The Last HOPE.

I arrived in New York City somewhen around 1400 EST5EDT, after getting turned around in Penn Station (what kind of adventure would it be without my getting lost, after all?) and being sent in the direction of the hotel by a wary yet friendly security guard at the office building I'd blundered into. I finally got to the Hotel Penn, which they really did a nice job fixing up since the last time I'd been there (though the air conditioning was still pants, which became a common complaint that weekend). I wandered around for a while because I had no room key and ran into a couple of old friends from previous hacker cons, such as Renderman and his wife Grey Frequency (congratulations again, guys!), C4bl3fl4m3, Rob T. Firefly (at long last - we've known each other since at least 1997 from the Information Society fandom), and I even ran into Vaxbuster from 412/724 for the first time since I left Pittsburgh. RTF and I met up while waiting in line to register - I've never actually seen him before, but he recognized my TARDIS key, and we talked a couple of times during the con.

While wandering around, I bought a convention t-shirt and some lockpicks, and I was amazed at the price. As mentioned elsewhere, TOOOL was sponsoring the lockpicking village and they'd be selling two new sets of lockpicks, one in a plastic tube similar in design to their first set (though with a few more picks) and one that exists as punch-out pieces in a spar of metal the size of a credit card. The idea behind the latter is that they're a last-ditch method of getting a lock open; you twist the picks out of the metal framework, use parts of the metal framework as your tension wrenches, and you can open one or two locks with them before they're too damaged to be useful. The cost of the former was $25us, the latter $50us (!!), but you could buy both as a pair for $60us.

Due to the fact that there weren't many panels that I really wanted to see, and because everyone I'd be rooming with was either tired up at panels (they were staff this year) or offsite for lunch, I wound up wandering around for a while looking at everything going on - I took quite a few photographs which I'll clean up and upload sometime later this week, free time depending. When Hasufin got back on site, we got him through the pre-registration line and then headed up to the lockpicking village to get some practice time in on the assortment of locks scattered all over the tables. Once again, the world remains safe from my utter lack of lockpicking skills. During the whole weekend, I tried to pick between fifteen and thirty different locks and only got two open the entire time. Moreover, there were no short-pinned practice locks this year (meaning that none of the locks had been modified to have less than a full complement of pins) so I didn't have much of a chance to get my technique down. Later in the weekend, Mouse (one of the people in charge of that particular gathering) gave me a run-down on making my own, so once I have some spare time I'll give making my own a try. One thing I did discover was that I tend to do better opening locks when they're mounted more or less as they're meant to be (i.e., set into a door) because I find that I can better control the tension applied, as opposed to trying to wedge the tension wrench between a finger or two and gauge it that way.

The big thing about the convention badges this year was that the first 1,500 of them would have active RFID tracking chips in them. A project called AMD (Attendee Meta-Data) set up sensors around the convention's floors (18th and the mezzanine) which would be hooked into the website (which seems to be offline now). As it turned out, the RFID transponders were active and not passive - the con badges were headstone-shaped slabs of circuit board with SMT (surface mount technology) components on both sides and a coin cell battery on the back powering it. When you got your badge, you could write your handle on it if you so chose with a Sharpie (I always do), slide the coin cell in, and the transponder would blip out a unique signature a couple of times a minute. You then logged into the AMD website, created and account, and registered your badge against your account. If you chose, you could create a short profile for yourself; if you entered your cellphone number, you could make it possible for the site to send you text message reminders about panels coming up (which didn't really work, in my experience). Users of the website could also pull up lists of people in the different rooms (named after famous hackers - Turing, Hopper, Engressia, and Zinn). I don't know if the site was ever supposed to pull up the profiles of people on those lists or not, I can only say that I wasn't able to do so using Windbringer. I infer this because it was possible for attendees to ping other attendees via e-mail from the website, if they made themselves available for such.

The first panel I hit at HOPE was Jacob Appelbaum's discussion of the coldboot attack from earlier in this year. During his talk, he described some subtle details that were easy to miss in the paper due to how densely written it was. First of all, ECC memory (commonly used in high end servers) is reasonably safe from this attack because it scrubs the memory field at boot time during the self-test so that it can properly detect and correct errors. This has the side effect of wiping out the remnants of data in the memory field from the last boot. He re-covered the list of whole-disk encryption packages that they were able to crack using this method starting off with Microsoft's Bitlocker. The key problem is this: the machine boots up and loads the key into RAM so that it can decrypt the drive, all before waiting for you to log in. Oops. If you decide to use the TPM (Trusted Platform Module) built into motherboards with increasing frequency these days to hold the crypto keys, it doesn't actually matter because the key gets copied out of TPM chip into RAM to decrypt the drive.

Apple's FileVault, which is part of Mac OSX, effectively has a privilege escalation bug that is required for normal operation which allows the user's passphrase to be copied out of RAM. This bug has been reported over and over again in the past 5 years and they still won't fix it because it was actually designed in as a feature. It's also possible to decrypt FileVault volumes through other means, as described at the 23rd Chaos Computer Congress. I'll cut to the chase and say that most of this has already been covered in an earlier post, so read through that one if you're curious. I hasten to state, however, that the proof-of-concept applications were released during the con on the same site at Princeton that the original paper was posted to. They have minimal functionality, however - only enough for research, not enough to state automated attacks, so if you want to abuse them, you really need to know what you're doing. BitUnlocker won't be released for obvious reasons, only partially because it's highly difficult to set up the toolchain required to compile the code. The utility written to implement unidirectional bit error correction from bit decay was updated and released along with the attack code (0.1% error rate without cooling, 0.0% error rate with cooling).

It's interesting to note that the coldboot attack can be implemented as a custom BIOS on the PC platform, you'd only need one kind of mainboard per type of memory. This is hardly an impossible task - there is a project called Coreboot, which is a free, open source replacement for the various commercial PC BIOSes out there. Coreboot executes specific payloads after it initializes the hardware, and the coldboot attack could be implemented as one such payload. Appelbaum mentioned that Coreboot could be plugged into the open source virtual machine QEMU also, which I might have to play around with one of these days.

While this vulnerability has largely been ignored by the big manufacturers (not from lack of trying to get hold of them), other groups have been paying close attention. For example, the OpenBSD project has taken measures to prevent attacks like this. It's possible, as it turns out, to use sensord from the lm_sensors package with a small number of DDR3-enabled chipsets to implement proactive memory page sanitization. For example, if the internal system temperature drops suddenly (meaning the case has been opened) it can start wiping the memory field, which would erase any keying information in RAM. It's also possible to implement a killfirst flag for certain memory pages to flag them for priority overwriting.

I've probably screwed up this review in a few important ways, so when I find a link to a video recording I'll post it.

After the presentation was over, I spoke to Appelbaum for a while about the code released on 7 March 2008 that implements this particular attack. I'd been curious for a while about why Appelbaum and the rest of the research team hadn't mentioned anything about this development, and he said that Wesley McGrew's implementation of the attack wasn't as clean or as featureful as the tools they wrote and released, and that it actually missed a couple of things.

Not long after that, Hasufin and I piled into the elevator headed for the lobby, and found ourselves in the midst of a a situation lovingly referred to as "no shit, there I was." We'd been hearing here and there around HOPE that we were suppose to stay away from the Mezzanine level of the Hotel Penn for unspecified reasons, and in fact an elevator was blocked off for a while on Friday. We discovered the hard way that the Mezzanine level was being used for dead storage space - someone accidentally hit the 'M' button on the elevator panel, and the doors opened into a floor that was dark save for the lights of the elevator (because the power had been cut). As far as we could see into the gloom, the floor was littered with forgotten filing cabinets, broken chairs, tables, and other whatnot which should probably have been discarded a long time ago. To make matters worse, some of the junk had been leaning against the outer doors of the elevator, so when the doors slid open some of it slid into the elevator itself and wedged the doors open.

Hasufin and I were stuck at the back of the elevator car so there was little that we could actually do. The people packed four abreast in front of us spent a few frantic minutes pushing and shoveling junk out of the car so the doors would close. I don't know if something tiny got trapped in the door's track or what, but I do know that the doors closed but the elevator refused to move, probably because the outer doors were still propped open somehow. Another frantic few minutes were spent pushing junk farther away and little stuff was pitched toward the far wall; eventually the doors closed and we returned to the lobby, none the worse for wear.

I wonder what the security team watching through the camera in the corner of the elevator car thought.

Later that night after getting a quick dinner at the local deli, Hasufin, Vlad, and I hung out in the hotel room and swapped stories with the 412/724 regulars, whom I haven't seen since moving to DC back in 2005. I had to recount the horrors of the last-minute move (including multiple car crashes) because it was one story that they hadn't heard yet... around 0030 EST5EDT on Saturday, we changed clothes, hailed a cab, and took in the nightlife at a club called the MI-5 for Contempt, a goth night close enough to the Hotel Penn that we could easily get to it, and it coincided with HOPE. The atmosphere was everything you'd expect of a good goth club, and it was nice to go out for a bit while on the road (I usually don't get to, due to work). The video FX on the back wall were looped sequences from Ghost In the Shell: Innocence, something that I haven't seen in a while. The dance floor was a bit on the small side but well populated with people having a good time and enjoying the music, which was a nice mix of the classics and some newer stuff that I'll have to track down in my copious spare time.

Of course, we had to have a toast to HOPE, as you would at any self-respecting wake: "Hack the planet!"

Hey, don't look at the screen in that tone of voice, I wasn't the only one. I also didn't organize the midnight rollerblade run through downtown Manhattan on Saturday night (which I found hilarious and inspiring at the same time).

The next morning we carefully crawled out of our respective beds; it isn't often that I get up before 1100 on a Saturday without good reason, though there was plenty. I got myself cleaned up and dressed, bought a bagel and some coffee at the cafe' in the lobby, and hit the presentation on electronic surveillance measures and countermeasures, done by Marty Kaiser. Kaiser's been in the game for several decades, and spoke a bit about the devices he's designed for three-letter agencies and some of the troubles he's gone through as a result. Most interestingly, I thought, he discussed a surveillance method used during the Cold War that was made famous by the Russians when they bugged the United States' embassy during its construction.

If you take a long, thin wire (like a piano wire) and stretch it taut, it'll resonate with certain frequencies of sound. It should be possible to search for videos on Youtube which demonstrate someone singing certain notes at a piano's strings and hearing them produce sound as a result. Go ahead, I'll wait. If you then aim a beam of microwaves at a frequency of about 1 GHz at those strings, when they resonate from sound they'll also perturb the RF, which can then be picked up by a listener's receiver and used to reproduce the sound. The same principle was used in the embassy way back when, along with other interesting tricks.

Along the way I helped someone fix their Asus Eee PC, which had developed a fault of some kind. He needed a bootable disk or USB to get the machine online so he could back up his data before restoring the OS from a hidden partition. I just so happen to carry such a device around on my keyring with me, so we sat at the back of the room half-listening to Kaiser's presentation and half tracking down his files, which we copied off to another USB key. I have to admit, the Eee PC is a nifty, nifty little gadget - it's about the size of a trade paperback book, with a screen 7 inches on the diagonal. Moreover, it has a solid-state hard drive built in, so its boot time is (when you're not restoring the OS) less than 30 seconds in length. However, he told me that it has a bug in which the OS image itself is immutable, i.e., everything gets written to another partition of the drive and overlaid at boot-time, so even when you install updates you'll steadily be losing disk space, which is why many people choose to install their own OS (usually another flavor of Linux or BSD).

I might have to pick one up and play around with it. I can think of a few good uses for one.

Following the surveillance/countersurveillance presentation was an awesome panel by BernieS, Skip Avery, and a few other people not in the schedule on off-the-grid grassroots radio communications, and I don't just mean FRS radios (though I do use them from time to time). They mentioned some advances in consumer hand-held technology, some of which involve scrambling and frequency hopping techniques that are unusually advanced for the open market. Hand-held radios used by certain aspects of the federal government (like the TSA) were also discussed because they have advanced encryption features.. that aren't used anywhere anyone knows of because they are then too hard to use. I feel so much safer...

Afterward I wandered down to the mezzanine and bought the book The Best of 2600: A Hacker Odyssey, published by Wiley. On my way back up, I ran into Emmanual Goldstein at one of the tables and got his autograph on the cover page. It's a weighty tome of hacker and phreaking history, a hardcover book in excess of 900 pages in length. If you're interested in the history of hackerdom, this is the book for you. You can also use it as a self-defense weapon if you absolutely have to. I carried it back with me from the con last night and my back's still complaining. I also stopped by the EFF's table which was manned by Bill from No Starch Press. While I happened to be standing there, I re-upped my membership, claimed my stickers, and moved on to play with the table of RF-shielded wallets and passport holders that are designed to protect RFID-enabled stuff from unauthorized probing. One of the big problems with RFID tracking chips is that anyone can probe them at any time from a distance of a couple of feet without anyone knowing about it. This includes credit cards that you don't have to take out of your wallet to pay for things... or, for example, make tax-deductible donations that you aren't aware of.

The people selling those wallets had a couple of RFID readers and sensors hooked up and running at their table for people to play with, so of course I had to mess around for a while. One of the guys there had an RFID-enabled credit card, so he demonstrated how the sensors worked (swipe it near the detector and it goes off; swipe it near the reader and it dumps the contents of the chip). When the cards were put inside the wallets, much to my surprise they actually worked: no response from the cards at all. Note to self: find out who they were.

After looking over Lady Ada's table a couple of times, I'm now curious about the Arduino microcontroller kit, which has become something of a favorite/geek badge of pride recently. I nearly bought one, in fact, but because I'd hauled way too much gear to the con which wound up not being used at all (viz., a wireless access point and ethernet switch to replace Vlad's, some cable, and four FRS radios) I decided against it. Then I bought a mind machine kit to hack around with, but I'll get to that later.

Hasufin and I jockeyed for position in the Turing room for Steven Levy's talk, with varying degrees of success. I have to admit, I was very surprised that so many people wanted to hear him speak, and in fact I'm surprised that so many people have heard of the book that made him famous in the hacking and phreaking community, Hackers: Heroes of the Computer Revolution and to a lesser extent the book Crypto. When his presentation began he spoke a bit about the reasons behind his writing it, and then what went into the research he did, which lead him to split the book into three sections, the first covering the beginning of hacking at MIT, the second talking about the Homebrew Computer Club, which is around when computers began to filter down to consumers, and the third with the coming of the personal computer hackers, in particular those who pushed the hardware to the limits by writing the first video games and other novel pieces of software. He finished his talk by discussing what went into tracking down the preserved brain of Albert Einstein, which had gone missing following his death in 1957. When it was over, I roamed around the back of the room a bit to look for where his table would be set up, and then got into line. I got to meet him briefly and he was kind enough to autograph one of my punchcards, which I plan on using as a bookmark because I wasn't able to bring my copy of Hackers with me (because it had been loaned out a few days before).

Afterward, I wandered around a bit to see if I could find anyone I knew, scribbled a bit on the graffiti wall, and then wandered back down to the lockpicking village to burn away a bit more patience. Later, I dropped $25us on one of Lady Ada's kits, a photic/sonic brain machine device at a table in the makers' village, sat down at one of the tables, looked at the instructions on the web site (unfortunately, space was at a premium on the tables so people were fighting for room to set up their laptops), and started poking components into the pre-made circuit board. Once you know what everything means, it's pretty easy to figure out where everything goes (usually because the ID codes of the parts are silkscreened on top of the board) and everything just starts falling into place. I was about a third of the way done before I realized that I still know how to solder on an unconscious level, which surprised the hell out of me.

I discovered later in the evening that I'd gotten the LEDs in backwards, which is why the test boot failed. Just goes to show that the moment I say "I know what I'm doing," I'm actually about to make an embarrassing mistake.

1800 on Saturday was the scheduled time for Elwing's presentation on PGP vs PKI, how their implementation and usage goals differ, and a feature of the OpenPGP spec called trust signatures. Not many people use trust signatures, myself included, but in a nutshell they're useful for groups of people who support one another in some way (say, a development team) and thus might trust one another enough for their digital signatures to stand in stead. For example, Alice, Bob, and Charlie trust one another enough to sign for one another, so each edits their copy of the others' public PGP keys on their keyrings to put trust signatures in place. Alice trusts Bob and Charlie so much that she specifically allows their digital signatures to authenticate her work. Bob trusts Alice and Charlie enough to let both of their signatures be equivalent to his own. Charlie doesn't trust Alice or Bob enough to let them digitally sign for him, but he's okay with his own signature being accepted in lieu of either of theirs. Elwing did an awesome job with her presentation, and as soon as I find a link to a recording I'll post it.

Afterward I darted back downstairs to the maker's village to get some more work done on my brain machine kit and then headed back to our room with a half-hour to spare to shower the accumulated New York City sweat and grime away and clean up for dinner at Ninja New York, a Japanese restaurant with an 80's ninja movie kitch look that I'll review in a later post to do it justice. It was about a half hour ride on the New York Subway from the Hotel Penn, which isn't bad at all.

Hasufin and I got back around 2300 EST5EDT on Saturday night, and after picking up our convention badges and gear at the hotel room, we retired to the makers' village where I worked for a while on the brain machine kit while he looked over my shoulder. I'm not very good with electronics: I can build kits and simple stuff, but electrical engineering really isn't something that I'm any good at. About a half hour later, someone from the Radio Statler team swung through the mezzanine, asking if anyone would like to be on the radio. Of course, I jumped at the chance, mostly because I didn't know what I'd be getting into.

The show I found myself on the staff of was basically a call-in show done live from the convention. We had a phone patch courtesy of the folks at Telephreak and an 800 number, so anyone who wanted to could call in and talk about.. whatever it was that they wanted to talk about. Kind of like open lines on Coast to Coast AM, only with bored geeks instead of afficionados of the paranormal.

I'm not funny. I'm not witty, either. I don't have a strong voice, and yes I do happen to sound like a girl. I suggest that everyone who tuned in that night thank whatever gods you worship that I didn't start singing. I refuse to apologize for the leather trousers remarks, and I stand by using my sonic screwdriver to drive away whoever called to bombard us with DTMF tones and summon people from Canada (Renderman and Grey Frequency walked into the studio around that time).

Before turning in for the night, Hasufin lead me back to the lockpicking village to take a crack at an ignition lock from a Nissan car, which had been dubbed The Confidence Builder by newbies because it was so easy to pick. Even I could get it open with a tension wrench and a rake pick - it was as simple as twisting the tension wrench, raking the bottom half of the lock two or three times (there are pins on both the top and bottom), raking the upper pins once, and then the cylinder turned. Total time for my lame ass to open it: eleven seconds.

Mental note: don't buy a Nissan.

By the time Sunday morning rolled around, we were completely worn out. The AC had failed again, and we woke up covered in sweat; I felt like I hadn't slept at all. One by one, we scrubbed ourselves off in the shower, got dressed, and then packed our gear because checkout time steadily approached. Hasufin and I dropped off our luggage in the basement so that we could retrieve it later, got breakfast from the deli down the street, and picked our way back to the Hotel Penn to catch a couple of panels before I had to leave (my train was scheduled to leave at 1500 EST5EDT). Out of professional curiosity we sat in on Ray's presentation on escaping from high security handcuffs, of the sort you usually expect to see in video footage from Guantanamo Bay. As they say, the locks fail at restraint. If you happen to find yourself trapped in a pair of high security handcuffs, you can either find someone to pick the tumbler locks, shim them open per usual, or with certain models you can hit them just right on something sturdy and they'll pop open. Of course, certain methods may be applied to mitigate the risk of someone taking advantage of these (very expensive) problems, such as having angry people point automatic weapons at you, wrap the middle part of the handcuffs with hardened steel plates that are chained behind you, and positioning the keyholes in places that humans can't reach while restrained.

After the panel let out, I recieved a text message form Elwing: Katie, one of her colleagues who'd gone to HOPE, wasn't feeling well and was looking for someplace quiet to lay down. I still had a keycard for my room, so I tracked down Elwing and Irregular Expression, handed off my keycard, and resumed my search for people that I knew to say good-bye to before I took off. I ran into Rob T. Firefly again, who'd just purchased an antique lineman's handset from HackersMart, the convenience store for geeks run by the folks at HacDC. I then got a message back stating that the keycard wasn't working, so I went in search of Katie, and eventually ran into her by the elevators. My keycard had indeed been deactivated, probably because it was well after checkout time, so we headed back down to the mezzanine. After that, it was a bit of a rush to get the rest of my gear, get over to Penn Station, and figure out which train I was supposed to get on to head back to DC. As it turned out, I'd had no trouble finding the right train, the station simply neglected to list "Union Station" in the list of stops.

The rest of my travelogue is pretty simple: I read the whole way home. The train arrived at Union Station around 1900 EST5EDT, I eventually found the DC Metro station and rode back home, again reading the whole way. Dinner was fast, and actually did a lot to improve my mood because I'd only eaten one meal that day - Lyssa and Laurelinde made kale soup and had some Russian black bread standing by for me. We packed up Laurelinde's gear (including the Pentium-IV box she asked me to troubleshoot for her), loaded it into the TARDIS, and headed for Maryland to drop her off. I had just enough strength in me to drive Lyssa and I back home, whereupon I checked my work e-mail to be sure that nothing had blown up in my absence, and then fell face-first into bed for a couple of hours of sleep.

I'll eventually get the pictures I took at HOPE put up, probably by the end of the week. In a couple of days I'll go hunting for links to recordings of what went on at HOPE and put them into a separate post.