Welcome back, Michael Ossmann!
- Mike just got back from DEF CON, Bsides and Blackhat in Vegas.
- Usenix WOOT is an offensive technology with academic members.
- There was a car hacking talk based upon the Jeep Recall (by Chris Vallesec & Charlie Miller). This resulted in a recall of 2.5M vehicles.
- There was also a Tesla Hack but they pushed an Over The Air (OTA) update.
- Movies about hacking: Sneakers (the only one you need)
- Some cars have OnStar, others have Wifi.
- Mike wrote an article about the Toyota unintended acceleration. It contains links to testimony and writeups by Michael Barr.
- Reliability testing is only as good as your tests.
- The tire pressure monitoring sensor lives inside each tire and wirelessly transmits back to a receiver. It does not send any CAN bus packets.
- Dave wonders if cars will be solar flare vulnerable.
- Another new hardware conference is hardwear.io.
- Smart TVs have been proven to have multiple vulnerabilities.
- The Rad1o badge at CCC, discussed a few weeks ago, was designed by the Munich CCC group and distributed to nearly 5000 attendees of CCCamp. It was based upon the HackRF One. Cost was kept down by using chips gifted from some manufacturers.
- Nerds in tents seems to be an interesting way to do a conference. Camping saves on money, which makes the camp very affordable. They need lots of generators though.
- Other conferences coming up:
- Mike now has 9 videos up for his SDR course. He has also been teaching in person a lot.
- The HackRF2 is possibly coming out, but it’s not Mike. If he were to do a v2, he wouldn’t change radio, he’d just change micro.
- Many people use the HackRF with a BBB. Making a “cape” could be an option but it doesn’t have 1GBPS ethernet, precluding high speed streaming of data back to a network.
- The FCC put out a NPRM about their changes to the authorization process. The public comments close Sept 8.
- Mike used to work for the NTIA (other spectrum management gov’t users).
- These changes prevent users from installing programs like OpenWRT, which people want to make their devices more secure.
- You can submit your comment here. If you’re looking for a template for what to include in your letter, check out this reddit comment.
- Chip of the Week: The LPC4300 Family, a dual core Cortex M4… which happens to be in HackRF One. It has configurable state machines, which are similar to theminion cores in the OpenRISC. The chip also has a USB controller with PHY.
After the outro…
- Mike forgot to talk about the YARD Stick One, the product he is releasing next week! A prototype version was used in a DEFCON talk by Samy Kamkar about car hacking.
Thank you to joybot for the picture of the lock