3.6 KiB
Day 2
Lightning Talks
Libre Silicon
Project to empower people to make microchips in their basement.
Open source license for chip designs.
MPW ... Multi-project wafer service
Smart contracts to reward IP developers.
Rent cleanroom in Hongkong university.
qtflow toolchain
Known beacons
- Stayed at hotel
- chromecast
- fon network
- congress network
Then maybe vulnerable to known beacon attack.
Beacon spoofing of known public networks.
Wifiphisher community builds dictionary.
Auto-connect flag.
Diff to KARMA attack
KARMA abuses active scanning. This abuses auto-connect.
Windows not vulvnerable.
Will be included in wifiphisher 1.4.
Color based network analysis
- Networks based on standards
- Faster do see picture, than read text
- Grafical visualisation of network data
- Structures and patterns show up
- goNetViz
Genossenschaften
Fuer nebeneinkommen.
Geplant fuer etwa 100 Leute.
Viele Leute die gemeinsam Grundkapital zahlen
Bei Kleinbetraegen kommen wohl um die 20% admin kosten.
100 Leute, 100 euro Grundkapital pro.
50k jahresumsatz.
Hacker Eg auf media.ccc.de
Radio badge talk
qspectrumanalyzer
rad1o/f1rmware opera-merge
Piano hacking
14 USB Kernel Exploits last year.
Blinkenrocket!
Soldering kit
https://github.com/blinkenrocket
- target audience: children,adults
- cheap
- through hole parts
Hardware
- Dotmatrix
- Atmel Attiny88 MCU
- 64k eeprom
- Some smd components
Open firmware, hardware, manual.
- C++ firmware
- react web editor
1000 Blinkenrockets in mid 2016 funded by Ccc/Chaos macht Schule.
Good va bad signals
Square waves for data transmission. Didnt work with all computers.
Signal drifting.
Data transmission over soundcard. Some soundcards arent good with square signals. Web browser sound api not that great. Signal hets distorted.
- Solution: ADC edge detection, better
- Solution: Frequency shit key
Sine waves for transmission. More reliable but slower.
Hardware improvements
Battery holder. Battery can be inserted the wrong way.
- ++ Better battery holder
Square dotmatrix module.
- Square dots
- Difused lights
Revised pcb design.
Pre-populated version for some users.
How to manufacture >= 1000 boards
- First batch
Everything by hand.
Manual labeling.
- Production enhancements
Maybe more expensive.
Preprogrammed MCUs.
Color coded SMD parts.
New package design.
- The Zerhacker
Console Security - Switch
Open browser via link in tetris.
Tegra x1
Custome microkernel Horizon.
Drivers im userspace Services.
This GPU abstraction layer.
ASLR.
https://github.com/switchbrew/libnx
Security Model
- Trust zone.
- Kernel
- Base Services
- Micro services/drivers
- Game
Application sandbox
Each process has virt fs. Hard to load exploit from SD card.
Reduced nbet of sys calls.
Service Sandbox
a bit more sys calls.
Base service sandbox
Webkit
Pegasus exploit with wifiwebauth.
SlabHeap
Intel ME: Myths and Reality
All Computer are beschlagnahmt
repression
G20.
Polizeibrutalitaet.
Drohender wahlverlusst gegenueber AFD.
-> Verbot von Indiemedia.
Verbot ueber Vereinsvervot.
Klage vor Bundesverwaltungsgericht.
Post-Beschlagnahmung. Email Beschlagnahmung.
Betreiber haben sich nicht dagegen gewehrt.
Razzien & Beschlagmahmungen.
Observation -> Behoerdenzeugnisse.
Spitzel.
Methoden der Repression
Standortsortung mit stiller SMS schon 2011.
2014 Kameraueberwachung.
2017 Wanze in Innenraumverkleidung.
indiemedia
OpenPosting.
linksunten
Anarchistisches Grundsatzprogramm. Anonyme Nutzer.