25C3: Nothing to hide 25th Chaos Communication Congress December 27th to 30th, 2008 bcc Berliner Congress Center, Berlin, Germany
This year, I was for third time at Berlin for Chaos Communication Congress and concluded that predictions for 2009 and beyond shouldn't be based on magic ball - you can just extrapolate from things that was presented at 25C3. So, I borrowed William Gibson's quote for title of this post.
Digital hacking
PowerLineCommunications
(PLC, or ethernet-over-powerlines) is really coming. There are devices available in MediaMart and/or Saturn, and IEEE is in process of standardization. Face it: we are moving towards world in which we will have just one cable between device and wall for both power and ethernet (up to 200Mb/s).
FAIFA: A first open source PLC tool is good introduction to field and example of tool to see parts of network.
Chip Reverse Engineering is easier than ever. If you are designing hardware system and depend on security through obscurity (hope that nobody will be able to read your chip design) this is just no longer truth. We know that from last year's 25C3 Mifare presentation, but this year we saw that it's getting so easy that you really have to have enough silicon to provide real security.
Watch Chip Reverse Engineering for overview of tools which we have available today.
RF fingerprinting enables us to detect hardware differences between devices which is result of small imperfections in manufacturing which enables us to identify devices from same manufacturing run.
Watch RF fingerprinting of RFID to find out how that works for 802.11 devices and RFID passports.
While we are on security topics, it seems that php is getting taint support if only for security analysys. Vulnerability discovery in encrypted closed source PHP applications provides fascinating step-by-step introduction into php reverse engineering from php opcodes back to source code. I can't wait for release of tools mentioned in talk!
Hacking telecommunications
Although I'm not really interested in hacking of iPhone (because I don't believe in closed devices) it was interesting that only single weak link in security (even before boot loader) can bring whole system down.
Hacking the iPhone explains how they did it, and interesting part is that they have some knowledge of broadband part (needed to implement sim unlock) which might be also useful for other devices.
Anatomy of smartphone hardware is great introduction into smart phone class devices.
Harald Welte who did this lecture and who we know from iptables, Openmoko and Sputnik is now moving to Running his own GSM network by attaching Siemens BS-11 microBTS (base transciver station, that park on telco poole) to Linux using A-bis telco protocol.
Running your own GSM network and presentation files are essential material to understand why it's bad idea to forget that device needs to (cryptographically secure) verify is it connecting to right network. If you put all your intelligence and trust in network itself, you will get 3000+ pages of documentation but not security.
DECT network and phones are designed after GSM, and they can check for validity of network. Unfortunately, with cheap 23 EUR card, you can be your own base station and ask phone to ignore encryption if you want to. This involved reverse engineering chip's encryption (I told you it's easy tease days) and writing linux driver for PCMCIA card, Hardware part of lecture is in german, but slides are in english, and even without that part it's really interesting.
Advanced memory forensics: The Cold Boot Attacks provided overview of technique and special attention to crypto keys recovery from partially decayed memory. video
Console Hacking 2008: Wii Fail once more reinforced my feeling that you can't really design completely secure system.
video
On the other hand, I really liked idea that Play Station 3 is only console which hasn't been hacked just because it can run Linux natively. As we all know from MD5 considered harmful today where researchers created MD5 collision for CA which got enough mention already.
coreboot: Beyond The Final Frontier is nice introduction to free bios replacement which includes utility to flash bios on most motherboards under linux called Flashrom which I must give a try. video
Scalable Swarm Robotics sometimes it really important to make real robots to test in real world. video
State of the world
One of benefits of CCC is that you can also hear a lot of topics unrelated to digital hacking.
Climate Change - State of the Science which provides great overview and points to possible solutions giving us at least some hope.
I bet you didn't know that half of people in Berlin doesn't own car...
Since there isn't official recording of lecture, I'm providing mirror of Climate Change - State of the Science stream dump for future reference.
Flying for free introduced me to wonderful world of gliders which reminded me a lot to boat sailing but in 3D.
Mirror of stream dump from Flying for free will introduce you to bits of magic that birds knew all along...
Not Soy Fast: Genetically Modified, Resource Greedy, and coming to a Supermarket Near You explains a lot about soy that we or our animals eat. video
Life is a Holodeck! is one of rear lectures that I would really like to see myself because streams of holograms can't bring you real 3D feeling...
Although presenter HoloClaus is somewhat stiff at beginning it is nice overview of technologies used and current state of art which involves computer rendering of 3D objects in full color with resolution of 500 lines per millimeter. Of course, you can also make holograms from real objects if you want to have 2 tons heavy stand for it, special laboratory and SOP which includes:
- put object on 2T stand
- go to coffee for 20 minutes so it can sattle
- press button to take H1 hologram
Back to somewhat computer related topic, All your base(s) are belong to us provided me with update on current state of the art in DNA sequencers. video
Wikileaks is archival side for whistleblowers. video
See you at CCC next year?
All in all it was well spend time (and much more interesting that OSCON 2008, at least for me. Conference was very crowded, and I ended up listening to all lectures over stream and/or recording. However, being in Berlin is unique experience, but it doesn't make sense for less than 10 days, so I won't make this mistake again (hopefully) :-)