nsa playset bridging the airgap without radios speaker bio
play

NSA Playset: Bridging the Airgap without Radios Speaker Bio - PowerPoint PPT Presentation

Nov 14, 2022 •249 likes •736 views

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz Day job in product security Froots around with electronics The views expressed.. NOT MY EMPLOYERS! ANT Catalog ANT Catalog NSA Playset:

  1. NSA Playset: Bridging the Airgap without Radios

  2. Speaker Bio @r00tkillah Michael Leibowitz ● Day job in product security ● Froots around with electronics ● The views expressed.. NOT MY EMPLOYERS!

  3. ANT Catalog

  4. ANT Catalog

  6. NSA Playset: CHUCKWAGON

  7. Meet LoPan

  8. But what about 6LowPan?

  9. Traditional topologies don’t work

  10. LoPan devices communicate in short bursts to preserve their energy

  11. With limited range and spread

  12. How can they express themselves? ? ? ! ? ? ?

  13. How can they express themselves? ? ? ! ! ! ?

  14. With 6 Lo Pans, you need to bridge different mediums to spread ? Jack Burton?! ? ?

  15. With 6 Lo Pans, you need to bridge different ! mediums to spread ? ? ?

  16. With 6 Lo Pans, you need to bridge different mediums to spread ! ? ?

  17. With 6 Lo Pans, you need to bridge different mediums to spread ! ? ?

  18. With 6 Lo Pans, you need to bridge different mediums to spread ! ? !

  19. With 6 Lo Pans, you need to bridge different mediums to spread ! ? !

  20. With 6 Lo Pans, you need to bridge different mediums to spread ! ! !

  21. And then one Lo Pan can bridge the message to Jack ! ! Shut Up, Mr. Burton !

  22. IoT: Smart Shirts

  23. Thinking Cap/Internet of Hats

  24. Radio Hostile Environments

  25. Basic Theory of Operation Hacks Victim Hacker

  26. Advanced Usage Tubes

  27. VGA Pinout

  28. What Your Mother Didn’t Tell You About VGA DDC PROM

  29. I2C SDA HOST ddc Malicious (master) prom Implant SCL (slave) (either)

  30. Basics of CIR

  31. UART

  32. CIR & UART

  33. The Zero Hour

  34. Packet Format struct __attribute__ ((__packed__)) IRFrame { uint16_t source; uint16_t destination; int type: 4; int hops: 4; uint8_t payload[BLOB_SIZE]; uint16_t crc; }

  35. Eating Garbage

  36. Meshing int hops: 4; if (!forme() && hops < 15) { hops++; send(); }

  37. Playsetable HW Platform Requirements: ● small ● cheap ● easy ● fun

  38. Playsettable SW Platform

  39. Arduino?!

  40. HW details

  41. More HW

  42. Easy to Play With

  43. Ready for Implantation

  44. faraday cage

  45. Long Distance

  46. Demo

  47. Thanks! @joefitz, @laplinker, all teh playset peeps

Recommend

Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan What is the NSA Playset? ()

Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan What is the NSA Playset? ()

Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan What is the NSA Playset? () nsaplayset.org 3D NSA Playset Price Sheet CONGAFLOCK - &lt;$1 A Retroreflector, which is a passive device that reflects differently when a

786 views • 49 slides
Full Duplex Radios Daniel J. Steffey Source Full Duplex Radios* ACM SIGCOMM 2013 Dinesh

Full Duplex Radios Daniel J. Steffey Source Full Duplex Radios* ACM SIGCOMM 2013 Dinesh

Full Duplex Radios Daniel J. Steffey Source Full Duplex Radios* ACM SIGCOMM 2013 Dinesh Bharadia Emily McMilin Sachin Katti *All source information and graphics/charts 2 Problem It is generally not possible for radios to receive and

705 views • 28 slides
COGNITIVE RADIOS WITH GENETIC ALGORITHMS: INTELLIGENT CONTROL OF SOFTWARE DEFINED RADIOS Thomas

COGNITIVE RADIOS WITH GENETIC ALGORITHMS: INTELLIGENT CONTROL OF SOFTWARE DEFINED RADIOS Thomas

COGNITIVE RADIOS WITH GENETIC ALGORITHMS: INTELLIGENT CONTROL OF SOFTWARE DEFINED RADIOS Thomas W. Rondeau, Bin Le, Christian J. Rieser, Charles W. Bostian Center for Wireless Telecommunications (CWT) Virginia Tech Blacksburg, VA, 24061 1

307 views • 20 slides
Logiciels libres et web radios Indice : cest la merde... Augier Full Mdias Inc. (

Logiciels libres et web radios Indice : cest la merde... Augier Full Mdias Inc. (

1 Enregistrement et traitement du son Logiciel Matriel 2 Automation 3 Diffusion et live Logiciels libres et web radios Indice : cest la merde... Augier Full Mdias Inc. ( www.FullMediasInc.fr ) Full Radios ( www.full-radios.fr ) 23

976 views • 56 slides
Trail Talk Presentation by Don Reeves Radios Roundtable Discussion Radios Roundtable Discussion

Trail Talk Presentation by Don Reeves Radios Roundtable Discussion Radios Roundtable Discussion

Trail Talk Presentation by Don Reeves Radios Roundtable Discussion Radios Roundtable Discussion By Don Reeves A Primer on UTV/ATV Radios An Introduction to Communication Options Don Reeves any misstatements herein are mine, and mine

703 views • 22 slides
Power Adapters Power Adapters speaker will move the wrong direction. speaker will move the wrong

Power Adapters Power Adapters speaker will move the wrong direction. speaker will move the wrong

Power Adapters 1 Power Adapters 2 Introductory Question Introductory Question If you install a pocket radios batteries If you install a pocket radios batteries backward, it wont work because its backward, it wont work because

259 views • 5 slides
Digital Radios for Field Headquarters Operations Board of Directors May 21, 2014 FHQ

Digital Radios for Field Headquarters Operations Board of Directors May 21, 2014 FHQ

I No Digital Radios for Field Headquarters Operations Board of Directors May 21, 2014 FHQ Communications 1985 Use of truck-mounted radios with antenna on administration building 2009 Use of Nextel push- to-talk phones 2012 Use

244 views • 7 slides
SDR Radios: One Hams Perspective Jon Longtin KB8LFP Overview Brief introduction of

SDR Radios: One Hams Perspective Jon Longtin KB8LFP Overview Brief introduction of

SDR Radios: One Hams Perspective Jon Longtin KB8LFP Overview Brief introduction of myself SDR radios an overview Adding an SDR to your shack Overview of SDRPlay RSP1A (my SRD radio) Capabilities and specs Software

435 views • 30 slides
MERA: WHEN SECONDS SAVE LIVES Next Gen Project Oversight Committee Monday, 03/19/2018 Puzzle

MERA: WHEN SECONDS SAVE LIVES Next Gen Project Oversight Committee Monday, 03/19/2018 Puzzle

MERA: WHEN SECONDS SAVE LIVES Next Gen Project Oversight Committee Monday, 03/19/2018 Puzzle Pieces Vehicle Installs Mobile Portable Radios Radios Gen I Program Experience Radios 3 OPTIONS Financial Equip Impacts Discount

325 views • 16 slides
Ral Torrego Ikerlan-IK4 rtorrego@ikerlan.es INDEX Introduction Software Defined Radios

Ral Torrego Ikerlan-IK4 rtorrego@ikerlan.es INDEX Introduction Software Defined Radios

OQPSK COGNITIVE MODULATOR FULLY FPGA-IMPLEMENTED VIA DYNAMIC PARTIAL RECONFIGURATION AND RAPID PROTOTYPING TOOLS Ral Torrego Ikerlan-IK4 rtorrego@ikerlan.es INDEX Introduction Software Defined Radios / Cognitive Radios Rapid

733 views • 16 slides
Full Duplex Radios Dinesh Bharadia, Emily McMilin, Sachin Katti Stanford University 8/14/13 1

Full Duplex Radios Dinesh Bharadia, Emily McMilin, Sachin Katti Stanford University 8/14/13 1

Full Duplex Radios Dinesh Bharadia, Emily McMilin, Sachin Katti Stanford University 8/14/13 1 It is generally not possible for radios to receive and transmit on the same frequency band because of the interference that results. - Andrea

984 views • 34 slides
Bridging Bridging Jean-Yves Le Boudec Fall 2009 1 1 Algorhyme I think that I shall never see

Bridging Bridging Jean-Yves Le Boudec Fall 2009 1 1 Algorhyme I think that I shall never see

COLE POLYTECHNIQUE FDRALE DE LAUSANNE Bridging Bridging Jean-Yves Le Boudec Fall 2009 1 1 Algorhyme I think that I shall never see a graph more lovely than a tree. h l l th t A tree whose crucial property is loop-free

564 views • 45 slides
THE MTP8000Ex SERIES TETRA ATEX RADIOS WORK SAFER. WORK SMARTER. WORK ANYWHERE. INSTRINSIC

THE MTP8000Ex SERIES TETRA ATEX RADIOS WORK SAFER. WORK SMARTER. WORK ANYWHERE. INSTRINSIC

THE MTP8000Ex SERIES TETRA ATEX RADIOS WORK SAFER. WORK SMARTER. WORK ANYWHERE. INSTRINSIC SAFETY HISTORY 20+ YEARS INSTRINSIC SAFETY 120,000+ RADIOS SOLD MILLIONS OF USAGE HOURS MARKET LEADING MTP850Ex ATEX MARKETS OIL &amp; GAS

467 views • 31 slides
Research on Race Bridging for 2020 Ben Bolender Assistant Division Chief Population Estimates

Research on Race Bridging for 2020 Ben Bolender Assistant Division Chief Population Estimates

Research on Race Bridging for 2020 Ben Bolender Assistant Division Chief Population Estimates and Projections Population Association of America April, 2018 1 Overview 1. Race bridging and reverse bridging 2. Bridging and imputation 3. Why

519 views • 29 slides
Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on

Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on

Bridging the Gap on Breaches: What Makes the Difference? Sponsored By: Bridging the Gap on Breaches: What Makes the Difference? Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides Recording of

423 views • 21 slides
Residential Bridging Residential Bridging (rate control; 2006Mar06) (rate control; 2006Mar06)

Residential Bridging Residential Bridging (rate control; 2006Mar06) (rate control; 2006Mar06)

Residential Bridging Residential Bridging (rate control; 2006Mar06) (rate control; 2006Mar06) Maintained by David V James IEEE 802.3 RE Study Group March 2006 1 Denver Credit is due to many others, whose reviews and comments drove this

408 views • 18 slides
Amateur Radio License Radios, Power, RFI Todays Topics Types of Modulation : Chapter 2

Amateur Radio License Radios, Power, RFI Todays Topics Types of Modulation : Chapter 2

Amateur Radio License Radios, Power, RFI Todays Topics Types of Modulation : Chapter 2 Radio Equipment : Chapter 5 Radios Digital Communications Power Supplies and Batteries RF Interference, Grounding Types of Modulation

917 views • 77 slides
A Transmit Beamforming Technique for MIMO Cognitive Radios L. Bixio , L. Ciardelli , M.

A Transmit Beamforming Technique for MIMO Cognitive Radios L. Bixio , L. Ciardelli , M.

A Transmit Beamforming Technique for MIMO Cognitive Radios A Transmit Beamforming Technique for MIMO Cognitive Radios L. Bixio , L. Ciardelli , M. Ottonello , M. Raffetto , C. S. Regazzoni , Sk. S. Alam , C. Armani

192 views • 15 slides
Immunization Delivery in Rural Communities To download today s presentation &amp; speaker

Immunization Delivery in Rural Communities To download today s presentation &amp; speaker

PHSSR Research-In-Progress Series: Bridging Health and Health Care Wednesday, July 1, 2015 12-1pm ET/ 9-10amPT The Affordable Care Act and Childhood Immunization Delivery in Rural Communities To download today s presentation &amp; speaker

676 views • 28 slides
EE107 Spring 2019 Lecture 7 Wireless Communication Embedded Networked Systems Sachin Katti

EE107 Spring 2019 Lecture 7 Wireless Communication Embedded Networked Systems Sachin Katti

EE107 Spring 2019 Lecture 7 Wireless Communication Embedded Networked Systems Sachin Katti *slides adapted from Aaron Schulmans CSE190 Wireless radios in our project Wireless radios in our project Wireless radios are used for informing a

470 views • 31 slides
Overview of Bridging Leadership Leadership for Change, Module Two, Mauritius, March 2012 (Barry

Overview of Bridging Leadership Leadership for Change, Module Two, Mauritius, March 2012 (Barry

Overview of Bridging Leadership Leadership for Change, Module Two, Mauritius, March 2012 (Barry Smith, L4C Facilitator) Bridging Leadership Bridging Leadership is a leadership style or approach to tackle complex and systemic social inequities:

531 views • 9 slides
CS 3700 Networks and Distributed Systems Bridging (From Hub to Switch by Way of Tree)

CS 3700 Networks and Distributed Systems Bridging (From Hub to Switch by Way of Tree)

CS 3700 Networks and Distributed Systems Bridging (From Hub to Switch by Way of Tree) Revised 8/19/15 Just Above the Data Link Layer 2 Bridging How do we connect LANs? Application Function: Presentation Route packets

1.44k views • 122 slides
It has been a year since the official launch of Bridging the Gaps Website Over 3,000

It has been a year since the official launch of Bridging the Gaps Website Over 3,000

Bridging the Gaps: Sustainable Urban Spaces First Year Review 9 July 2009 James Paskins Civil, Environmental and Geomatic Engineering It has been a year since the official launch of Bridging the Gaps Website Over 3,000 visits

471 views • 21 slides
CHRISTIAN RADIOS ON -AIR TONE: How A Kinder Sound Is Your Difference Maker

CHRISTIAN RADIOS ON -AIR TONE: How A Kinder Sound Is Your Difference Maker

jointhekindnesschallenge.com CHRISTIAN RADIOS ON -AIR TONE: How A Kinder Sound Is Your Difference Maker jointhekindnesschallenge.com YOU WANT TO. REACH YOUR AUDIENCE FOR JESUS ENCOURAGE AND EQUIP YOUR LISTENERS; GIVE PRACTICAL

804 views • 44 slides

More recommend