Tools of the KNOB Attack

This week at USENIX three researchers published information about a new attack against classic Bluetooth. Known as KNOB, the attack takes advantage of a weakness in the Bluetooth specification to force target Bluetooth connections to use 8-bit encryption keys instead of larger keys that would be resilient against brute-force attack.

This weakness in classic Bluetooth (not Bluetooth Low Energy) is a big one. I don’t recall seeing such a significant vulnerability in Basic Rate Bluetooth security since pairing was improved with the introduction of Secure Simple Pairing in Core Specification v2.1 in 2007.

One of the things that intrigued me when I heard about the KNOB attack this week was that it...

Обзор платформ поиска электронных компонентов

Итак, вы закончили разработку своей платы, и теперь пришло время приобрести компоненты, необходимые для воплощения проекта в жизнь. Как вы находите лучшие цены и проверяете наличие у поставщика на складе? Раньше я делал это трудным путем — посещая веб-сайт либо обзванивая каждого поставщика, записывая все цены. Список поставщиков выглядел примерно так:
Но навигация по сайту некоторых из поставщиков немного похожа на прохождение лабиринта, а многие и вовсе не предоставляют никакой информации. Есть ссылка на прайс, который обновлен в 2010 году, в котором тьма всевозможных наименований компонентов с примечаем “цену и наличие уточняйте”.
А потом я наткнулся на поисковые системы, специально предназначенные для...

August Update: London Meetup, PineTab News, SOEdge and More!

PineTab development prototype July has been a busy month for all members of the PINE64 project. Between the updates to various systems, preparation of Pinebook Pro pre-orders and the subsequent launch, shipping of PineTab development kits as well as production of the PinePhone prototype, there has been little to no downtime.

Самодельная лазерная установка на парах меди “Lightsaber” – часть 3, заключительная

Я решил составить краткую шуточную инструкцию для начинающих некромантов, которые захотят поднимать из мертвых лазеры на парах меди. Виктор Франкенштейн «вдыхал жизнь» в мертвецов, а мы проделаем то же самое с мертвой лазерной трубкой.
Читать дальше →

An Introspective on Modern Capitalism

It has been about 5 years since I moved to northern California in search of more opportunity than what I felt could be had in New York. It’s...

July Update: All about the Pinebook Pro

As I’ve mentioned in last month’s update post, the PinePhone prototypes are currently being manufactured (due in August) and the PineTab dev kits are rolling off the factory line to be shipped out to developers.

Reverse Engineering Black Box Systems with GreatFET, Troopers 2018

https://archive.org/embed/reverse-engineering-black-box-systems-with-greatfet-troopers-2018

In this presentation at Troopers 2018, Kate Temkin and Dominic Spill used GreatFET One and the Facedancer software framework to demonstrate techniques for reverse engineering embedded USB hosts.

It is often fairly simple to set up an environment for reversing a USB device; you just plug it into a host that you control. Then you can manipulate software on the host to test or monitor USB communications between the host and device. Even if the host operating system doesn’t provide a way for you to monitor USB (hint: it probably does), you can run it inside a virtual machine...

Making USB Accessible, Teardown 2019

https://archive.org/embed/making-usb-accessible-teardown-2019

On Sunday, Kate Temkin and Mikaela Szekely presented Making USB Accessible: Developing Ultra-low-cost, Open USB Tools at Teardown 2019 in Portland. In this well-received talk, they debuted ViewSB, a USB analyzer that supports various capture backends including GreatFET, OpenVizsla, and usbmon.

In the days leading up to the talk, Kate went on a tear, developing ViewSB to complement the hardware solutions for USB capture that she and Mikaela had been working on. I asked, “Why do we need ViewSB when we already have tools such as PulseView and Wireshark?”

Her answer was that the existing open source software tools for...

GreatFET on Hak5

https://www.youtube-nocookie.com/embed/gOPF0Abm7T0

I recently sat down with Darren Kitchen to record a couple Hak5 episodes. First we introduced GreatFET One to his viewers and demonstrated using its Facedancer capability to emulate a USB device. Then we did some infrared hacking with Gladiolus, a prototype GreatFET neighbor we plan to release later this year. Thanks for having me on the show, Darren!

Free Stuff, April 2019

More students! The TARDIS Team from Sapienza University of Rome, Italy was selected for the [REXUS/BEXUS] (http://rexusbexus.net/) program. The German Aerospace Center (DLR) and the Swedish National Space Agency (SNSA), in collaboration with the European Space Agency (ESA), jointly allow students from universities and higher education colleges across Europe to carry out scientific and technological experiments on research rockets and balloons.

Their experiment, named TARDIS (Tracking and Attitude Radio-based Determination in Stratosphere), will be launched on a balloon in October from Kiruna (Sweden), reaching 30 km of altitude. The experiment’s main objectives are to determine the position and the attitude of...