Category Archives: conference

24C3: Mifare Security

Seems that I have missed one of the most interesting speeches at 24C3.
Henryk Plötz and Karsten Nohl presented the recent developments in reverse engineering the Mifare RFID card. What they basically did is polishing away the different layers of the chip in the Mifare card and then visually analyze the layers, trying to find the cryptographic relevant parts. The security of the low-end Mifare Classic cards is to be concerned as broken. “Start migrating!” 😉 This does not have an impact on the high-end Mifare DESFire card. Check out the video!

Slides 1
Slides 2

Torrent of the video recording in Matroska / Vorbis / H.264
Torrent of the video recording in MPEG-4 / AAC-LC / H.264

24C3: Bluetooth Stuff

Hi there! Greetings from 24C3, the annual hacker meeting of CCC. Some updates on Bluetooth related stuff:

Balle released a new version of bluediving, now available in version 0.9.

A funky new tool has been released at this congress: bluedrift. What driftnet is for ethernet, bluedrift is for Bluetooth. Using a special Bluetooth dongle which is capable of being flashed, you are now able to automatically sniff Bluetooth traffic and extract OBEX data, e.g. electronic vcards or pictures, from your sniff.

Another project I didn’t know before is the Wave Bubble by ladyada: “A design for a self-tuning portable RF jammer”

Best cite of the congress: “MIT doesn’t teach you how to fuck GSM-Networks” — Ladyada