Archive for the ‘Radio’ Category

DEFCON 24 updates: August 11, 2016.

Thursday, August 11th, 2016

“SITCH – Inexpensive, Coordinated GSM Anomaly Detection” doesn’t just have slides up. Or a whitepaper.

It has an entire freaking website. Which does include, yes, slides and whitepaper. (Thanks to SecBarbie on Twitter for this.)

Slides for the Tamas Szakaly “Help, I’ve got ANTs!!!” talk are here. And his GitHub repo is here.

Good stuff is going up on the Black Hat 2016 briefings site, too. I haven’t had a chance to go through all of the abstracts yet, but my current favorite is: “Does Dropping USB Drives In Parking Lots And Other Places Really Work?”. Slides here, code here, blog post here, no spoilers here.

More on Blue Hydra.

Sunday, August 7th, 2016

Earlier, I wrote “It runs! It works! Mostly. Kind of.”

I’ve been banging on Blue Hydra in my spare time since Thursday, and I stand by that statement. Here’s what I’ve run into so far.

The README is pretty clear, and I didn’t have any problems installing the required packages. (I don’t have an Ubertooth, so I skipped that one. We’ll come back to the Ubertooth later.)

First problem, which was actually very tiny: I know next to nothing about Ruby, other than that cartoon foxes are somehow involved, so the phrase “With ruby installed add the bundler gem” was more like “I don’t speak your crazy moon language”. Google cleared that up pretty quickly: the magic words are gem install bundler.

Next problem: running bundle install resulted in an error stating that it couldn’t find the Ruby header files. It turns out that, while my Ubuntu installation had Ruby 2.1 installed, it didn’t have the ruby-dev package installed. sudo apt-get install ruby-dev fixed that issue.

Next problem: the SQLIte Ruby gem failed to install when I ran bundle install. It turns out that I also needed the sqlite3-dev package as well. And with that installed, the bundle built, and I could do ./bin/blue_hydra.

Which gave an error stating that it didn’t have permissions to open a handle for write. Okay, let’s try sudo ./bin/blue_hydra (because I always run code from strangers as root on my machine; everyone knows strangers have the best candy). And that actually worked: Blue Hydra launched and ran just fine. In fairness, this may be a configuration issue on my machine, and not an issue with the software itself.

In playing with it, I’ve found that it does what it claims to do. Sort of. It’s been able to detect devices in my small lab environment with Bluetooth discovery turned off, which is impressive. I also like the fact that it stores data into an SQLite database; other Bluetooth scanning tools I’ve played with didn’t do that.

However, it seems to take a while to detect my iPhone; in some instances, it doesn’t detect it at all until I go into Settings->Bluetooth. Once I’m in the Bluetooth settings, even if I don’t make a change, Blue Hydra seems to pick up the iPhone. Blue Hydra also has totally failed to detect another smart phone in my small lab environment (and I have verified that Bluetooth was both on and set to discoverable.)

Now, to be fair, there may be some other things going on:

  • I’ve also observed previously that Bluetooth under Ubuntu 15.10 didn’t work very well. At all. So at one point on Saturday, just for giggles, I upgraded Project e to Ubuntu 16.01.1 LTS. And shockingly (at least for me) Bluetooth works much much better. As in, I can actually pair my phone with Ubuntu and do other Bluetooth related stuff that didn’t work with 15.10. That seems to have mitigated the discovery issues I was seeing with Blue Hydra a little, but not as much as I would have liked. (Edited to add 8/8: Forgot to mention: after I upgraded, I did have to rerun bundle install to get Blue Hydra working again. But the second time, it ran without incident or error, and Blue Hydra worked immediately aftewards (though it still required root).)
  • I was using the Asus built-in Bluetooth adapter in my testing. Also just for giggles, I switched Blue Hydra to use an external USB adapter as well. That didn’t seem to make a difference.
  • In fairness, Blue Hydra may be designed to work best with an Ubertooth One. The temptation is great to pick one of those up. It is also tempting to pick up a BCM20702A0 based external adapter (like this one) partly to see if that works better, partly because I don’t have a Bluetooth LE compatible adapter (and this one is cheap) and partly because the Bluetooth lock stuff is based on that adapter. (Edited to add 8/8: I’m also tempted by this Sena UD100 adapter. It is a little more expensive, but also high power and has a SMA antenna connector. That could be useful.)
  • It may also be that I have an unreasonable expectation. Project e is seven years old at this point, and, while it still runs Ubuntu reasonably well, I do feel some slowness. Also, I think the battery life is slipping, and I’m not sure if replacements are available. I’ve been thinking off and on about replacing it with something gently used from Discount Electronics: something like a Core i5 or Core i7 machine with USB3 and a GPU that will work with hashcat. Maybe. We’ll see. Point is, some of my issues may just be “limits of old hardware” rather than bugs.
  • And who knows? There may very well be some bugs that get fixed after DEFCON.

tl, dr: Blue Hydra is nice, but I’m not yet convinced it is the second coming of Christ that I’ve been waiting for.

DEFCON 24: August 7, 2016 updates.

Sunday, August 7th, 2016

The presentations on the conference CD are here, if you’re looking for something specific that I didn’t mention. I’m still going to try to provide links to individual presenters and their sites, simply because I believe those are the most recent and best updated ones. Just to be clear, I’m not trying to rip off anyone else’s work, which is why I link directly. I want to provide myself (and possibly other interested folks) with one-stop shopping for the latest versions of the things I’m most interested in.

This takes us into today. I’ve been at this for about an hour and a half now. I’m not proud. Or tired. But I do have some other things I want to do, and I think it is a bit early to expect Sunday presentations to be up. I’ll end this one for now, and see if I can do another update tomorrow. Also, I want to do a further write-up on Blue Hydra, possibly tonight, maybe tomorrow as well.
If you are a presenter who’d like to provide a link to your talk (even if it is one I didn’t specifically call out) or you have other comments or questions, please feel free to comment here or send an email to stainles [at]

DEFCON 24 notes: Hail Hydra!

Thursday, August 4th, 2016

GitHub repository for Blue Hydra.

I’m jumping the gun a little, as the presentation is still a few hours away, but I wanted to bookmark this for personal reference as well as the enjoyment and edification of my readers.

Edited to add: quick update. Holy jumping mother o’ God in a side-car with chocolate jimmies and a lobster bib! It runs! It works! Mostly. Kind of.

If I get a chance, I’ll try to write up the steps I had to follow tomorrow. Yes, this blog is my personal Wiki: also, while the instructions in the README are actually pretty good, I ran into a few dependency issues that were not mentioned, but are documented on Stack Overflow.

DEFCON 24: 0-day notes.

Wednesday, August 3rd, 2016

Another year observing DEFCON remotely. Maybe next year, if I get lucky, or the year after that.

The schedule is here. If I were going, what would I go to? What gets me excited? What do I think you should look for if you are lucky enough to go?

(As a side note, one of my cow-orkers was lucky enough to get a company paid trip to Black Hat this year. I’m hoping he’ll let me make archival copies of the handouts.)


Obit watch: May 23, 2016.

Monday, May 23rd, 2016

The WP has a nice tribute to Nick Menza, former drummer of Megadeth, who died Saturday.

In 2007, he nearly lost his arm in a power saw accident. He required reconstructive surgery, and metal plates were inserted in his arm, according to Blabbermouth. Six years later, he auctioned off the bloodstained circular saw blade, which was placed in museum-quality glass with an x-ray of his mutilated arm, Loudwire reported.

You know, I bet we could get DNA off of that saw blade…

Also among the dead: Bill Herz, the last surviving crew member of Orson Welles’s “War of the Worlds” broadcast.

Obit watch: May 15, 2016.

Sunday, May 15th, 2016

Katherine Dunn followups: A/V Club. NYT.

Harlan Ellison, the science fiction author and screenwriter, hailed it as “transformative.”

Julius La Rosa, who was a noted singer of the 1950s, but is perhaps most famous for being fired on the air by Arthur Godfrey.

On Oct. 19, 1953 — 23 months after Mr. La Rosa’s debut — Mr. Godfrey retaliated in a morning segment heard only on the radio. Mr. La Rosa had just finished singing “Manhattan” when Mr. Godfrey delivered the sentence in his solemn foghorn voice.
“That was Julie’s swan song,” he said.

The dismissal stunned Mr. La Rosa and the Godfrey audiences, whose reaction was largely negative. Most media critics also chastised Mr. Godfrey, whose avuncular image began to crumble.

New toy! New project!

Saturday, April 9th, 2016

I was out and about earlier today with my mom and my nephew: we stopped by Hobby Lobby because I was looking for something. I’ll be posting about that something later on, but while we were there, I found one of these and ended up getting a screaming deal on it with the 40% off coupon.

Which is great, but that looks like a manual control box, right? How do you control it with a PC? Lots of soldering and a custom circuit board?

Ah. Nope. They have a USB device interface for the OWI-535. Isn’t that nifty?

But wait! The included software only runs on a PC! How do you control it with a Mac, or a LINUX system?

Surprise! People have reverse-engineered the control protocol! For example, this guy! (I love that blog title, by the way.) It looks like most of the other control examples I’ve found all loop back to Vadim Zaliva’s work documenting the protocol for the OWI-535. (He’s also documented the control protocol for the OWI-007 here.)

And look! Here’s control code in Python. running on a Raspberry Pi! Isn’t that a clever cleaver!

We’ll see if I can get the arm together and working without breaking it. Bad news: I don’t have that much mechanical aptitude. Good news: they claim all you need is needle-nosed pliers, diagonal cutters, and a Phillips screwdriver. No soldering required, which is good. I could probably solder my way out of a paper bag if someone held a gun to my head, but I’ve never been what you could call “good”, or even “competent” at it…

(As a side note, I’ve been trying to get back to “Talkin’ GPS Blues“. Unfortunately, I also decided to upgrade Project e to Ubuntu 15.10…and Bluetooth apparently doesn’t work well on 15.10, at least as of when I completed the upgrade. So once I get Bluetooth working again, and have some more time, I intend to revisit GPS, this time with some skanky Perl, Python, and possibly even Java code. We’ll see.)

Obit watch: February 3, 2016.

Wednesday, February 3rd, 2016

Bob Elliott, of Bob and Ray fame. NYT. A/V Club.

Bob & Ray Present the CBS Radio Network.

And now I really want the DVDs of Get A Life, a show I personally have fond memories of.

Obit watch: January 17, 2016.

Sunday, January 17th, 2016

Catching up on a few from the past couple of days.

Dan “Grizzly Adams” Haggerty, for the record. NYT. A/V Club.

Both of the times Mike the Musicologist and I have gone up to Tulsa, Haggerty was a “special guest”. I thought about getting an autograph and maybe even a photo with him – if nothing else, as a present for my brother – but somehow, in all our wanderings around the show (and remember, it is a huge show) we never made it past where he and the other guests were sitting. I kind of regret that now…

Noted Austin public radio personality Paul Ray died on Friday. Statesman. KUTX.

A few random things I found interesting.

Monday, September 14th, 2015

Some by way of the Hacker News Twitter, others from elsewhere.

Nice appreciation of Elmore Leonard from The New York Review of Books.

Brian Krebs goes to Mexico in search of Bluetooth ATM skimmers, part 1.

Fun with software defined radio, or scanners live in vain.

NFL loser update resumes tomorrow.

DEFCON 23 notes: August 12, 2015.

Wednesday, August 12th, 2015

More slides! More stuff!