[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:19.15,Default,,0000,0000,0000,,{\i1}36c3 preroll music{\i0}
Dialogue: 0,0:00:19.15,0:00:25.91,Default,,0000,0000,0000,,Herald: The following talk of Fabian and\NFrederico will be about hacking NFC toys
Dialogue: 0,0:00:25.91,0:00:32.01,Default,,0000,0000,0000,,with a chameleon mini. Also, we have\Nspecial guests here on stage! What is your
Dialogue: 0,0:00:32.01,0:00:34.01,Default,,0000,0000,0000,,name?\NLuna: Luna
Dialogue: 0,0:00:34.01,0:00:36.80,Default,,0000,0000,0000,,Herald: and\NMila: Mila
Dialogue: 0,0:00:36.80,0:00:45.88,Default,,0000,0000,0000,,Herald: Give them a warm round of applause
Dialogue: 0,0:00:45.88,0:00:58.33,Default,,0000,0000,0000,,Fabian: Well, hello everyone! We have some\Nnice little toy for kids. It's, ehm, it's
Dialogue: 0,0:00:58.33,0:01:05.03,Default,,0000,0000,0000,,a Tonie Box. You're putting a little\Nfigurine on top of that, and then the box
Dialogue: 0,0:01:05.03,0:01:15.38,Default,,0000,0000,0000,,starts playing a song or reads a story,\Nand the tags are using NFC to authenticate
Dialogue: 0,0:01:15.38,0:01:24.14,Default,,0000,0000,0000,,themselves, more or less. And maybe luna\Nwill show how it is supposed to work.
Dialogue: 0,0:01:24.14,0:01:28.32,Default,,0000,0000,0000,,Luna, möchtest du das einmal vormachen?
Dialogue: 0,0:01:28.32,0:01:41.67,Default,,0000,0000,0000,,{\i1}Music{\i0}
Dialogue: 0,0:01:41.67,0:01:44.92,Default,,0000,0000,0000,,Fabian: Really good!\NFrederico: So, once you put in the the
Dialogue: 0,0:01:44.92,0:01:50.53,Default,,0000,0000,0000,,figurine, it plays, and stops, and it\Nstarts again with another one
Dialogue: 0,0:01:50.53,0:02:01.97,Default,,0000,0000,0000,,Fabian: Yes that's fine! We got the\Ninformation from a forum where they just
Dialogue: 0,0:02:01.97,0:02:08.88,Default,,0000,0000,0000,,tried to hack these things and they stated\Nthat it was too difficult to do it with
Dialogue: 0,0:02:08.88,0:02:13.44,Default,,0000,0000,0000,,the chameleon mini, and that was like a\Nchallenge to us, since we are maintaining
Dialogue: 0,0:02:13.44,0:02:21.83,Default,,0000,0000,0000,,the github repository, which is open\Nsource, so we just did it yesterday and
Dialogue: 0,0:02:21.83,0:02:29.54,Default,,0000,0000,0000,,the kids can play with it today. We\Nstarted by analyzing the communication by
Dialogue: 0,0:02:29.54,0:02:37.76,Default,,0000,0000,0000,,inputting a sniffer. We just received the\Ncommunication from the box to the tag and
Dialogue: 0,0:02:37.76,0:02:42.80,Default,,0000,0000,0000,,we looked at it what is actually a\N{\i1}incomprehensible{\i0} authentication
Dialogue: 0,0:02:42.80,0:02:54.88,Default,,0000,0000,0000,,happening. What we see here is the log of\Nthe chameleon mini. This is ISO 15 693 and
Dialogue: 0,0:02:54.88,0:03:04.85,Default,,0000,0000,0000,,the marked up part is some proprietary\Ncommands. And from the forum, we knew that
Dialogue: 0,0:03:04.85,0:03:11.22,Default,,0000,0000,0000,,it is ICODE-Tags, so we just looked it up\Nin the datasheet, and the command which we
Dialogue: 0,0:03:11.22,0:03:19.48,Default,,0000,0000,0000,,are seeing here is "get random number". So\Nthe tag responds with a 16… 16 bit random
Dialogue: 0,0:03:19.48,0:03:21.49,Default,,0000,0000,0000,,number…\NFrederico: …which is not shown here
Dialogue: 0,0:03:21.49,0:03:27.33,Default,,0000,0000,0000,,because, sorry, it's only one-side\Ncommunication sniffing, so we have only
Dialogue: 0,0:03:27.33,0:03:32.35,Default,,0000,0000,0000,,the commands that are given to the target\Nfrom the reader. So here we can see the
Dialogue: 0,0:03:32.35,0:03:37.18,Default,,0000,0000,0000,,random part of it, and we'll just deal\Nwith it later on, and we'll explain to you
Dialogue: 0,0:03:37.18,0:03:40.68,Default,,0000,0000,0000,,how we broke it nonetheless.
Dialogue: 0,0:03:41.76,0:03:46.34,Default,,0000,0000,0000,,Fabian: This is the normal ISO 15
Dialogue: 0,0:03:46.34,0:03:54.25,Default,,0000,0000,0000,,inventory command that selects a tag and\Nexpects the UID. But we are not
Dialogue: 0,0:03:54.25,0:04:02.08,Default,,0000,0000,0000,,authenticated right now so the tag goes on\Nwith the set password command. And that's
Dialogue: 0,0:04:02.08,0:04:11.53,Default,,0000,0000,0000,,quite interesting: It is a 32-bit password\Nthat is XORd with a random number. Twice.
Dialogue: 0,0:04:11.53,0:04:21.77,Default,,0000,0000,0000,,So no real crypto here. And then we see\Nthat we get selected, and here we see the
Dialogue: 0,0:04:21.77,0:04:30.30,Default,,0000,0000,0000,,UID of the tag. So we can work on that. We\Nimplemented the get random number command
Dialogue: 0,0:04:30.30,0:04:40.12,Default,,0000,0000,0000,,and the set password but we just did not\Nsend a random number back. So we just sent
Dialogue: 0,0:04:40.12,0:04:50.60,Default,,0000,0000,0000,,zeros and that's when we get the password.\NThen we emulated it, and let's take a look
Dialogue: 0,0:04:50.60,0:04:55.71,Default,,0000,0000,0000,,at the log again.\NFrederico: This is the full emulation log,
Dialogue: 0,0:04:55.71,0:05:00.90,Default,,0000,0000,0000,,so when I finally have both transmission\Nand reception from the reader, so we are
Dialogue: 0,0:05:00.90,0:05:07.98,Default,,0000,0000,0000,,receiving data from the reader, and we are\Nsending back transmission of – this is our
Dialogue: 0,0:05:07.98,0:05:12.86,Default,,0000,0000,0000,,this random number which is a zero zero\Nzero zero. So we are sending all zeros.
Dialogue: 0,0:05:12.86,0:05:17.64,Default,,0000,0000,0000,,Then, it means that the password that will\Nbe sent by the reader to the tag will be
Dialogue: 0,0:05:17.64,0:05:24.14,Default,,0000,0000,0000,,XORd with only zeros. So, this is the\Nauthentication command, and you can see,
Dialogue: 0,0:05:24.14,0:05:30.19,Default,,0000,0000,0000,,now we have the password in plain text.\NBecause they simply XORd it with the… with
Dialogue: 0,0:05:30.19,0:05:37.38,Default,,0000,0000,0000,,0. Now we finally have the password, so we\Ncan also use it to read the other tags.
Dialogue: 0,0:05:37.38,0:05:41.91,Default,,0000,0000,0000,,Because we actually need to authenticate\Nin the right way, with proper tags. And we
Dialogue: 0,0:05:41.91,0:05:49.75,Default,,0000,0000,0000,,can read them and – if Mila… yeah… thanks\NLula! It should be emulating a real target
Dialogue: 0,0:05:49.75,0:05:52.95,Default,,0000,0000,0000,,{\i1}beeping from box{\i0}\N{\i1}Music playing{\i0}
Dialogue: 0,0:05:52.95,0:05:58.61,Default,,0000,0000,0000,,Frederico: It's indeed emulating a real\Ntarget. So once you have the password ,
Dialogue: 0,0:05:58.61,0:06:03.92,Default,,0000,0000,0000,,you can authenticate, read the data from\Nthe from the tag, and reverse-engineer it.
Dialogue: 0,0:06:03.92,0:06:13.87,Default,,0000,0000,0000,,But actually, it's not even needed.\NBecause somehow , the… the box is trusting
Dialogue: 0,0:06:13.87,0:06:19.12,Default,,0000,0000,0000,,the UID itself. So once you have emulation\Nin place and you can read the UID from the
Dialogue: 0,0:06:19.12,0:06:25.12,Default,,0000,0000,0000,,sniffer we had before, you already good to\Ngo. You now have a perfect emulation and
Dialogue: 0,0:06:25.12,0:06:27.66,Default,,0000,0000,0000,,the kids can now play without\N{\i1}incomprehensible{\i0} toys
Dialogue: 0,0:06:27.66,0:06:33.43,Default,,0000,0000,0000,,Fabian: The interesting thing here is that\Nwe did not even start to read the tag, the
Dialogue: 0,0:06:33.43,0:06:39.71,Default,,0000,0000,0000,,actual data on the tag. As you see below\Nhere, we just sent back zeros and the tag
Dialogue: 0,0:06:39.71,0:06:45.20,Default,,0000,0000,0000,,still plays. So it doesn't even care\Nwhat is written on the tag, they just
Dialogue: 0,0:06:45.20,0:06:55.06,Default,,0000,0000,0000,,check the UID once you put the tag on top\Nof it and then you can just create a nice
Dialogue: 0,0:06:55.06,0:07:06.25,Default,,0000,0000,0000,,little backup. If the kids are breaking\Nthe toys or you exchange some figurines
Dialogue: 0,0:07:06.25,0:07:09.77,Default,,0000,0000,0000,,with your friends and…\NFrederico: No. No, that won't would be
Dialogue: 0,0:07:09.77,0:07:15.64,Default,,0000,0000,0000,,legal. Who would do that?\NFabian: I won't do that, but Mila might!
Dialogue: 0,0:07:15.64,0:07:20.40,Default,,0000,0000,0000,,Frederico: We speculate that the data in\Nthe tag might be used to authenticate the
Dialogue: 0,0:07:20.40,0:07:29.16,Default,,0000,0000,0000,,first time with the box. Because once you\Nbuy a figurine it's linked to your account
Dialogue: 0,0:07:29.16,0:07:34.82,Default,,0000,0000,0000,,and probably it's… that they have decided\Nit's used only the first time. So then
Dialogue: 0,0:07:34.82,0:07:40.20,Default,,0000,0000,0000,,later on, the Box just stores your UID and\Nthen it authenticates. And that's the
Dialogue: 0,0:07:40.20,0:07:44.44,Default,,0000,0000,0000,,reason why the Box does not care about the\Ncontent, because it recognized the UID as
Dialogue: 0,0:07:44.44,0:07:49.72,Default,,0000,0000,0000,,one, it's already saved inside the thing.\NFabian: Yes, and… but we did want to read
Dialogue: 0,0:07:49.72,0:07:57.29,Default,,0000,0000,0000,,the tag anyway. Actually we cannot do it\Nwith the Chameleon Mini right now, because
Dialogue: 0,0:07:57.29,0:08:03.29,Default,,0000,0000,0000,,there are some missing implementations. So\Nwe would like to join you to contribute
Dialogue: 0,0:08:03.29,0:08:12.09,Default,,0000,0000,0000,,something on our GitHub project. We\Nquickly scripted something and I'm I'm…
Dialogue: 0,0:08:12.09,0:08:18.79,Default,,0000,0000,0000,,I'm going back… in Python for another\Nreader, so we could read the tag and dump
Dialogue: 0,0:08:18.79,0:08:26.19,Default,,0000,0000,0000,,it. But we did not upload it to the\NChameleon since we are already getting a
Dialogue: 0,0:08:26.19,0:08:30.46,Default,,0000,0000,0000,,full emulation on the tag. So we just save\Nthe time.
Dialogue: 0,0:08:30.46,0:08:37.19,Default,,0000,0000,0000,,Frederico: It will be on my gist for the\Ntime being I guess, because I need Python
Dialogue: 0,0:08:37.19,0:08:42.36,Default,,0000,0000,0000,,script to read those tags which are not\Ntotally supported by many readers now. You
Dialogue: 0,0:08:42.36,0:08:47.50,Default,,0000,0000,0000,,have to go to the bare commands. There is\Nno read support really we made support for
Dialogue: 0,0:08:47.50,0:08:50.58,Default,,0000,0000,0000,,phones or something like that once the tag\Nis in privacy mode.
Dialogue: 0,0:08:50.58,0:08:56.44,Default,,0000,0000,0000,,Fabian: Well, we are already finished\NFrederico: Yeah. We didn't have much to
Dialogue: 0,0:08:56.44,0:08:59.53,Default,,0000,0000,0000,,say I guess.\NFabian: We'll just link the GitHub
Dialogue: 0,0:08:59.53,0:09:05.97,Default,,0000,0000,0000,,repository that's where you can also ask\Nquestions if you are playing with the
Dialogue: 0,0:09:05.97,0:09:12.21,Default,,0000,0000,0000,,chameleon and don't know how it works or\Ngetting stuck on something. We will be
Dialogue: 0,0:09:12.21,0:09:18.16,Default,,0000,0000,0000,,also here around for questions and\Nanswers, and if you want to buy a
Dialogue: 0,0:09:18.16,0:09:25.10,Default,,0000,0000,0000,,chameleon you still can do. You just have\Nto find this man.
Dialogue: 0,0:09:25.10,0:09:30.07,Default,,0000,0000,0000,,Frederico: The yellow guy\NFabian: At his parking spot which is up
Dialogue: 0,0:09:30.07,0:09:39.35,Default,,0000,0000,0000,,there, A2. Well I just found him, he's\Nright in front of me. What a coincidence!
Dialogue: 0,0:09:39.35,0:09:42.22,Default,,0000,0000,0000,,And\NFrederico: That's it I guess.
Dialogue: 0,0:09:42.22,0:09:46.40,Default,,0000,0000,0000,,Fabian: That's it.
Dialogue: 0,0:09:46.40,0:09:54.41,Default,,0000,0000,0000,,Herald: Thank you Fabio and Frederico and\Nespecially thanks to Luna and Mila! We
Dialogue: 0,0:09:54.41,0:10:00.34,Default,,0000,0000,0000,,have time for some quick questions I\Nthink. Are there any questions? One
Dialogue: 0,0:10:00.34,0:10:04.91,Default,,0000,0000,0000,,question I see there. You were first.
Dialogue: 0,0:10:08.36,0:10:10.93,Default,,0000,0000,0000,,Q: From the point of what you know now, do
Dialogue: 0,0:10:10.93,0:10:16.78,Default,,0000,0000,0000,,you think it's possible that we have some\Nkind of repository where I can download
Dialogue: 0,0:10:16.78,0:10:21.51,Default,,0000,0000,0000,,codes and play anything?\NA: Yeah, it's already available in my own
Dialogue: 0,0:10:21.51,0:10:25.91,Default,,0000,0000,0000,,fork of the repository, but we are\Nprobably gonna merge it in the main one.
Dialogue: 0,0:10:25.91,0:10:30.39,Default,,0000,0000,0000,,We will just tidy up the code and, it's a\Nbit hacky. We will do a pull request and
Dialogue: 0,0:10:30.39,0:10:35.37,Default,,0000,0000,0000,,then we will merge it into the main GitHub\Nrepository, in a couple of days . But
Dialogue: 0,0:10:35.37,0:10:37.91,Default,,0000,0000,0000,,still, it's available as of now on my\NGitHub repository.
Dialogue: 0,0:10:37.91,0:10:46.43,Default,,0000,0000,0000,,Q: ok following question, on it there is a\Nfunction I think that people can use this
Dialogue: 0,0:10:46.43,0:10:52.51,Default,,0000,0000,0000,,figures to record something, and this is\Nsaved in the cloud. Is, could this be a
Dialogue: 0,0:10:52.51,0:11:00.58,Default,,0000,0000,0000,,problem for privacy if I can technically\Nclone other recordings from random people?
Dialogue: 0,0:11:00.58,0:11:05.24,Default,,0000,0000,0000,,Q2: Yes, if someone records his own\Nstuff, like secret messages, you can
Dialogue: 0,0:11:05.24,0:11:07.24,Default,,0000,0000,0000,,download it.\NA: It depends.
Dialogue: 0,0:11:07.24,0:11:10.30,Default,,0000,0000,0000,,Q2: From my understanding yes, sorry\NA: He's the owner of the Box!
Dialogue: 0,0:11:10.30,0:11:14.66,Default,,0000,0000,0000,,Q2: From my understanding, yes, because\Nyou can upload your own, say, private
Dialogue: 0,0:11:14.66,0:11:20.55,Default,,0000,0000,0000,,discussion with your wife to one Tonie and\Nsince it's all, it goes through their
Dialogue: 0,0:11:20.55,0:11:26.05,Default,,0000,0000,0000,,cloud, and is stored on this box, if\Nsomeone can copy my UID, very likely he
Dialogue: 0,0:11:26.05,0:11:30.55,Default,,0000,0000,0000,,can listen to what I was saying to my wife\Non this Tonie box. Yeah, this could be
Dialogue: 0,0:11:30.55,0:11:34.42,Default,,0000,0000,0000,,some privacy threat, while it's a bit far-\Nfetched in the end of the day that's
Dialogue: 0,0:11:34.42,0:11:39.51,Default,,0000,0000,0000,,mostly children's music.\NA: Well it would be nice if, if you want
Dialogue: 0,0:11:39.51,0:11:45.37,Default,,0000,0000,0000,,to take a look at it, the code is online\Nand you can do so and tell us!
Dialogue: 0,0:11:45.37,0:11:50.47,Default,,0000,0000,0000,,Q: Just a quick comment on that. As far as\NI know, you can like, if you have this
Dialogue: 0,0:11:50.47,0:11:56.29,Default,,0000,0000,0000,,Tonies where you can speak something on\Nthem, you can enable others to take your
Dialogue: 0,0:11:56.29,0:12:00.43,Default,,0000,0000,0000,,figurine and put it on their Tonie box, so\Nyou can enable this function or you can
Dialogue: 0,0:12:00.43,0:12:06.14,Default,,0000,0000,0000,,disable it. So even if you, as far as I\Nknow, even if you cloned this UID, you
Dialogue: 0,0:12:06.14,0:12:10.61,Default,,0000,0000,0000,,cannot necessarily put it on some other\NTonie box and listen to this private ones
Dialogue: 0,0:12:10.61,0:12:15.30,Default,,0000,0000,0000,,at least. The other ones that would be\Npossible but the private ones, the ones
Dialogue: 0,0:12:15.30,0:12:20.57,Default,,0000,0000,0000,,where you can put some music or some\Nspeech on, these you can disable the
Dialogue: 0,0:12:20.57,0:12:23.39,Default,,0000,0000,0000,,function to share them. That's what I\Nknow.
Dialogue: 0,0:12:23.39,0:12:29.74,Default,,0000,0000,0000,,A: Thanks\NH: So, any more questions? One more
Dialogue: 0,0:12:29.74,0:12:36.61,Default,,0000,0000,0000,,question or comment?\NQ: I was just wondering since now many
Dialogue: 0,0:12:36.61,0:12:40.88,Default,,0000,0000,0000,,kids will start going with the Chameleons\Nthrough the supermarket – which is
Dialogue: 0,0:12:40.88,0:12:45.76,Default,,0000,0000,0000,,illegal! But most kids are too young to be\Nprosecuted, no? And then they would steal
Dialogue: 0,0:12:45.76,0:12:51.16,Default,,0000,0000,0000,,several UIDs and, or maybe exchange them\Nwith friends, I was wondering, where do we
Dialogue: 0,0:12:51.16,0:12:57.11,Default,,0000,0000,0000,,collect the archive of valid UIDs and what\Nthe content is, say with which I'm using
Dialogue: 0,0:12:57.11,0:13:01.48,Default,,0000,0000,0000,,A: I'm not hosting it. I'm not hosting it.\NQ: Oh you are only into backups, into say
Dialogue: 0,0:13:01.48,0:13:04.95,Default,,0000,0000,0000,,a privacy backup\NA: Well, er, we have a little… – strict
Dialogue: 0,0:13:04.95,0:13:10.35,Default,,0000,0000,0000,,backup only! – comment within our source\Ncode that we know which UID belongs to
Dialogue: 0,0:13:10.35,0:13:17.43,Default,,0000,0000,0000,,which tag we worked with, but we will not\Nexpand it.
Dialogue: 0,0:13:17.43,0:13:22.00,Default,,0000,0000,0000,,Q: Okay so thank you, we have to collect\Nit somewhere, the criminal stuff. Thank
Dialogue: 0,0:13:22.00,0:13:24.00,Default,,0000,0000,0000,,you!\NA: On your servers, [name]!
Dialogue: 0,0:13:24.00,0:13:26.84,Default,,0000,0000,0000,,{\i1}36c3 postroll music{\i0}
Dialogue: 0,0:13:26.84,0:13:51.82,Default,,0000,0000,0000,,Subtitles created by c3subtitles.de\Nin the year 2021. Join, and help us!