239 lines
3.6 KiB
Markdown
239 lines
3.6 KiB
Markdown
# Day 2
|
|
|
|
## Lightning Talks
|
|
|
|
### Libre Silicon
|
|
|
|
Project to empower people to make microchips in their basement.
|
|
|
|
Open source license for chip designs.
|
|
|
|
MPW ... Multi-project wafer service
|
|
|
|
Smart contracts to reward IP developers.
|
|
|
|
Rent cleanroom in Hongkong university.
|
|
|
|
qtflow toolchain
|
|
|
|
### Known beacons
|
|
|
|
* Stayed at hotel
|
|
* chromecast
|
|
* fon network
|
|
* congress network
|
|
|
|
Then maybe vulnerable to known beacon attack.
|
|
|
|
Beacon spoofing of known public networks.
|
|
|
|
Wifiphisher community builds dictionary.
|
|
|
|
Auto-connect flag.
|
|
|
|
#### Diff to KARMA attack
|
|
|
|
KARMA abuses active scanning. This abuses auto-connect.
|
|
|
|
Windows not vulvnerable.
|
|
|
|
Will be included in wifiphisher 1.4.
|
|
|
|
### Color based network analysis
|
|
|
|
* Networks based on standards
|
|
* Faster do see picture, than read text
|
|
* Grafical visualisation of network data
|
|
* Structures and patterns show up
|
|
* [goNetViz](https://github.com/florianl/goNetViz)
|
|
|
|
### Genossenschaften
|
|
|
|
Fuer nebeneinkommen.
|
|
|
|
Geplant fuer etwa 100 Leute.
|
|
|
|
Viele Leute die gemeinsam Grundkapital zahlen
|
|
|
|
Bei Kleinbetraegen kommen wohl um die 20% admin kosten.
|
|
|
|
100 Leute, 100 euro Grundkapital pro.
|
|
|
|
50k jahresumsatz.
|
|
|
|
Hacker Eg auf media.ccc.de
|
|
|
|
### Radio badge talk
|
|
|
|
qspectrumanalyzer
|
|
|
|
rad1o/f1rmware opera-merge
|
|
|
|
### Piano hacking
|
|
|
|
14 USB Kernel Exploits last year.
|
|
|
|
http://youtu.be/WeCri7WeRDw
|
|
|
|
## Blinkenrocket!
|
|
|
|
Soldering kit
|
|
|
|
https://github.com/blinkenrocket
|
|
|
|
* target audience: children,adults
|
|
* cheap
|
|
* through hole parts
|
|
|
|
### Hardware
|
|
|
|
* Dotmatrix
|
|
* Atmel Attiny88 MCU
|
|
* 64k eeprom
|
|
* Some smd components
|
|
|
|
Open firmware, hardware, manual.
|
|
|
|
* C++ firmware
|
|
* react web editor
|
|
|
|
1000 Blinkenrockets in mid 2016 funded by Ccc/Chaos macht Schule.
|
|
|
|
#### Good va bad signals
|
|
|
|
Square waves for data transmission. Didnt work with all computers.
|
|
|
|
Signal drifting.
|
|
|
|
Data transmission over soundcard. Some soundcards arent good with square signals. Web browser sound api not that great. Signal hets distorted.
|
|
|
|
* Solution: ADC edge detection, better
|
|
* Solution: Frequency shit key
|
|
|
|
Sine waves for transmission. More reliable but slower.
|
|
|
|
### Hardware improvements
|
|
|
|
Battery holder. Battery can be inserted the wrong way.
|
|
|
|
* ++ Better battery holder
|
|
|
|
Square dotmatrix module.
|
|
|
|
* Square dots
|
|
* Difused lights
|
|
|
|
Revised pcb design.
|
|
|
|
Pre-populated version for some users.
|
|
|
|
### How to manufacture >= 1000 boards
|
|
|
|
* First batch
|
|
|
|
Everything by hand.
|
|
|
|
Manual labeling.
|
|
|
|
* Production enhancements
|
|
|
|
Maybe more expensive.
|
|
|
|
Preprogrammed MCUs.
|
|
|
|
Color coded SMD parts.
|
|
|
|
New package design.
|
|
|
|
* The *Zerhacker*
|
|
|
|
## Console Security - Switch
|
|
|
|
Open browser via link in tetris.
|
|
|
|
Tegra x1
|
|
|
|
Custome microkernel *Horizon*.
|
|
|
|
Drivers im userspace *Services*.
|
|
|
|
This GPU abstraction layer.
|
|
|
|
ASLR.
|
|
|
|
https://github.com/switchbrew/libnx
|
|
|
|
### Security Model
|
|
|
|
1. Trust zone.
|
|
2. Kernel
|
|
3. Base Services
|
|
4. Micro services/drivers
|
|
5. Game
|
|
|
|
### Application sandbox
|
|
|
|
Each process has virt fs. Hard to load exploit from SD card.
|
|
|
|
Reduced nbet of sys calls.
|
|
|
|
### Service Sandbox
|
|
|
|
a bit more sys calls.
|
|
|
|
### Base service sandbox
|
|
|
|
### Webkit
|
|
|
|
Pegasus exploit with wifiwebauth.
|
|
|
|
### SlabHeap
|
|
|
|
## Intel ME: Myths and Reality
|
|
|
|
## All Computer are beschlagnahmt
|
|
|
|
### repression
|
|
|
|
G20.
|
|
|
|
Polizeibrutalitaet.
|
|
|
|
Drohender wahlverlusst gegenueber AFD.
|
|
|
|
-> Verbot von Indiemedia.
|
|
|
|
Verbot ueber Vereinsvervot.
|
|
|
|
Klage vor Bundesverwaltungsgericht.
|
|
|
|
Post-Beschlagnahmung.
|
|
Email Beschlagnahmung.
|
|
|
|
Betreiber haben sich nicht dagegen gewehrt.
|
|
|
|
Razzien & Beschlagmahmungen.
|
|
|
|
Observation -> Behoerdenzeugnisse.
|
|
|
|
Spitzel.
|
|
|
|
#### Methoden der Repression
|
|
|
|
Standortsortung mit stiller SMS schon 2011.
|
|
|
|
2014 Kameraueberwachung.
|
|
|
|
2017 Wanze in Innenraumverkleidung.
|
|
|
|
### indiemedia
|
|
|
|
OpenPosting.
|
|
|
|
#### linksunten
|
|
|
|
Anarchistisches Grundsatzprogramm.
|
|
Anonyme Nutzer.
|
|
|
|
### tuwat
|
|
|