DIY Hardware Implant talk at DEF CON time is posted

My DEF CON 22 Talk, NSA Playset: DIY WAGONBED Hardware Implant over I2C, time is now posted on the DEF CON schedule. It’s Sunday at 11:00 am in Track 1. Be sure to stay for the NSA Playset: GSM Sniffing directly following!

The NSA Playset talks have been receiving some attention in the press. You don’t want to miss them!


In this talk we present an open source hardware version of the NSA’s hardware trojan codenamed WAGONBED. From the leaked NSA ANT catalog, WAGONBED is described as a malicious hardware device that is connected to a server’s I2C bus. Other exploits, like IRONCHEF, install a software exploit that exfiltrate data to the WAGONBED device. Once implanted, the WAGONBED device is connected to a GSM module to produce the NSA’s dubbed CROSSBEAM attack.

We present CHUCKWAGON, an open source hardware device that attaches to the I2C bus. With the CHUCKWAGON adapter, we show how to attach an embedded device, like a BeagleBone, to create your own hardware implant. We show how to add a GSM module to CHUCKWAGON to provide the hardware for the CROSSBEAM exploit. We improve the WAGONBED implant concept by using a Trusted Platform Module (TPM) to protect data collection from the target. The talk will demonstrate how these features can be used for good, and evil!


When one has a serendipitous day off in NYC there are several things one might go see / do.  The views on the top of the Rock and Empire are amazing, visiting the Brooklyn Brewery is fun and eating a Belgian Waffle in Central Park while reading a book purchased from the Strand kiosk is: legen-wait-for-it-dary.  But when I discovered that HOPE#9 was this weekend, I was all in!

Hackers on Planet Earth (HOPE) has been going on since 1994 and largely supported by 2600 Magazine, which I’ve been reading more regularly since it has been published on the Kindle.  This was the first HOPE that I attended, and while I only attended 7 of the 36 possible talks (assuming one can’t be in all three rooms at once, otherwise the number of distinct talks was over 100), I am definitely going to the next HOPE!  Not the “next hope“, that was in 2010, but the next HOPE in 2014…

Not the best view in the room… but it was standing room only in the Crimeware talk.

So, first lets dispel some myths.  Hackers are actually very friendly people.  I hadn’t preregistered, so when I went to buy my passport, a friendly fellow hacker sold me an extra one for a discount.  Then, walking around the mezzanine, where the lock picking labs, soldering station, and hammocks are located, a friendly patron pointed me to the right elevator.  Throughout the conference, people in suits, goth-like clothing t-shirts and flippie-floppies all sat together and listened to a range of topics.  In fact, I think the hacker community is one of the most inclusive groups that’s around.

But, I’m not a hacker anthropologist.  So, I attended the talks below (the links jump to the HOPE#9 abstract).

  1. Smartphone Penetration Testing Framework.  This set the stage for my HOPE experience.  On the stage, Georgia challenged the audience to hack her iPhone and within minutes, her iPhone would only display a picture of a cat.  Her point, that smartphones on your company network are a big risk, was well received.
  2. Technology to Change Society
  3. Lunch.  Two Hawaiian style pieces of Pizza from a nearby slice-shop.
  4. Crimeware Tools and Techniques of 2012: Past, Present, and Future.  The inside look at black-market tools, including automated credit-card shops.  Lets just say, if you jailbreak your phone, you should be really, really sure you know where that binary came from…
  5. Keynote from William Binney.  Think WIRED’s cover story on the NSA’s Utah operation a few months ago.
  6. Hacktivism, Tools, and the Arab Spring.
  7. Destroying Evidence Before It’s Evidence.  Given by an EFF lawyer. You should really know what anticipatory obstruction of justice is (US v. Wolff).
  8. Digital Security in Health Care Institutions.  Or how it’s possible to hack an implanted insulin pump to kill somebody (and why the company hasn’t fixed it yet).
  9. Why Browser Cryptography is Bad and How We Can Make It Great. [On Saturday] Talk on encrypted group chat given by the Crypto Cat founder.
  10. Protecting Your Data from the Cops.  Given by another great EFF lawyer. Among other topics, she discussed the application of the 5th amendment privilege to encryption situations.
Swag from HOPE#9. Yes, that’s a GNU and technically the glass is not from HOPE, it’s from Thinkgeek, but I thought it was apropos…

As you can see, in the short time I had to attend HOPE, it was jam-packed. But the talks go each day until midnight!  I also didn’t get a chance to try the Arduino lab or some of the other interactive demos.  It sounds like HOPE#9 was going as well as the other HOPEs and if that’s the case, you can see me at the next one.  Next time, I’ll try to stay for the entire weekend.

Hacker School? Why not?!

NYC now has a hacker school.  I especially enjoyed the explanation of the school by on of the founders.  I am a fan of unconventional schooling at most levels despite that I’m enrolled in a very traditional program at the moment.  This concept is well suited towards developing software, which can be very project based and I’m sure the “formal” is limited to the herding of cats (where the cats are the developers).  Otherwise, it seems to be a very open forum.

The school appears to be free (as in beer), as their funding comes from companies looking for recruits, which based on their graduates, seems to be successful for all involved.  For those in NYC, and have the time, it seems like a great opportunity.

It reminded me of the co-working site in Philadelphia, Indy Hall.  While not a school, it is the watering-hole for independent workers in the Philly area (again, mostly software developers).  Any such gathering of this archetype is bound to spin-off creative ideas.