tools of the nsa playset
play

Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan - PowerPoint PPT Presentation

Dec 22, 2023 •290 likes •786 views

Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan What is the NSA Playset? () nsaplayset.org 3D NSA Playset Price Sheet CONGAFLOCK - <$1 A Retroreflector, which is a passive device that reflects differently when a

  1. Tools of the NSA Playset Ruxcon 2014 Joe FitzPatrick Mike Ryan

  2. What is the NSA Playset?

  3. ()

  4. nsaplayset.org 3D

  5. NSA Playset Price Sheet CONGAFLOCK - <$1 A ‘Retroreflector’, which is a passive device that reflects differently when a monitored wire changes ()

  6. ()

  7. NSA Playset Price Sheet TWILIGHTVEGETABLE - $50 Custom Boot environment for basic GSM monitoring ● Sandisk 16G Extreme USB ● NooElec RTL-SDL dongle + antenna 3D

  8. TWILIGHTVEGETABLE 3D

  9. NSA Playset Price Sheet LEVITICUS - $50 OsmocomBB Phone for use with TWILIGHTVEGETABLE ● Motorola C139 phone ● Osmocom Cable 3D

  10. LEVITICUS 3D

  11. NSA Playset Price Sheet DRIZZLECHAIR - $100 A5/1 Rainbow Tables + Kraken for use with TWILIGHTVEGETABLE ● WD Elements 2TB USB 3.0 Hard Drive 3D

  12. DRIZZLECHAIR 3D

  13. NSA Playset Price Sheet CHUCKWAGON - $25 I2C implant ()

  14. CHUCKWAGON ()

  15. Upcoming Toys in the NSA Playset () ()

  16. NSA Playset Price Sheet FLEABRAIN - $10 USB Cable implant that can store and transmit USB data 3D

  17. 3D

  18. NSA Playset Price Sheet DUCHESSRIDE - $45 USB Implant that allows for USB middling ()

  19. DUCHESSRIDE ()

  20. Our Favorite NSA Playset Toys: ()

  21. NSA Playset Price Sheet TINYALAMO - $10 Bluetooth keystroke surveillance and injection ()

  22. TINYALAMO + PyBT ()

  23. ()

  24. TINYALAMO Demo! ()

  25. NSA Playset Price Sheet SLOTSCREAMER - $100 PCIe Attack Platform ● USB3380-AB Evaluation Board with custom firmware 3D

  26. SLOTSCREAMER Hardware http://www.hwtools.net/PLX.html

  28. Diagram: PCIe 2.1 specification

  29. NSA Playset Price Sheet HALIBUTDUGOUT - $300 PCIe Attack Platform ● SLOTSCREAMER enclosed in a Thunderbolt Enclosure 3D

  30. HALIBUTDUGOUT 3D

  31. NSA Playset Price Sheet GUPPYDUGOUT - $200 PCIe Attack Platform ● Expresscard SLOTSCREAMER in a tiny thunderbolt enclosure 3D

  32. GUPPYDUGOUT 3D

  33. SLOTSCREAMER Demo! 3D

  34. Building ALLOYVIPER 3D

  35. Building ALLOYVIPER 3D

  36. Building ALLOYVIPER 3D

  37. Building ALLOYVIPER 3D

  38. Building ALLOYVIPER 3D

  39. Building ALLOYVIPER 3D

  40. Building ALLOYVIPER 3D

  41. Building ALLOYVIPER 3D

  42. MITMing 3D

  43. NSA Playset Price Sheet ALLOYVIPER - $50 PCIe Attack Platform ● Decoy cable for use with HALIBUTDUGOUT 3D

  44. Who? Security Researchers Hardware Hackers Hardware Developers Hobbyists Other Nerds, Geeks, and Dorks* An undercover agent or two* Tinfoil hat wearers* *presumed 3(D)

  45. But Why? Intelligence agencies are not magic ()

  46. But Why? If the capability exists, designers need to know to protect against it 3D

  47. But Why? ‘Nation-state’ capabilities are out of scope. Cheap DIY hacker tools should not be. ()

  48. But Why? If any 12-year old can do it, the design flaw will be fixed 3D

  49. Questions? Mike Ryan Joe FitzPatrick @mpeg4codec @securelyfitz mikeryan@isecpartners.com joefitz@securinghardware.com https://lacklustre.net https://www.securinghardware.com 3(D)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz Day job in product security Froots around with electronics The views expressed.. NOT MY EMPLOYERS! ANT Catalog ANT Catalog NSA Playset:

736 views • 47 slides
Tools Google, et. al. Also, Ive tended to focus on Windows-based tools (with some mention

Tools Google, et. al. Also, Ive tended to focus on Windows-based tools (with some mention

Tools Here is a list of potentially useful tools and utilities with Computer Security which to fight the onslaught of viruses, worms, Trojan horses, and other malware. Dont consider it in any way a complete list! There are lots of

1.16k views • 9 slides
Understanding applications with Paraver tools@bsc.es 2018 Our Tools Since 1991 Based

Understanding applications with Paraver tools@bsc.es 2018 Our Tools Since 1991 Based

Understanding applications with Paraver tools@bsc.es 2018 Our Tools Since 1991 Based on traces Open Source http://tools.bsc.es Core tools: Paraver (paramedir) offline trace analysis Dimemas message passing

707 views • 42 slides
Sustainability Rating Tools for Existing Neighborhoods Rating tools overview 3 tools -

Sustainability Rating Tools for Existing Neighborhoods Rating tools overview 3 tools -

S ustainability R ating T ools for Existing Neighborhoods March 11, 2015 Eliot Allen, LEED AP-ND , TransformativeTools .org Sustainability Rating Tools for Existing Neighborhoods Rating tools overview 3 tools - Living Community Challenge

700 views • 30 slides
Tools integrate Tools work together Tools work together Models Specs Code Traces Profiles

Tools integrate Tools work together Tools work together Models Specs Code Traces Profiles

Programming Environments The Future of Programming Environments Past of Andreas Zeller programming environments Saarland University A Tool Set Tools evolve Tools integrate Tools work together Tools work together Models Specs Code

517 views • 19 slides
Tools git: Theory git: Use Git and (other) Tools for Cooperation git: Tools Project

Tools git: Theory git: Use Git and (other) Tools for Cooperation git: Tools Project

Tools git: Theory git: Use Git and (other) Tools for Cooperation git: Tools Project References Jrg Cassens, Rebekah Wegener, Jens Rademacher, Bastian Stender SoSe 2019 Lab Course Media Informatics SoSe 2019 Jrg Cassens, Rebekah

1.06k views • 89 slides
Tools for investigating THDM models Henning Bahl 14.11.2019, Hamburg Intro Tools Conclusions

Tools for investigating THDM models Henning Bahl 14.11.2019, Hamburg Intro Tools Conclusions

Tools for investigating THDM models Henning Bahl 14.11.2019, Hamburg Intro Tools Conclusions Using tools in HEP Advantages of using tools: Using tools saves you time, avoids redoing stuff, avoids careless mistakes. Typical

672 views • 12 slides
Commissioner Tools Commissioner Tools Overview Multiple Releases My.Scouting.org

Commissioner Tools Commissioner Tools Overview Multiple Releases My.Scouting.org

Commissioner Tools Commissioner Tools Overview Multiple Releases My.Scouting.org Units, Commissioners, Roundtables Scoring Matrix and Assessments Reports and Dashboards Pre-Adoption Tasks 2 Commissioner Tools Screen Shots

654 views • 32 slides
Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools Automation Tools Database Sensitivity Worksheet RSM Generation Manager Analysis Editor An Automated system for high throughput simulation based

439 views • 18 slides
SEO TOOLS KEEPING A CHECK ON THE LATEST &amp; GREATEST SEO TOOLS IN THE MARKET Introduction

SEO TOOLS KEEPING A CHECK ON THE LATEST &amp; GREATEST SEO TOOLS IN THE MARKET Introduction

SEO TOOLS KEEPING A CHECK ON THE LATEST &amp; GREATEST SEO TOOLS IN THE MARKET Introduction Why Tools? Manual vs Automation Insights you cant get otherwise Costs - one time vs recurring Friends can get together and share (may be

395 views • 10 slides
tools air tools air http://www.toolsonair.com ToolsOnAir is known for its Mac-based

tools air tools air http://www.toolsonair.com ToolsOnAir is known for its Mac-based

Practical Real-Time Video Rendering with Modern OpenGL and GStreamer Heinrich Fink (R&amp;D Engineer) tools air tools air http://www.toolsonair.com ToolsOnAir is known for its Mac-based software solutions for broadcasting.

1.08k views • 63 slides
CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools Cryptographic Tools Cryptographic algorithms important element in security services Review various types of elements symmetric encryption secure

1.27k views • 23 slides
LTTng &amp; Tools Roadmap LTTng &amp; Tools Roadmap Content LTTng new and upcoming

LTTng &amp; Tools Roadmap LTTng &amp; Tools Roadmap Content LTTng new and upcoming

Progress Meeting, December 2017 LTTng &amp; Tools Roadmap LTTng &amp; Tools Roadmap Content LTTng new and upcoming features, release schedule, Babeltrace 2, Restartable Sequences, Membarrier system call LTTng &amp; Tools

1.33k views • 16 slides
Media and Creativity Tools CS 347 Michael Bernstein Create. 2 What are creativity tools?

Media and Creativity Tools CS 347 Michael Bernstein Create. 2 What are creativity tools?

Media and Creativity Tools CS 347 Michael Bernstein Create. 2 What are creativity tools? Design tools were focused on creating an intervention to support a need for a specific group. What if the goal were to create an experience, rather than

627 views • 34 slides
Playbook and START START Tools START Tools been produced to ease workloads during Cloud

Playbook and START START Tools START Tools been produced to ease workloads during Cloud

Playbook and START START Tools START Tools been produced to ease workloads during Cloud Migrations and to assist System Integrators. Pulls together existing Microsoft Tools with an easy to use interface Developed in conjunction with

203 views • 19 slides
Google Tools Google Tools eghley,Ed.D. @gmail.com j.beeghley@ James R. Bee Advanced G

Google Tools Google Tools eghley,Ed.D. @gmail.com j.beeghley@ James R. Bee Advanced G

Google Tools Google Tools eghley,Ed.D. @gmail.com j.beeghley@ James R. Bee Advanced G Advanced G Educational Technol logist Blogger Podcaster Harry Potter Geek Civil War Buff Husband and Dad b d d d Tools

1.18k views • 52 slides
Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council Traditional Incident Response But at the national level, incident response is a different game Implications for Misunderstandings between geeks and

541 views • 27 slides
The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo : 20070103

The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo : 20070103

~ c ~ Coogle pal tal kl/7. IOPSECRET/ISJII ORCON // NOJ -- ~ Hotma ll&quot; You lim il liiiiil YAHoo' tl .... ' I 21' - PRISM/US-984XN Overview OR The SJGAD Used Most in NSA Reporting --- Overview Derived From: NSAIC$SM IS2 Datoo :

191 views • 4 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA

Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA

Secure Intersection with MapReduce R. Ciucanu 1 M. Giraud 2 P. Lafourcade 2 L. Ye 3 1 LIFO, INSA Centre Val de Loire Universit e dOrl eans 2 3 School of Computer Science and Technology Harbin Institute of Technology, China 26 July 2019

397 views • 29 slides
Applications of algebraic geometry codes beyond classical coding Gretchen L. Matthews September

Applications of algebraic geometry codes beyond classical coding Gretchen L. Matthews September

Applications of algebraic geometry codes beyond classical coding Gretchen L. Matthews September 10, 2014 C L E M S O N M A T H E M A T I C A L S C I E N C E S Gretchen L. Matthews

1.03k views • 46 slides
Two-Part Webinar Part One: MRO Socialization of 2016-02 CIP SDT Draft Virtualization Changes

Two-Part Webinar Part One: MRO Socialization of 2016-02 CIP SDT Draft Virtualization Changes

Two-Part Webinar Part One: MRO Socialization of 2016-02 CIP SDT Draft Virtualization Changes Part Two: Risk Considerations for BCSI in the Cloud Brian Kinstad, Sr. Risk Assessment and Mitigation Engineer MRO Jay Cribb and Matthew Hyatt, Project

240 views • 22 slides
General Packet Radio Service (GPRS) Outline Introduction GPRS Architecture GPRS

General Packet Radio Service (GPRS) Outline Introduction GPRS Architecture GPRS

General Packet Radio Service (GPRS) Outline Introduction GPRS Architecture GPRS Interfaces GPRS Procedures Summary 2 Introduction (1/2) GPRS reuses the existing GSM infrastructure to provide end-to-end packet-switched

857 views • 83 slides
HTTP Requests for Users &amp; Package Developers Scott Chamberlain ( @sckottie ) 3

HTTP Requests for Users &amp; Package Developers Scott Chamberlain ( @sckottie ) 3

HTTP Requests for Users &amp; Package Developers Scott Chamberlain ( @sckottie ) 3 packages: crul, webmockr, vcr rOpenSci has a lot of pkgs that do http requests giving rise to the tools presented here crul - a new http client

591 views • 34 slides

More recommend