Archive for the ‘Radio’ Category

« Older Entries

Ring ring ring, open phone.

Monday, April 29th, 2013

Great and good friend of sportsfirings.com and valued commenter lelnet left a long comment on last night’s cellphone post. Because his comment represents a lot of work and thought (and I believe in rewarding hard work) and because I’m afraid it will get lost in the shuffle, I’m promoting it to a blog post (with his permission).

You can already buy, off the shelf at Fry’s, a “phone” that does essentially what you’re talking about, using available wi-fi networks to connect with Skype and make calls through that, without any involvement of the cell providers. (Yes, I know…Skype is a proprietary protocol and would be unacceptable to Stallman. The firmware is also closed. But since it’s provably _possible_, one could do it with open standards if one saw a market.)

The problem is that it doesn’t scale well. Getting a reliable wi-fi signal is pretty easy…in the sorts of places one is likely to have access to a _wired_ phone whenever one wants one. Building a wi-fi network that covers the places one actually needs mobile connectivity from is a massively harder problem, due to the range limitations of unlicensed spectrum.

It _might_ be possible to do it using amateur frequencies, _if_ you could get regulatory approval to open those up to use by the general public. Which, of course, would involve fighting off both the whole telco industry and at least 80% of the amateur radio community. Considering that the latter group is where you’d be trying to recruit most of your network engineers from, it seems like it’d be a bad idea to begin your plan by irrevocably pissing them off, even if you magically assume that you’ll be able to out-muscle the telcos in Washington.

The last mile is a hard problem on several different dimensions, some of them physical and some of them political. But there is something you _could_ do…

Build an Android (or, if you like, Replicant) phone, pre-configured to send all its traffic through an encrypted VPN to an anonymizing end-point. Purchase connectivity for it on an existing cell carrier’s prepaid plan. Disable the cellular voice service, and have it send and receive calls exclusively through VoIP connectivity to an Asterisk or FreeSwitch server, either run by the same entity that does your anonymizer, or run yourself on a cheap colo server stuck in a rack in some country you doubt is ever going to care enough to spy on you.

Your cell provider can easily determine that Charles Udall Farley (or whatever name you gave them when you signed up…it’s prepaid, so it’s not like the name you give has to pass a credit check) pushes a lot of data around, but they’d have no way of inspecting the content. They’d have a record of Mr. Farley’s movements around their network, but no way to associate that with you, or even with the phone number you make and receive calls on. An Open Source OS on the phone addresses the “remote bugging” fears. It doesn’t depend on you personally running any software that RMS would find objectionable. And since you can make and receive calls from anywhere that you’re able to get a data signal off a cell tower, it’s still useful if your car breaks down by the side of the road, instead of just in your home and office, like a wi-fi-only device would be.

(I came up with this plan for a team of spies in a novel my wife is writing. But although to my knowledge no such phone exists today, there’s absolutely no barrier to someone building one tomorrow. And both the technologies and the services required to support the back-end of it are already available for purchase in the real world right now, at prices comparable to or better than what people who already had cell phones in the mid-90s were paying for service then.)

The only thing I’d add to this is that I, personally, have no interest in pissing off the amateur radio operators out there; both because it is not good strategy, as lelnet notes, and because I happen to be one myself. (KF5BFL, in case anyone was wondering, but don’t look for me; I don’t have any transmitting equipment at the moment.)

Posted in Android, Geek, linux, Radio | 2 Comments »

We’ve got computers, we’re tapping phone lines, I know that ain’t allowed…

Sunday, April 28th, 2013

Two things collided in my head last week. After I picked up the wreckage, I thought there might be a worthy blog post in the aftermath.

(Picking up the wreckage took a while, because the week was so busy. At least nobody took part of a locomotive through the eye. Anyway, I apologize if this is old news.)

Thing one: Andrew Huang’s post on the $12 Gongkai phone (by way of LWN). It doesn’t come as any great shock to me that cellphone hardware has become cheap: at last year’s DEFCON, the Ninja Networks party invitations were fully functional cellphones. (I do not know what the Ninja Networks cost per phone was: as I recall, the Ninjas stated they got substantial financial and technical support from Qualcomm. However, the fact that the phones were cheap enough to pass out as party invites is significant in and of itself, in my ever so humble opinion.)

Thing two: Dr. Richard Stallman and his position on cell phones. I don’t want to reopen the whole debate on whether Stallman is a hypocrite for not having a cell phone but being willing to use other people’s phones. Rather, I want to ask a not-so-simple simple question: is it possible to build a phone that overcomes Stallman’s objections?

…most of them are computers with nonfree software installed. Even if they don’t allow the user to replace the software, someone else can replace it remotely. Since the software can be changed, we cannot regard it as equivalent to a circuit. A machine that allows installation of software is a computer, and computers should run free software.

Well, it looks like we can put together a cellphone computer for about $12. Maybe less. I don’t see any reason to think that someone   (more likely, a small group of someones) could put together a reference hardware spec for an open cellphone, complete with schematics, PCB layouts, and a parts list. I know I don’t have the skills or equipment to do SMD soldering, and I wouldn’t ask, say, my mother to build a phone from a kit either. But it is just as easy for me to visualize a scenario where some organization (say, the FSF) contracts with a manufacturer to build phones from the reference design, with an organizational seal of approval. They could sell the phones outright, or offer them as a premium for donations: I think I’d give at least $50 to FSF for a phone like the one Huang describes. Add WiFi, GPS, a color screen and a camera and I’d go up to $100, possibly more depending on my mood, the phase of the moon, and other factors.

But we need an operating system for our cellphone computer, right? Right. Android is open source. Note well, however, that there is a difference between “free software” and “open source software”, and that these are not equivalent concepts. But it seems pretty easy to imagine (as long as were are imagining) a fork of Android that is truly “free” by the FSF definition. As a matter of fact, we don’t even have to imagine; while I was researching this post, I stumbled across Replicant, which is exactly that.

…tracking and surveillance devices. They all enable the phone system to record where the user goes, and many (perhaps all) can be remotely converted into listening devices.

I’ll deal with the second objection first. With a truly open source and free OS, I think you can pretty much eliminate the capacity for remote bugging. As to the first objection, I don’t see a way around that. It seems pretty clear that the phone system has to know where your phone is for you to make calls and get calls. But: if the system only stores that information for the minimum necessary length of time, and discards it after the call is completed, is that good enough for Stallman?

(Even if you’re not actively engaged in a call, I think the network still has to know what cell you’re in. But could the network only store your current cell, and not the history of cells you’ve been through?)

(From this point forward, I’m going to refer to this idea as the “open” network. Calling it the “free” network carries with it the connotation that people aren’t paying for it. I’ll come back to that.)

Okay. So we expect AT&T and Sprint and Verizon and T-Mobile and the Grace L. Ferguson Cell Phone and Storm Door Company not to store this information. Right. I’ll wait for you to finish laughing.

Done? Okay. So we not only need consumer hardware, we need an entire “open” cell phone network. Is that something that could be reasonably built? Well, we need radio spectrum. It is unlikely that the carriers will give up spectrum for an “open” network. So what do we do? Could we use amateur radio frequencies, like the 2390-2450 MHz band? Is it even possible that local amateur radio groups could set up and maintain cells in their local areas? (I don’t imagine the equipment to set up a cell is cheap, but I also don’t imagine it is beyond the reach of a group of talented amateur radio operators with a GNU software radio. And if the equipment becomes widespread, the prices should go down. I hope.)

Could you even do away completely with the cell network, and just run all the communications over IP? You’d need to be associated with an access point, but aren’t most folks near one at home or at work most of the day? Would it be possible for amateur radio operators to set up networks of access points along major urban corridors? WiFi hardware is even more of a commodity item than cell hardware, and there are protocols for linking access points together or doing mesh networks.

Someone has to pay for this, right? Right. We don’t want movements and activity tracked, but I don’t see any philosophical problem with a simple lookup based on each phone’s unique identifier. All you need is one bit to indicate the customer is paid up and entitled to use the network. As for the actual cost and billing, it seems to me that can be handled by systems outside the network. If you’re giving unlimited everything for one flat fee, you don’t need to track anything except paid or unpaid. If you want to start getting into per voice minute or per KB data charges, it seems to me that you can still track usage (minutes, KB, or texts) without tracking activity and bill based on usage. The money from service fees could, in turn, be routed to the cell providers. I’m sure we could come up with a fair way of doing this; for example, X cents per call routed through an individual cell. Busier cells get more money, which they can invest in upgrading service; more remote cells probably have lower demand, and don’t need the same capacity.

(One big problem if you’re using amateur radio frequencies: FCC regulations prohibit “communications in which the operator has a pecuniary interest, including communications on behalf of an employer“. There’s a strong tradition, in addition to the FCC regulations, against using the amateur radio bands for business purposes. One could argue that this kind of network wouldn’t be a business, though; rather, it would be a maintained as a public service, and the money that comes in would go back out to local amateur organizations to cover their cost of maintaining cells. I sort of see this in the same way as I do the repeaters maintained by some amateur radio clubs for the use of their members.)

So I said this was a not-so-simple simple question. Basically, what I don’t know about cell phones and cell technology could fill books. (Indeed, it has filled books, which are located in places called “bookstores” and “libraries”. But I digress.) I think I’ve outlined a possible path to an “open” network, but I acknowledge the limits of what I know. I would welcome criticism from people who know more than I do: those who work in the industry, computer security experts, and heck, even cyberpunk writers.

I mention cyberpunk writers for a reason. Maybe I am over-romanticizing this a bit, but I have this mental image of guys in the Sprawl with “open” cellphones spread out on blankets in the street, and gangs like the Panther Moderns using those phones. A guy can dream, can’t he?

(Subject line hattip: the greatest rock song ever, by the greatest band ever. Like you needed it anyway.)

Edited to add: I knew there was something I was forgetting. How reliable would this network be? After all, AT&T spends hundreds of millions of dollars a year on their network, where what I’m talking about here is something that is, at best, a fringe network primarily used by people highly concerned with privacy, and possibly maintained by amateurs on a spare time basis. On the other hand, AT&T spends hundreds of millions of dollars a year on their network. Enough said.

My inclination is to say that you could probably build something that’s “good enough”. You might not be able to get to the same level of service as, say, Verizon, but you could probably get to a level of service where people are willing to make the tradeoff between guaranteed privacy and a small amount of inconvenience. I think this is one place where my plan is weak.

Edited to add 2: 1500 words? I haven’t written like this since I was in college. In other words, last year.

Posted in Android, Geek, linux, Radio | 1 Comment »

When I take over and declare martial law…

Friday, April 19th, 2013

…the radio stations will be all theremin, all the time. Except when I want to provide the people with important updates on the progress of our flying monkeys.

Posted in Clippings, Music, Radio, Sarcasm | No Comments »

We’re the only ones competent enough to have radios.

Monday, February 25th, 2013

Ever since police officers started carrying radios, there have been radio related problems. One problem is “keying the microphone”: basically, pushing the talk button on the microphone and blocking other people from using the channel, or stepping on other people’s transmissions.

Sometimes this is an accident; you shift a little in the seat of your squad car and accidentally hit the button. Sometimes, though, especially in the New York Police Department, it isn’t an accident:

At least six officers have been punished since 2012 for such conduct. The department’s chief spokesman, Paul J. Browne, described one case in Brooklyn in which two officers “who keyed over their sergeant” in the last year were each docked 30 vacation days and put on disciplinary probation. “That got their attention and others’ too.”

Officers have also been known to “whistle or quack like a duck to show their disdain for whoever preceded them on the airwaves.”

The NYPD’s radios are assigned to individual officers, and transmissions can be associated with a specific radio, but this hasn’t deterred the conduct. To be fair, some of it could, possibly, maybe be user interface issues:

“I showed them my memo book,” Mr. Padilla said. “I was in traffic court. Maybe it happened while I was turning the radio off. Sometimes you press the key while turning it off.”

Mr. Padilla works in the 33rd Precinct, under Inspector Joseph Dowling.

The inspector has a reputation of being a hands-on boss who is a frequent presence on the radio, often directing resources from the streets himself.
“He comes on the radio and people start clicking,” Mr. Padilla said.

But other than open disrespect for commanding officers, does this matter? Yes, it does:

Sometimes it happens during car chases, when officers have been known to try to drown out any supervisor who might call off the pursuit after concluding it is too dangerous. A number of microphones were keyed on an April night in 2008, for instance, as police officers chased a gunman in a stolen Consolidated Edison van near Yankee Stadium, one police officer recalled.

Posted in Clippings, Cops, Law, Radio | No Comments »

More obit watch.

Tuesday, December 18th, 2012

Frank Pastore, former major-league pitcher for the Cincinnati Reds and the Minnesota Twins, later turned talk-show host in LA.

“You guys know I ride a motorcycle, right? At any moment, especially with the idiot people who cross the diamond lane into my lane, without any blinkers – not that I’m angry about it – at any minute, I could be spread all over the 210. But that’s not me, that’s my body parts. And that key distinction undergirds the entire Judeo-Christian worldview,” he said.

Mr. Pastore died as a result of injuries sustained on November 19th, when his motorcycle was struck by another car that swerved into him as he was riding in the car pool lane on the freeway.

Posted in Clippings, Obits, Radio, Safety, Sports | Comments Off

Some stuff.

Saturday, August 25th, 2012

More specifically, a random assortment of things that turned up in my Post Office box today, or that I found while I was out and about. Not that I’m bragging, but I think some folks might be entertained, amused, or interested in some of these items.

The first issue of “Infowars: The Magazine” (as Gregg Easterbrook might say, “Published on Earth: The Planet”).

I’ve got big balls. (Also acceptable: “Ah, but the strawberries. That’s where I had them.“) (Previously.)

The only political party that can actually change things this year. (Get yours here.)

Finally:


My USB TV receiver from Germany is here! (Previously.) More when and as I get a chance to dink with it.

Posted in Geek, Politics, Radio | 1 Comment »

Toys, toys, toys.

Monday, August 13th, 2012

Did you know that the promo code SUCKITGROUPON will get you 45% off your Buckyballs order from getbuckyballs.com?

I didn’t, either, until I saw it on Overlawyered. I already got my first set of Buckyballs, but I just ordered some more: this time, I got some BuckyBigs, so I can pretend to be Captain Queeg while I’m sitting at my desk.

(Note that I have no financial relationship with the BuckyBalls people; I just want the CPSC to die in a fire.)

In other news, the Germans have shipped my USB TV receiver.

Posted in Geek, Law, Politics, Radio, Stupid | 1 Comment »

August 8th updates.

Wednesday, August 8th, 2012

Longer Marvin Hamlisch: NYT, LAT.

Speaking of obits, noted astronomer and pioneer of radio telescopy, Sir Bernard Lovell, passed away on Monday.

There was an update to the Sheri Sangji story while I was on vacation that I wasn’t able to blog. Luckily, Derek Lowe was on the case. For those of you who don’t remember the story, Ms. Sangji was working with t-butyl lithium in a UCLA lab; the substance, which catches fire when exposed to air, spilled, Ms. Sangji was severely burned, and died 18 days later. The university and the primary researcher, Dr. Patrick Harran, faced felony charges.

While I was gone, the charges against the university were dropped. Apparently, UCLA made a deal with the prosecution. The charges against Dr. Harran still stand.

But then it gets weird. Dr. Harran’s defense team is trying to discredit the OSHA report on the accident, based on the accusation that the author of the report participated in a murder when he was 16 years old and failed to disclose this to his employers. I’m not sure at this point if it was actually established that the author of the report and the murderer were the same person, but the author resigned his position anyway.

This is intended to be a short update. The Derek Lowe blog entry linked above has a longer summary, including links to various other sources; I commend it to your attention.

Posted in California Über Alles, Clippings, Geek, Law, Obits, Radio | Comments Off

Hmmmmmmmm.

Friday, August 3rd, 2012

In the DEFCON 20 day 2 notes discussing the ADS-B presentation by Renderman, I alluded to some work on using USB TV tuners to pick up ADS-B broadcasts.

I did a little more research on this earlier today, just to satisfy my own curiosity.

The RTL2832U outputs 8-bit I/Q-samples, and the highest theoretically possible sample-rate is 3.2 MS/s, however, the highest sample-rate without lost samples that has been tested so far is 2.8 MS/s. The frequency range is highly dependent of the used tuner, dongles that use the Elonics E4000 offer the widest possible range (64 – 1700 MHz with a gap from approx. 1100 – 1250 MHz). When used out-of-spec, a tuning range of approx. 50 MHz – 2.2 GHz is possible (with gap). [Emphasis in the original - DB]

Holy cow! I’ve been wanting to mess with software defined radio, but the $1,500 cost for hardware is a bit discouraging. This looks like an excellent way to get started for about $20 instead. The necessary software is linked from the rtl-sdr page, and you can even get a script that will build gnuradio with the proper components.

What has been successfully tested so far is the reception of Broadcast FM and air traffic AM radio, TETRA, GMR, GSM, ADS-B and POCSAG.

Yow!

Edited to add 8/4: We are not amused. In the past two days, we have been to Fry’s. The shelves at Fry’s were almost completely stripped bare of USB TV adapters. We have also been to three different branches of Discount Electronics; none of them had any of the listed adapters. We have checked Google, and all of the adapters listed with the E4000 tuner do not appear to be available from vendors in the United States. The only adapter on rtl-sdr’s list that we were able to find was the Ezcap EZTV645 DVB-T Digital TV USB 2.0 Dongle with FM/DAB/Remote Controller which DealExtreme sells. However:

  1. There are conflicting reports as to whether this is the one rtl-sdr is talking about, and whether this one has the E4000 tuner.
  2. There are a lot of reports that DealExtreme is slow in shipping; as in, a month or longer.

I’ve ordered the Newsky TV28T that’s listed on the sysmocom site (linked from the rtl-sdr page). With shipping, it came out to 23.30 euros, or about $28.86 in dollars. That’s still well within my price range for tinkering with SDR. I’ll update when the device gets here.

In the meantime, if anyone has any GNURadio or general SDR tips, advice, or suggestions, please feel free to leave them in comments or shoot me an email. Contact addresses are in the usual place.

(And thanks, Borepatch.)

Posted in DEFCON 20, Geek, linux, project_e, Radio | 2 Comments »

DEFCON 20 updates (round 2).

Thursday, August 2nd, 2012
  • Here’s a link to the slides from Terrence Gareau’s “HF Skiddies Suck, Don’t Be One. Learn Some Basic Python” presentation. I’m not complaining, but be advised that this is a large download (620 MB ZIP file) with video and code examples. Also be advised that, based on a very brief preliminary skim of the file, there may be some NSFW material in the presentation.  (Also not a complaint, but an observation.) I’d like to thank Mr. Gareau for making this available: his presentation is the only one in the “DEFCON 101″ track that I’ve found so far.
  • Added a link to Renderman‘s presentation on ADS-B hacking, “Hacker + Airplanes = No Good Can Come Of This” to the day 2 notes.
  • Josh Brashars (who is a heck of a nice guy) and I have exchanged emails, and he’s graciously allowed me to temporarily host the version of his “Exploit Archaeology: Raiders of the Lost Payphones” presentation from the DEFCON 20 DVD. Of course, iDisk no longer exists (NOT that I’m BITTER or anything) and WCD’s hosting provider/WordPress implementation has a 10 MB file size limit, so I’m using Dropbox to host this file. Let me know if it doesn’t work.

Posted in DEFCON 20, Geek, Planes, Python, Radio | Comments Off

DEFCON 20 notes: day 3, part 1.

Monday, July 30th, 2012

The secret word for the day, boys and girls, is “routers”.

But first, a couple of pictures for my great and good friend Borepatch:

The Matt Blaze Security Bingo Card. (I hope folks can read it: I took that with a cell phone camera from the front row, so I didn’t have a great angle on it.)

And:

A gentleman in the hallway was kind enough to let me take a photo of his DEFCON Shoot shirt.

Speaking of Matt Blaze…

“SIGINT and Traffic Analysis for the Rest of Us” presented by Matt Blaze and Sandy Clark, and crediting a host of other folks.

For the past few years, Blaze and company have been working on APCO Project 25, or P25 for short. P25 is planned to be the next generation of public safety radio, and is intended to be a “drop-in” replacement for analog FM systems. Cryptographic security is built into P25: it uses symmetric algorithms and supports standard cryptographic protocols. All of this sounds great.

But there are a whole bunch of problems with this.

Encryption in P25 doesn’t work very well a significant portion of the time. There are user interface issues; on some radios, the “crypto” switch is in an obscure location, and the display doesn’t make it clear if encryption is on or off. Keys can’t be changed in the field; changing keys requires loading the radio in advance using a special device, or sending keys over the air (“Over The Air Rekeying”, or “OTAR”, which sometimes doesn’t work).

One important point is that the “sender” makes all the decisions: whether the traffic is encrypted, what encryption mode is used, what key is used, etc. The “receiver” doesn’t get to decide anything. If the “sender” sends in cleartext, either deliberately or by mistake, the “receiver” decodes it, automatically and transparently to the user. If the “sender” sends an encrypted message, the “receiver” first checks to make sure it has the proper key, then either decrypts the message or ignores it (if the “receiver” doesn’t have the key).

I feel like I am cheating a little here, but even Matt Blaze at this point in his talk recommended going and reading the group’s paper from last year, “Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System” for additional background.

But wait, there’s more! We have encryption, but do we have authentication? Do we know that the radios on our network are actually valid radios? Heck no! The radios transmit a “Unit ID” which is not authenticated, and which is never encrypted, even if the radio has encryption turned on. Just knowing the unit IDs lets you do some interesting stuff: you could, for example, set up two radios, do some direction finding on the received signals with the user IDs, and build a map of where the users are.

Even better: if you send a malformed OTAR request, the radios treat it like a UNIX “ping” and respond back with their Unit ID, even if they’re idle, and without the user ever knowing.

More: P25 uses aggressive error correction. But there’s a hole in the scheme; you can jam what’s called the “NID”, which is part of the P25 transmission, and render the transmissions unreadable. The Blaze group actually built a working jammer by flashing custom firmware onto the “GirlTech IM-Me”. (That was the cheapest way to get the TI radio chip they wanted to use.) You could use this to jam the NID in encrypted P25 traffic only, thus forcing cleartext on the users…

And even more: the basic problem with P25 and cryptographic security is usability. Every time an agency rekeys, someone is without keys for a period of time. Blaze mentioned the classic paper, ““Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0″ and pointed out that many of the mistakes mentioned in that paper were repeated in designing P25.

How bad is the keying problem? Bad enough that agencies frequently transmit in cleartext, due to key management issues. (“NSA Rule Number 1: Look for cleartext.”) How frequently? Blaze and his group, for the past several years, have been running a monitoring network in several (unnamed) cites, recording cleartext P25 traffic and measuring how often this happens. About 20-30 minutes per day, by their estimate, of radio traffic is transmitted in unintended cleartext. And that traffic can contain sensitive information, like the names of informants.

Even if most of the traffic is encrypted, remember that the Unit IDs aren’t. So you’re getting some clear metadata traffic, which at the very least is useful for making inferences about what might be going on. (Zendian Problem, anyone?)

(If you’re monitoring P25 traffic, according to Blaze, the phrase you want to look for is “Okay, everyone, here’s the plan.”)

And what is the P25 community response to this? According to Blaze, the Feds have been very responsive and appreciate him pointing out the problem. The P25 standards people, on the other hand, claim Blaze is totally wrong, and that the problem is with the stupid users who can’t work crypto properly.

(This entry on Matt Blaze’s blog covers, as best I can tell, almost everything that was in his presentation. I haven’t found a copy of the actual presentation yet, but this should do to ride the river with.)

So it is getting late here, and I have to catch a plane early-ish in the morning. I think what I’m going to do is stop here for now, and try to get summaries of the three router panels up tomorrow while I’m waiting for my flight.

Posted in Cops, DEFCON 20, Geek, Guns, Law, Radio | Comments Off

DEFCON 20 notes: day 2.

Sunday, July 29th, 2012

Note: I’ve updated the day 1 notes with a couple of things I forgot to include last night.

Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2“:MS-CHAPv2 is a wildly popular authentication protocol. For example, DEFCON’s “secure” network uses MS-CHAPv2. People have been attacking CHAP for a while now, but most of the attacks are dictionary attacks, where you use asleap and throw a word list at it, hoping the user picked a weak password.

So is MS-CHAPv2 security password dependent? That’s a reasonable assumption, but not true.

If you look at the details of the MS-CHAPv2 handshake (Moxie had a good visualization, which I can’t find online or I’d link to it here) there’s only one unknown: the MD4 hash of the user’s password. Everything else is sent in the clear, or can be derived from known information.

MS-CHAP does a series of three DES encryptions on the user password. But it isn’t 3DES: it is just three DES encryptions with three keys. One of those keys is padded so it is really only two bytes, which makes it easy to crack. The other two encryptions use the same plaintext; the end result is that the complexity of cracking MS-CHAP DES reduces to about the same as normal 56-bit DES, 2 to 56th power.

Enter the folks at Pico Computing, about whom I have written before. Pico built a machine with 48 FPGA chips, each with 40 cores running at 450 MHz, to attack DES. This machine can search the whole keyspace in about 23 hours. And Pico has come up with some clever optimizations for the FPGAs: preconfiguring memory, reducing the bus down to “key found/key not found” (since searching the keyspace is linear, if you know when the bus went to “key found”, you can figure out what the key is), and possibly just using JTAG instead of a bus.

“So what,” you say. “I don’t have a single FPGA, let alone 48 of them.”

Enter chapcrack. Do a packet capture, point chapcrack at it, and chapcrack will pull out the MS-CHAP handshake, in a handy form which you can submit to…

CloudCracker.com, which now supports MS-CHAPv2 attacks. Estimated turn-around time is one day. Woo hoo woo hoo hoo.

(Edited to add: Added a link to a blog post by Moxie Marlinspike summarizing his and David Hulton’s (of Pico Computing) presentation 8/1/2012.)

“Exploit Archaeology: Raiders of the Lost Payphones”:More of a fun panel than a practical one, covering all the stuff the presenter went through to find documentation and tools for an old Elcotel payphone he was given. Among other things:

  • The upper housing lock (which covers the internal phone mechanism, including the reset to defaults button) is a relatively easy to pick 3-pin lock (with “anti-impressioning divots”).
  • The lower housing (where the money is stored) is a much harder to pick 4-pin lock. But the presenter got lucky…
  • You also need a special tool, called a T-wrench, to do certain things. The presenter was able to improvise one…

So once you’ve got a payphone, what can you do with it? You can hook it to an ATA and connect to an Asterisk system, and have some fun that way. (The presenter pointed out that by law, 911 calls are required to be free. So he had some fun connecting the payphone to his Asterisk system, and configuring it so dialing 911 on the payphone got an outside line through Asterisk.)

Anyway, it turns out that there are three ways to program/reprogram these phones: there was specialized software available (Elcotel has been out of business for years, but the presenter managed to get a copy of the software, crack it, and get it running), local telemetry (where you open up the upper housing, reset the phone, and let it guide you through voice prompts for reprogramming), or remote telemetry (the phone has a modem). VOIP, by the way, is not well suited to modems.

Some notes:

  • these phones have a default ID of 9999
  • a default password of 99999999
  • a secondary password of 88888888
  • The phone ID is generally set to the last four digits of the phone number.
  • And the passwords are frequently left at the default.

There’s some other fun stuff you can do with an old payphone. For example, the presenter managed to rig up his phone, a Pwn Plug, and some custom scripting into a system that allows you to run NNmap port scans over the phone. But I’ll leave details of that for his presentation when he puts it up.

Into the Droid: Gaining Access to Android User Data“: Excellent presentation covering some of the ways you can get user data out of an Android device, even if it is locked or encrypted. For example:

  • you can use the abootimg tool to create a custom boot image, intercept the phone’s bootloader, and force it to use your image.
  • Special USB debug cables work on some devices.
  • The salt for the lockscreen and system passwords can be pulled out of specific locations on the device and cracked with something like oclhashcat-lite. (See the presentation for specific details on where the salt and key are located.)
  • Applications with no permissions can still create a root shell and send information back to an end user (by hiding data in URL parameters, for example).
  • There’s a specific distribution, Santoku Linux, designed for mobile device forensics (both IOS and Android). This is a work in progress, per the presenter…

(While I’m at it, let me say that I’m really impressed with viaForensics, especially their presentation page. Not only did they have the DEFCON presentation up, but it looks like there’s a lot of other good stuff there as well. I’m particularly interested in “iPhone Forensics with free and/or open source tools” and the “Android Forensics Training Presentation“.)

“Off Grid Communications with Android – Meshing the Mobile World”: Solid presentation discussing the Android networking stack, hacking the stack and flipping chipsets into ad-hoc mode, and network routing algorithms. End result: the SPAN project on github, which provides open-source tools for Android mesh networks. (There’s also a paper in that repository that covers the same ground as the presentation, including sexy diagrams of the Android network stack.)

“The Safety Dance – Wardriving the Public Safety Band”:Basically: public safety providers are moving into the 4.9 GHz band. And it is possible to monitor their traffic using equipment bought for cheap off eBay, or equipment that, with the right drivers, can be tuned down to 4.9 GHz. One of the presenters has a blog entry here that covers some of what was in the presentation, and the github repository of their patched drivers, etc. can be found here.

I missed Kaminsky’s “Black Ops” presentation for reasons of the Penn and Teller theater being full, and I can’t find it online (yet). So I wandered over to Renderman’s “Hacker + Airplanes = No Good Can Come Of This” and got there a little late; late enough, as it turned out, that I missed Renderman observing that he was constantly being scheduled on panels opposite Kaminsky, and darn it, he’d really like to see a Kaminsky panel.

But I digress.

So have you ever wondered how things like PlaneFinder work? As part of the government’s efforts to bring air traffic control into the 20th Century, they’ve implemented something called ADS-B. Planes equipped with ADS-B transmitters send out data (such as their aircraft ID, altitude, GPS coordinates, bearing, and speed), which is picked up by ground stations and fed into the systems that feed PlaneFinder and other such sites. There’s two types: ADS-B Out, which is sent automatically as a broadcast, and ADS-B In, which allows planes to listen to each others ADS-B Out broadcasts, so that (in theory) they’re aware of each other without needing air traffic control.

(According to the presentation that followed Renderman, ADS-B is at about 70% penetration for commercial aircraft, and much lower for general aviation. The government’s goal is to have the majority of traffic on the system by 2020.)

When does this get interesting? Right about now. First of all, anyone can build a ground station and receive ADS-B broadcasts. Renderman has. (I understand there’s been quite a bit of work on using cheap-ass USB digital TV tuners as ADS-B receivers.) That gets you access to the flight data going over your head.

But wait, there’s more! ADS-B has no authentication and no encryption built in. That means anyone with the proper equipment (a radio that transmits at 1090 MHz) can spoof ADS-B broadcasts.

Remember the part above about how planes could use ADS-B to keep track of each others positions,  bypassing ATC? Have you booked your Amtrak ticket yet?

As ADS-B usage grows, attacks are likely to become more disruptive. What happens if someone starts jamming ADS-B signals? Or inserting fake flight data? Or has the same fake plane in two places at once? The official response, according to Renderman, boils down to “trust us”. “Us” being the same folks who brought you Operation Fast and Furious. Pull the other one, guys; it has bells on.

Edited to add: Link to Renderman’s slides for this presentation added 8/1/2012.

“Busting the BARR: Tracking ‘Untrackable’ Private Aircraft for Fun & Profit”: A semi-related panel to Renderman’s. So how does PlaneFinder get the data that comes from ADS-B broadcasts? The FAA has a feed (called ASDI: Aircraft Situation Display to Industry); they’ll send you the data in XML format, and you can parse it and display it and hug it and squeeze it and call it George, if you want.

However, the FAA also has something called the “Block Aircraft Registration Request”. If you’re someone who doesn’t want their flight information made public, you can put your aircraft on the BARR list. This doesn’t strip your data out of the ASDI feed; that’s still there, but sites that use ASDI (like FlightAware) can’t display information for flights on the BARR. (If you want to subscribe to the ASDI feed, write an XML parser, and be notified every time Jay Z’s plane takes off and lands, more power to you. You just can’t share that information with others.)

So how did the presenters work around that? Their project basically comes down to:

  1. Monitoring LiveATC.net and downloading ATC communications.
  2. Using speech recognition to pull out flight information (such as tail numbers of planes).
  3. Profit. Or in this case, OpenBARR.net, which is still in testing.

That was enough excitement for one day. I seriously thought about entering the DEFCON Beard Competition, but I couldn’t tell if there was a cash prize and I don’t want the IOC revoking my status as an amateur.

Posted in Android, DEFCON 20, Geek, Planes, Radio | 5 Comments »

« Older Entries