, mostly because they would like to use them inside their own devices, but would also like to make them accessible to the broader hacker community. In this talk at the 33rd Chaos Communications Congress (33C3), they discuss their progress in making this darkest part of the modern smartphone useful for the rest of us.
This …read more
Certainly one of the more entertaining talks of the 33rd Chaos Communications Congress was [Kari Love]’s talk on her experiments in mixing food with function. In [Kari]’s talk at the 2016 Hackaday Supercon, she talked extensively about working on soft robotic for NASA. At the 33C3, her focus was twofold: on a fun side project to make mobile robots out of stuff that you can eat, and to examine the process of creative engineering through the lens of a project like this.
If you look up edible robotics, you get a lot of medical literature about endoscopes that you can …read more
At the 33rd annual Chaos Communications Congress, [Antonio Barresi] and [Erik Bosman] presented not one, not two, but three (3!!) great hacks that were all based on exploiting memory de-duplication in virtual machines. If you’re interested in security, you should definitely watch the talk, embedded below. And grab the slides too. (PDF)
Memory de-duplication is the forbidden fruit for large VM setups — obviously dangerous but so tempting. Imagine that you’re hosting VMs and you notice that many of the machines have the same things in memory at the same time. Maybe we’re all watching the same cat videos. They …read more
Continue reading 33C3: Memory Deduplication, the Hacker’s Friend
The Amazon Dash button is now in its second hardware revision, and in a talk at the 33rd Chaos Communications Congress, [Hunz] not only tears it apart and illuminates the differences with the first version, but he also manages to reverse engineer it enough to get his own code running. This opens up a whole raft of possibilities that go beyond the simple “intercept the IP traffic” style hacks that we’ve seen.
Just getting into the Dash is a bit of work, so buy two: one to cut apart and locate the parts that you have to avoid next time. …read more
Continue reading 33C3: Hunz Deconstructs the Amazon Dash Button
One of the standout talks at the 33rd Chaos Communications Congress concerned pseudo-random-number generators (PRNGs). [Vladimir Klebanov] (right) and [Felix Dörre] (left) provided a framework for making sure that PRNGs are doing what they should. Along the way, they discovered a flaw in Libgcrypt/GNUPG, which they got fixed. Woot.
Cryptographically secure random numbers actually matter, a lot. If you’re old enough to remember the Debian OpenSSL debacle of 2008, essentially every Internet service was backdoorable due to bad random numbers. So they matter. [Vladimir] makes the case that writing good random number generators is very, very hard. Consequently, it’s very …read more
Continue reading 33C3: How Can You Trust Your Random Numbers?
One of the standout talks at the 33rd Chaos Communications Congress concerned pseudo-random-number generators (PRNGs). [Vladimir Klebanov] (right) and [Felix Dörre] (left) provided a framework for making sure that PRNGs are doing what they should. Along the way, they discovered a flaw in Libgcrypt/GNUPG, which they got fixed. Woot.
Cryptographically secure random numbers actually matter, a lot. If you’re old enough to remember the Debian OpenSSL debacle of 2008, essentially every Internet service was backdoorable due to bad random numbers. So they matter. [Vladimir] makes the case that writing good random number generators is very, very hard. Consequently, it’s very …read more
Continue reading 33C3: How Can You Trust Your Random Numbers?
Mike Mimoso and Chris Brook discuss the news of the week, including on this week’s U.S. Senate Committee on Armed Service hearing, the Burlington Electric ‘Hack’, FireCrypt, and Security Without Borders.
Mike Mimoso and Chris Brook discuss the news of the week, including on this week’s U.S. Senate Committee on Armed Service hearing, the Burlington Electric ‘Hack’, FireCrypt, and Security Without Borders.
Security researcher and activist Claudio Guarnieri talks to Mike Mimoso about a new project announced last week at the Chaos Communication Congress called Security Without Borders. Continue reading Claudio Guarnieri on Security Without Borders
