It turns out this started off when the speaker was having a conversation with Moxie Marlinspike, who happened to tell him the NFC stack was poorly designed, and so this is what got Charlie interested in the subject, but anyway, back to the presentation. Charlie actually did this talk at blackhat as well, so as of the time of writing the slides can be found here.
Ok now this is the kind of talk I wanted to see while at defcon.
#DEFCON VEGAS BLUETOOTH#
This is because as Ryan noted, it can be difficult keeping tracking of multiple bluetooth signals and a name is generally easier to keep track off than a MAC address.ĭon't stand so close to me: an analysis of the NFC attack surface by Charlie Miller
He has also added some handy functionality to the library as well, the part I particularly noted liking was the fact you can get the vendor name. Basically everything that seems would be needed for integrating into debuging, auditing or exploitation. Now I haven't used the library myself, but Ryan went through a couple of demos and it generally seemed like it has at least the basic functionality that would be wanted: reading btbb packets from a pcap, seeing all the information to do with the bluetooth packets, writing btbb pcap files, and streaming btbb packets. This will allow easy data analysis of btbb (bluetooth baseband) traffic, with the compatibility across hardware through using pcap files, and so can be easily integrated into tools for debugging, auditing, or exploitation, whichever is your inclination. Ryan started by going over the subject, having an overview of bluetooth and the ubertooth board (further information about the ubertooth project can be found here) to interact with bluetooth and the scapy-btbb library he created with the simple goal to get bluetooth baseband traffic with python. I thought this was quite a good talk, although at the start Ryan said he had performed this at blackhat where he had more time and so had to shorten the talk for defcon, which was a shame, but the talk was still good nonetheless. Passive bluetooth monitoring in scapy by Ryan Holeman So not a great start to my defcon talks, but onto the next. In the end I thought the subject matter could have been interesting, and I think the information could be quite interesting but it just wasn't presented as an interesting subject, and seemed almost like a research talk instead of something where a tool was created. I'm not sure if both or either of the speakers were first timers, but there were a few moments of stopping and staring into space as they had forgot what they were going to say, which seemed to be due to nerves. Although there was a tool introduced, very little time was actually spent on this, whereas I thought it should have been the other way around or at least near equal amounts of time. Although I first thought the idea for the talk was quite a good one, there was simply too much of going through the technical details of how GPS works, and waves and other not too interesting details. This was my first talk of the day, and as far as talks go this wasn't the best presentation I've ever seen. Making Sense of static - new tools for hacking GPS by Fergus Noble and Colin Beighley At the Rio, have my badge and amazingly despite what I've heard, there was practically no line, except to buy the official swag. The Thursday had a few events throughout, although I wasn't able to attend these so I'll start here.
#DEFCON VEGAS FULL#
This is the first post in a series which will cover defcon, the talks, the social aspect of it, and las vegas in general.Īnd although a bit belated, this post in particular is about the talks of defcon I went to on the Friday of defcon, which was the first full day.
In this episode, we connect with Wednesday, Press Department Lead for DEF CON, and Kevin, the Village Lead/Vendor Lead responsible for organizing the numerous villages and vendors that take the floor (physically and virtually) during the event.This was my first time to defcon and Las Vegas at all, and I really wanted to make as much effort to meet new folks, see as much of defcon as possible and see as many great talks as possible. It's become a tradition to connect with the organizers of the events we cover to get their insight behind the theme, the topics, and other important points attendees need to know before they go.
"Signals From The Villages" is the ITSPmagazine theme for our Coverage Conversations at this year's DEF CON. DEF CON will not be a “normal” con, but more like DEF CON “Different.” DEF CON 29 will be a hybrid conference, partially in-person, and partially online. Can't Stop The Signal | DEF CON 29: Theme, Villages, Research, And The Hacker Community | A Conversation With "Wednesday" And "Kevin"