[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:14.03,Default,,0000,0000,0000,,{\i1}33c3 preroll music{\i0}
Dialogue: 0,0:00:14.03,0:00:16.88,Default,,0000,0000,0000,,Herald: Ray, are you ready?\NRay: I think I’m ready!
Dialogue: 0,0:00:16.88,0:00:19.84,Default,,0000,0000,0000,,Herald: Alright he’s ready…\NLet me introduce you, Ray!
Dialogue: 0,0:00:19.84,0:00:23.63,Default,,0000,0000,0000,,“Lockpicking in the IoT”, or
Dialogue: 0,0:00:23.63,0:00:27.38,Default,,0000,0000,0000,,“Why adding a Bluetooth Low\NEnergy device sometimes
Dialogue: 0,0:00:27.38,0:00:30.33,Default,,0000,0000,0000,,isn’t a great idea”. Here we go!
Dialogue: 0,0:00:30.33,0:00:36.26,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:00:36.26,0:00:42.76,Default,,0000,0000,0000,,Ray: Okay, so, welcome everybody\Nto “Lockpicking in the IoT”,
Dialogue: 0,0:00:42.76,0:00:50.24,Default,,0000,0000,0000,,or the internet of things that were\Nnever supposed to be on the internet.
Dialogue: 0,0:00:50.24,0:00:57.34,Default,,0000,0000,0000,,Okay. There’s a small overview of what\Nwe’re doing. I’ll introduce a little bit
Dialogue: 0,0:00:57.34,0:01:05.02,Default,,0000,0000,0000,,what is this about, show you some hardware\Nporn – for the hardware lovers among you –
Dialogue: 0,0:01:05.02,0:01:11.00,Default,,0000,0000,0000,,then look a bit deeper in the PCBs of that\Nhardware – for the electronics guys –
Dialogue: 0,0:01:11.00,0:01:15.16,Default,,0000,0000,0000,,then we look into communication on\Nthe internet – this is this modern thing
Dialogue: 0,0:01:15.16,0:01:18.74,Default,,0000,0000,0000,,everybody wants to have in his coffee\Nmachine – and then we go for
Dialogue: 0,0:01:18.74,0:01:24.50,Default,,0000,0000,0000,,the wireless interface, and see\Nhow difficult or not difficult it is
Dialogue: 0,0:01:24.50,0:01:30.53,Default,,0000,0000,0000,,to attack them. And last but not least\Nwe will look into Android app hacking
Dialogue: 0,0:01:30.53,0:01:36.03,Default,,0000,0000,0000,,– I have to say I’m mainly focusing on\NAndroid but I’m pretty sure if you’re more
Dialogue: 0,0:01:36.03,0:01:41.49,Default,,0000,0000,0000,,the Apple guy there’s similar techniques\Navailable to go for your Apple app.
Dialogue: 0,0:01:41.49,0:01:46.44,Default,,0000,0000,0000,,But for most devices there’s both\N– so even if you’re using iOS you can hack
Dialogue: 0,0:01:46.44,0:01:52.48,Default,,0000,0000,0000,,the Android app to get the infos.\NAnd then the talk is over. Okay.
Dialogue: 0,0:01:52.48,0:01:58.73,Default,,0000,0000,0000,,The very important thing first: the\Ndisclaimer. Basically I want to say
Dialogue: 0,0:01:58.73,0:02:03.38,Default,,0000,0000,0000,,I just tested this on my locks, I don’t\Nsay it’s working on everything,
Dialogue: 0,0:02:03.38,0:02:08.32,Default,,0000,0000,0000,,I don’t say it’s a general mistake by\Nsomebody, might have changed,
Dialogue: 0,0:02:08.32,0:02:14.16,Default,,0000,0000,0000,,I might be wrong, I just\Nshow my research. Okay.
Dialogue: 0,0:02:14.16,0:02:20.09,Default,,0000,0000,0000,,This is basically what we’re talking\Nabout. We have some kind of
Dialogue: 0,0:02:20.09,0:02:24.73,Default,,0000,0000,0000,,smart or not-so-smart device which is\Ntalking over Bluetooth Low Energy
Dialogue: 0,0:02:24.73,0:02:30.94,Default,,0000,0000,0000,,to your smart, or not-so-smart phone.\NWhich is usually talking, using TLS
Dialogue: 0,0:02:30.94,0:02:36.62,Default,,0000,0000,0000,,and HTTP to the ‘Cloud’.
Dialogue: 0,0:02:36.62,0:02:39.87,Default,,0000,0000,0000,,So it’s not just locks. The talk is called\N“Lockpicking” because that’s the thing
Dialogue: 0,0:02:39.87,0:02:43.12,Default,,0000,0000,0000,,we’re actually going to attack. But\Nthe techniques here shown work
Dialogue: 0,0:02:43.12,0:02:46.00,Default,,0000,0000,0000,,for basically all of these\NBluetooth Low Energy devices.
Dialogue: 0,0:02:46.00,0:02:51.37,Default,,0000,0000,0000,,There are e.g. different light bulbs.\NI found some interesting reports
Dialogue: 0,0:02:51.37,0:02:55.53,Default,,0000,0000,0000,,on light bulbs that don’t use\Nany form of authentication.
Dialogue: 0,0:02:55.53,0:02:58.33,Default,,0000,0000,0000,,So you can connect to your neighbor’s\Nlight bulb and change a color, or
Dialogue: 0,0:02:58.33,0:03:01.97,Default,,0000,0000,0000,,turn it on or off. So, finally,\NBlinkenlights in your neighborhood!
Dialogue: 0,0:03:01.97,0:03:03.64,Default,,0000,0000,0000,,{\i1}mumbles and laughter{\i0}
Dialogue: 0,0:03:03.64,0:03:07.64,Default,,0000,0000,0000,,Then of course there’s cars. Everybody’s\Ntalking about cars today. I just heard
Dialogue: 0,0:03:07.64,0:03:11.71,Default,,0000,0000,0000,,a talk about cars. They’re not really\Nusing Bluetooth Low Energy.
Dialogue: 0,0:03:11.71,0:03:14.31,Default,,0000,0000,0000,,But still they use an app and are\Ncontrolled over the internet, so,
Dialogue: 0,0:03:14.31,0:03:19.10,Default,,0000,0000,0000,,it’s kind of on-topic. Then there’s\Nvibrators. I mean, unsafer cyber sex
Dialogue: 0,0:03:19.10,0:03:24.58,Default,,0000,0000,0000,,never has been easier. Actually I don’t\Nhave one of those, so, if anybody has,
Dialogue: 0,0:03:24.58,0:03:30.12,Default,,0000,0000,0000,,please bring one over to play with it.\NBut I’m pretty sure they have high-class
Dialogue: 0,0:03:30.12,0:03:33.29,Default,,0000,0000,0000,,security. {\i1}laughter{\i0}\NAnd then there’s button pushers.
Dialogue: 0,0:03:33.29,0:03:38.77,Default,,0000,0000,0000,,I just learned of that yesterday and\NI thought “WTF, a button pusher!?”
Dialogue: 0,0:03:38.77,0:03:42.04,Default,,0000,0000,0000,,{\i1}laughter{\i0}
Dialogue: 0,0:03:42.04,0:03:48.77,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:03:48.77,0:03:51.81,Default,,0000,0000,0000,,This is a Bluetooth Low Energy device\Nwhich you can communicate to and
Dialogue: 0,0:03:51.81,0:03:54.88,Default,,0000,0000,0000,,make it press a button. Here it’s pressing\Nthe Delete key on my notebook.
Dialogue: 0,0:03:54.88,0:03:59.57,Default,,0000,0000,0000,,So finally I have a Bluetooth LE\Nenabled Delete key on my notebook.
Dialogue: 0,0:03:59.57,0:04:02.88,Default,,0000,0000,0000,,{\i1}laughter{\i0}\NVery, very helpful. Of course, if you
Dialogue: 0,0:04:02.88,0:04:07.21,Default,,0000,0000,0000,,add that to your door opener at home\Nyou can do it again – lockpicking.
Dialogue: 0,0:04:07.21,0:04:10.41,Default,,0000,0000,0000,,We haven’t hacked that yet because\NI just saw it yesterday but it didn’t look
Dialogue: 0,0:04:10.41,0:04:15.13,Default,,0000,0000,0000,,very encrypted. It has some secret, some\Nshared string, we didn’t understand.
Dialogue: 0,0:04:15.13,0:04:20.71,Default,,0000,0000,0000,,But possibly this congress\Nwe will look into it.
Dialogue: 0,0:04:20.71,0:04:23.87,Default,,0000,0000,0000,,Okay, then there’s cars. I’m not\Nsure, who read this message that
Dialogue: 0,0:04:23.87,0:04:29.85,Default,,0000,0000,0000,,Tesla had a big app hack? Nobody? Oh.\NI thought, everybody read it because
Dialogue: 0,0:04:29.85,0:04:35.78,Default,,0000,0000,0000,,it even was on Heise. And it obviously is\Na very big vulnerability, Elon Musk has
Dialogue: 0,0:04:35.78,0:04:39.94,Default,,0000,0000,0000,,to get better on this and\Neverybody’s stealing these things…
Dialogue: 0,0:04:39.94,0:04:47.26,Default,,0000,0000,0000,,how are they called…\Noh yeah, these ‘smart cars’.
Dialogue: 0,0:04:47.26,0:04:50.75,Default,,0000,0000,0000,,And they even have colors! So who\Nwouldn’t want to steal one of those?
Dialogue: 0,0:04:50.75,0:04:53.76,Default,,0000,0000,0000,,{\i1}laughter{\i0}
Dialogue: 0,0:04:53.76,0:04:59.13,Default,,0000,0000,0000,,The bad news is actually that wasn’t\Nreally a hack. What they showed is
Dialogue: 0,0:04:59.13,0:05:03.98,Default,,0000,0000,0000,,that the app is able to start the car.\NThat’s in the manual.
Dialogue: 0,0:05:03.98,0:05:09.60,Default,,0000,0000,0000,,So what they told is: “Yeah, but if I hack\Nyour phone I can start your car!”
Dialogue: 0,0:05:09.60,0:05:13.79,Default,,0000,0000,0000,,Then they realized, “Oh, you also need the\Npassword because for starting the car
Dialogue: 0,0:05:13.79,0:05:17.76,Default,,0000,0000,0000,,the app actually asks for the password\Nagain.” – “Yeah but if I hack your phone
Dialogue: 0,0:05:17.76,0:05:21.07,Default,,0000,0000,0000,,I can install a fake app that asks for\Nthe password; and if you enter it
Dialogue: 0,0:05:21.07,0:05:24.74,Default,,0000,0000,0000,,I can steal your car!” – Oh, surprise!\N{\i1}laughter{\i0}
Dialogue: 0,0:05:24.74,0:05:27.98,Default,,0000,0000,0000,,I mean this is not the kind of hacking\Nwe’re talking about. And they then
Dialogue: 0,0:05:27.98,0:05:32.90,Default,,0000,0000,0000,,suggested the app should be more\Nprotected against reverse engineering.
Dialogue: 0,0:05:32.90,0:05:38.80,Default,,0000,0000,0000,,What would that change in this aspect?\NI can create a fake app without even
Dialogue: 0,0:05:38.80,0:05:42.84,Default,,0000,0000,0000,,decompiling the original one. So,\Nof course if you don’t have security
Dialogue: 0,0:05:42.84,0:05:46.44,Default,,0000,0000,0000,,on your phone working, if you install\Napps that are not secure your data
Dialogue: 0,0:05:46.44,0:05:50.98,Default,,0000,0000,0000,,is not secure, and your Teslas get stolen.\NBut I didn’t see anything in this ‘hack’
Dialogue: 0,0:05:50.98,0:05:56.62,Default,,0000,0000,0000,,actually being a hack.\NSo, while talking about…
Dialogue: 0,0:05:56.62,0:06:01.18,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:06:01.18,0:06:04.03,Default,,0000,0000,0000,,Spare your applause for this one!
Dialogue: 0,0:06:04.03,0:06:08.28,Default,,0000,0000,0000,,Talking about obfuscation. That’s really\Na thing some people understand differently
Dialogue: 0,0:06:08.28,0:06:13.52,Default,,0000,0000,0000,,than I do. I try to say [to] people:\N“security by obscurity does not work!”
Dialogue: 0,0:06:13.52,0:06:18.08,Default,,0000,0000,0000,,So if you obfuscate your app, possibly\Nit slows down researchers like us.
Dialogue: 0,0:06:18.08,0:06:22.10,Default,,0000,0000,0000,,But the people doing that for money, who\Nwant to sell exploits, they will still put
Dialogue: 0,0:06:22.10,0:06:26.35,Default,,0000,0000,0000,,the energy into it. And sell their\Nexploits even more expensive.
Dialogue: 0,0:06:26.35,0:06:30.15,Default,,0000,0000,0000,,And the exploit will even be longer out\Nthere because the independent researchers
Dialogue: 0,0:06:30.15,0:06:34.37,Default,,0000,0000,0000,,won’t find the vulnerabilities that fast.\NThe idea is: good crypto does not have
Dialogue: 0,0:06:34.37,0:06:39.89,Default,,0000,0000,0000,,to be secret to be secure. So, no, please\Ndon’t obfuscate your apps better.
Dialogue: 0,0:06:39.89,0:06:44.63,Default,,0000,0000,0000,,Build your protocols better. But as said\Nbefore I didn’t see any aspects there
Dialogue: 0,0:06:44.63,0:06:48.49,Default,,0000,0000,0000,,in Tesla. Possibly they should make it\Nobvious that you can start the car with it
Dialogue: 0,0:06:48.49,0:06:50.78,Default,,0000,0000,0000,,and make it ‘disableable’, and\Nwhat… things like that, but
Dialogue: 0,0:06:50.78,0:06:55.23,Default,,0000,0000,0000,,it’s not a security issue. Okay.
Dialogue: 0,0:06:55.23,0:06:59.88,Default,,0000,0000,0000,,So let’s go back to locks. Because,\Nactually the talk is called “Lockpicking”.
Dialogue: 0,0:06:59.88,0:07:03.52,Default,,0000,0000,0000,,So what do these smart locks usually do?\NOf course they can be opened.
Dialogue: 0,0:07:03.52,0:07:07.74,Default,,0000,0000,0000,,Usually your… with your phone near your\Nlock you put something on the lock
Dialogue: 0,0:07:07.74,0:07:11.29,Default,,0000,0000,0000,,and communicate – the lock opens.\NOptionally you have to press
Dialogue: 0,0:07:11.29,0:07:16.09,Default,,0000,0000,0000,,something on the phone, so it’s\Na 2-step process to unlock,
Dialogue: 0,0:07:16.09,0:07:20.07,Default,,0000,0000,0000,,which is actually a quite good idea\Nbecause of some obvious scenarios
Dialogue: 0,0:07:20.07,0:07:24.01,Default,,0000,0000,0000,,which will work otherwise. Then – and\Nthis is different from normal locks –
Dialogue: 0,0:07:24.01,0:07:27.70,Default,,0000,0000,0000,,they can be shared to friends. It’s\Na big feature. They try to convince you
Dialogue: 0,0:07:27.70,0:07:31.88,Default,,0000,0000,0000,,why these smart locks are so smart.\NWhen I’m not at home I can send
Dialogue: 0,0:07:31.88,0:07:35.59,Default,,0000,0000,0000,,somebody the code, and give him the\Npossibility to open my bike shed
Dialogue: 0,0:07:35.59,0:07:41.36,Default,,0000,0000,0000,,for just one hour. Because I can, of\Ncourse, revoke that at time restrictions.
Dialogue: 0,0:07:41.36,0:07:44.77,Default,,0000,0000,0000,,So that’s what the big advantage is,\Ncompared to a traditional lock.
Dialogue: 0,0:07:44.77,0:07:49.46,Default,,0000,0000,0000,,Except, of course, it’s to be much more\Nsecure because you can’t pick it anymore.
Dialogue: 0,0:07:49.46,0:07:53.26,Default,,0000,0000,0000,,And then those obviously have some\Nfailsafe mode in case your phone breaks
Dialogue: 0,0:07:53.26,0:07:57.33,Default,,0000,0000,0000,,and whatever. You can enter a click code,\Nand can enter a code by some buttons
Dialogue: 0,0:07:57.33,0:08:01.77,Default,,0000,0000,0000,,or something to open it without the\Nphone. But that is nothing we’re going
Dialogue: 0,0:08:01.77,0:08:08.83,Default,,0000,0000,0000,,to look into today. So from these basic\Nideas, of course, there come some basic
Dialogue: 0,0:08:08.83,0:08:12.39,Default,,0000,0000,0000,,attack vectors. What I could\Ntry to do: I could try to bypass
Dialogue: 0,0:08:12.39,0:08:18.60,Default,,0000,0000,0000,,the sharing restrictions. So possibly\Ngo in a different time window.
Dialogue: 0,0:08:18.60,0:08:21.32,Default,,0000,0000,0000,,I could change the time on my phone,\Nprobably. Would that work?
Dialogue: 0,0:08:21.32,0:08:25.21,Default,,0000,0000,0000,,Things like that. Open the lock after\Nit was revoked. Of course then
Dialogue: 0,0:08:25.21,0:08:28.25,Default,,0000,0000,0000,,that’s what everybody thinks about when\Ntalking about Bluetooth: I could try
Dialogue: 0,0:08:28.25,0:08:32.83,Default,,0000,0000,0000,,to get the keys. From sniffing\Nsomebody’s Bluetooth LE connection.
Dialogue: 0,0:08:32.83,0:08:37.72,Default,,0000,0000,0000,,That’s something we’re going to do today.\NThen this is what I was talking about
Dialogue: 0,0:08:37.72,0:08:41.61,Default,,0000,0000,0000,,why the ‘2-button-press’ is a good idea.\NYou could relay opening codes.
Dialogue: 0,0:08:41.61,0:08:45.01,Default,,0000,0000,0000,,If you have the ‘instant-open’ feature\NI could approach you, pretend to be
Dialogue: 0,0:08:45.01,0:08:48.55,Default,,0000,0000,0000,,your lock, your phone sends me an OPEN\Ncommand, I could relay it to your lock,
Dialogue: 0,0:08:48.55,0:08:52.56,Default,,0000,0000,0000,,completely somewhere else, and it would\Nopen. So I think this is something
Dialogue: 0,0:08:52.56,0:08:56.89,Default,,0000,0000,0000,,you can’t really stop except with\Nsome very tricky mechanisms.
Dialogue: 0,0:08:56.89,0:09:01.51,Default,,0000,0000,0000,,Possibly ‘timing’ or some… things like\Nthat. So this ‘instant open’ feature
Dialogue: 0,0:09:01.51,0:09:07.39,Default,,0000,0000,0000,,is possibly not the best idea. Then\Nwe have the option to attack the lock
Dialogue: 0,0:09:07.39,0:09:13.64,Default,,0000,0000,0000,,or app software directly. I mean, it’s\Nsoftware. So it will have buffer overflows.
Dialogue: 0,0:09:13.64,0:09:18.24,Default,,0000,0000,0000,,It might have other weaknesses. It could\Njust do not verify some things. If I tell
Dialogue: 0,0:09:18.24,0:09:21.96,Default,,0000,0000,0000,,I’m another person - does it really check\Nif I have the rights, and everything?
Dialogue: 0,0:09:21.96,0:09:26.89,Default,,0000,0000,0000,,But this is something – I think the only\Nthing – I don’t have in this talk today.
Dialogue: 0,0:09:26.89,0:09:33.29,Default,,0000,0000,0000,,Because the other methods\Nworked already. Okay.
Dialogue: 0,0:09:33.29,0:09:38.34,Default,,0000,0000,0000,,Going to look at the hardware.\NSo, basically, if you’re
Dialogue: 0,0:09:38.34,0:09:43.03,Default,,0000,0000,0000,,a lockpicker or some other reverse-\Nengineer, if you get a new hardware
Dialogue: 0,0:09:43.03,0:09:45.83,Default,,0000,0000,0000,,you want to take it apart. If you\Ncan’t take it apart, you can’t open it
Dialogue: 0,0:09:45.83,0:09:49.98,Default,,0000,0000,0000,,you don’t own it. And here’s – if you\Nwant to do it yourself – these tips
Dialogue: 0,0:09:49.98,0:09:54.72,Default,,0000,0000,0000,,how to open it. The NOKE is very nicely\Nbuilt. When you have legally or
Dialogue: 0,0:09:54.72,0:09:58.47,Default,,0000,0000,0000,,legitimately unlocked your NOKE you can\Ndisassemble it without doing any damage
Dialogue: 0,0:09:58.47,0:10:03.04,Default,,0000,0000,0000,,to it. [You] just need a screw driver and\Nit completely comes apart. Very nice design.
Dialogue: 0,0:10:03.04,0:10:06.72,Default,,0000,0000,0000,,The Master Lock – you have to\Ndrill out 4 rivets. This is a bit sad
Dialogue: 0,0:10:06.72,0:10:11.25,Default,,0000,0000,0000,,because after that it won’t be a very good\Nlock anymore. But it’s not a problem
Dialogue: 0,0:10:11.25,0:10:15.75,Default,,0000,0000,0000,,because it isn’t before,\Nfrom my experience.
Dialogue: 0,0:10:15.75,0:10:20.76,Default,,0000,0000,0000,,{\i1}applause and some laughter{\i0}
Dialogue: 0,0:10:20.76,0:10:25.09,Default,,0000,0000,0000,,And then there’s the Dog & Bone lock,\Nwhich is a lock I just got recently.
Dialogue: 0,0:10:25.09,0:10:28.69,Default,,0000,0000,0000,,Its a little bit tricky to open but you\Ndon’t have to do a lot of damage.
Dialogue: 0,0:10:28.69,0:10:32.36,Default,,0000,0000,0000,,If you have it opened you can pull out\Na pin in the back – thank Jan (?)
Dialogue: 0,0:10:32.36,0:10:36.13,Default,,0000,0000,0000,,for finding that out. And then you can\Nremove screws and it really comes apart
Dialogue: 0,0:10:36.13,0:10:40.42,Default,,0000,0000,0000,,nicely. So how do these locks\Nlook, now? This is the NOKE.
Dialogue: 0,0:10:40.42,0:10:45.59,Default,,0000,0000,0000,,So basically you see a PCB, you\Nsee a normal lock body like here,
Dialogue: 0,0:10:45.59,0:10:49.72,Default,,0000,0000,0000,,with a shackle. There’s a motor at the\NPCB. The motor turns some locking element
Dialogue: 0,0:10:49.72,0:10:53.26,Default,,0000,0000,0000,,in here. And if it’s in the right position\Nthe lock opens. For the NOKE there’s
Dialogue: 0,0:10:53.26,0:10:59.08,Default,,0000,0000,0000,,a very nice paper by the SSDeV member\NMichael Hübler. I have a link at the end
Dialogue: 0,0:10:59.08,0:11:05.90,Default,,0000,0000,0000,,of the presentation.\NAnd neither he nor me did find
Dialogue: 0,0:11:05.90,0:11:11.54,Default,,0000,0000,0000,,any mechanical bypasses for that lock.\NSo the mechanics look okay.
Dialogue: 0,0:11:11.54,0:11:15.68,Default,,0000,0000,0000,,Then there’s the Master Lock. It is very\Nsimilar, but I have to say they invented
Dialogue: 0,0:11:15.68,0:11:20.89,Default,,0000,0000,0000,,this mechanism with the motor in this\Nlocking element first. It has 4 buttons
Dialogue: 0,0:11:20.89,0:11:26.64,Default,,0000,0000,0000,,on the PCB which you can use to enter\Na code. Has 2 CPUs, pretty standard design.
Dialogue: 0,0:11:26.64,0:11:31.60,Default,,0000,0000,0000,,And here are the rivets you have\Nto drill out to make it open.
Dialogue: 0,0:11:31.60,0:11:36.67,Default,,0000,0000,0000,,The Dog & Bone is a little bit more\Nclumsy. It’s a bigger lock. It comes apart
Dialogue: 0,0:11:36.67,0:11:41.90,Default,,0000,0000,0000,,in quite some pieces. What I really liked\Nwas that motor with that gear box. I think
Dialogue: 0,0:11:41.90,0:11:47.36,Default,,0000,0000,0000,,it’s like 1:2000 or something. So it\Nreally gets a lot of power from the
Dialogue: 0,0:11:47.36,0:11:53.78,Default,,0000,0000,0000,,very small motor. So what does it do with\Nit? It turns this element, and this element
Dialogue: 0,0:11:53.78,0:11:59.26,Default,,0000,0000,0000,,retracts these 2 spring loaded locking\Nelements which are locking the shackle.
Dialogue: 0,0:11:59.26,0:12:05.10,Default,,0000,0000,0000,,If you’re a lockpicker you will ask:\N“Spring loaded? Seriously?
Dialogue: 0,0:12:05.10,0:12:09.55,Default,,0000,0000,0000,,Have you ever heard about the term\N‘Shimming a lock’?” ‘Shimming a lock’
Dialogue: 0,0:12:09.55,0:12:16.18,Default,,0000,0000,0000,,is inserting some metal at the shackle,\Nand pushing back the springs.
Dialogue: 0,0:12:16.18,0:12:22.55,Default,,0000,0000,0000,,It’s a very standard method for padlocks\Nin the 5 Dollar range, I would say.
Dialogue: 0,0:12:22.55,0:12:26.67,Default,,0000,0000,0000,,Locks starting at 10..15 Dollars\Nor Euros or whatever, in that area
Dialogue: 0,0:12:26.67,0:12:32.34,Default,,0000,0000,0000,,usually can’t be shimmed anymore.\NWhen I opened the Dog & Bone lock
Dialogue: 0,0:12:32.34,0:12:36.01,Default,,0000,0000,0000,,I instantly realized: it’s\Nspring loaded, it is shimmable.
Dialogue: 0,0:12:36.01,0:12:40.48,Default,,0000,0000,0000,,A short search on Google\Nfound out that Mr. Locksmith,
Dialogue: 0,0:12:40.48,0:12:43.46,Default,,0000,0000,0000,,a lockpicker from the U.S. who\Ndoes some good Youtube videos,
Dialogue: 0,0:12:43.46,0:12:48.04,Default,,0000,0000,0000,,found [that] out months before.\NAnd of course, it’s shimmable!
Dialogue: 0,0:12:48.04,0:12:52.25,Default,,0000,0000,0000,,You put in some thin metal sheets\N– he built them from a cutaway
Dialogue: 0,0:12:52.25,0:12:56.19,Default,,0000,0000,0000,,of a soda can, puts them\Nin and the lock opens.
Dialogue: 0,0:12:56.19,0:13:01.52,Default,,0000,0000,0000,,But this is not a 5 Dollar lock. This is\Nan 80..100 Dollar Bluetooth padlock.
Dialogue: 0,0:13:01.52,0:13:05.99,Default,,0000,0000,0000,,And you shim it with cut metal.\NOkay. No need to go into
Dialogue: 0,0:13:05.99,0:13:11.52,Default,,0000,0000,0000,,the Bluetooth Low Energy for that one.\N{\i1}laughter{\i0}
Dialogue: 0,0:13:11.52,0:13:15.59,Default,,0000,0000,0000,,And, as a small teaser: I also didn’t\Nsay there’s no mechanical bypass
Dialogue: 0,0:13:15.59,0:13:18.86,Default,,0000,0000,0000,,for the Master Locks. But\Nwe’ll come back to that.
Dialogue: 0,0:13:18.86,0:13:22.27,Default,,0000,0000,0000,,Okay. The electronics. This is the\Nelectronics of the NOKE. Basically
Dialogue: 0,0:13:22.27,0:13:26.24,Default,,0000,0000,0000,,you see there’s one CPU, and something\Nthat’s called an ‘H bridge’ which is
Dialogue: 0,0:13:26.24,0:13:31.57,Default,,0000,0000,0000,,used to control a motor. All the rest\Nis pretty standard electronics, so,
Dialogue: 0,0:13:31.57,0:13:36.79,Default,,0000,0000,0000,,very simple design.\NThe Master Lock has 2 CPUs,
Dialogue: 0,0:13:36.79,0:13:41.87,Default,,0000,0000,0000,,has the buttons on the PCB,\Nalso quite simple electronics.
Dialogue: 0,0:13:41.87,0:13:45.79,Default,,0000,0000,0000,,And this is the MCUs. The interesting\Nthing I see is there’s a very common chip.
Dialogue: 0,0:13:45.79,0:13:50.47,Default,,0000,0000,0000,,It’s the Nordic nRF51822.\NI find it basically everywhere.
Dialogue: 0,0:13:50.47,0:13:54.25,Default,,0000,0000,0000,,It’s in light bulbs, it’s\Nin 3 of the locks I have here.
Dialogue: 0,0:13:54.25,0:13:58.28,Default,,0000,0000,0000,,Or 4, if you count the Ivation\Nand Nathlock [not] as the same.
Dialogue: 0,0:13:58.28,0:14:01.46,Default,,0000,0000,0000,,Only the Master Lock\Nuses MSP430, which is…
Dialogue: 0,0:14:01.46,0:14:08.60,Default,,0000,0000,0000,,The nRF is a… basically ARM core.\NThe MSP430 is a much smaller chip,
Dialogue: 0,0:14:08.60,0:14:13.03,Default,,0000,0000,0000,,it’s from Texas Instruments, and it’s\Na very low power consumption chip.
Dialogue: 0,0:14:13.03,0:14:18.66,Default,,0000,0000,0000,,It was also used in the previous\Nnon-Bluetooth LE electronic lock.
Dialogue: 0,0:14:18.66,0:14:22.50,Default,,0000,0000,0000,,But it’s basically also a normal\Nmicrocontroller, and you can program it.
Dialogue: 0,0:14:22.50,0:14:27.28,Default,,0000,0000,0000,,So, program it. That means you can\Njust use any ARM Flash board.
Dialogue: 0,0:14:27.28,0:14:32.46,Default,,0000,0000,0000,,I used the ST-Link interface from an\NSTM32 dev board we had in our hackerspace.
Dialogue: 0,0:14:32.46,0:14:38.18,Default,,0000,0000,0000,,And interfaced it to the chip\Nof the NOKE padlock here.
Dialogue: 0,0:14:38.18,0:14:41.90,Default,,0000,0000,0000,,So e.g. using OpenOCD, but…\Nthere are different tool chains (?) but
Dialogue: 0,0:14:41.90,0:14:46.71,Default,,0000,0000,0000,,this is one where you find some info on\Nthe internet, how to use it with the nRF.
Dialogue: 0,0:14:46.71,0:14:50.20,Default,,0000,0000,0000,,Using OpenOCD you get an\Ninterface to connect to the chip,
Dialogue: 0,0:14:50.20,0:14:54.54,Default,,0000,0000,0000,,and then you can issue commands\Nlike ‘Probe the Flash in it’;
Dialogue: 0,0:14:54.54,0:14:58.33,Default,,0000,0000,0000,,you could read the Flash, you\Ncould write a new firmware to it,
Dialogue: 0,0:14:58.33,0:15:01.82,Default,,0000,0000,0000,,and stuff like that.
Dialogue: 0,0:15:01.82,0:15:06.20,Default,,0000,0000,0000,,With the old Master dialSpeed padlock\Nwhich is pre-Bluetooth-LE but
Dialogue: 0,0:15:06.20,0:15:10.60,Default,,0000,0000,0000,,already electronic, a few years ago,\NI think 4 years ago we presented
Dialogue: 0,0:15:10.60,0:15:14.38,Default,,0000,0000,0000,,about that one, that was not read\Nprotected, you could change the firmware,
Dialogue: 0,0:15:14.38,0:15:18.47,Default,,0000,0000,0000,,you could actually get the codes from\Nreading the flash, and you could access
Dialogue: 0,0:15:18.47,0:15:22.40,Default,,0000,0000,0000,,the Flash content without opening\Nthe lock. So that was really funny.
Dialogue: 0,0:15:22.40,0:15:25.54,Default,,0000,0000,0000,,Not usable as a lock, but I re-flashed\Nit to a Simon Says style game where
Dialogue: 0,0:15:25.54,0:15:30.79,Default,,0000,0000,0000,,you have to repeat the sequence it shows\Nyou. Funny lock for your hackerspace.
Dialogue: 0,0:15:30.79,0:15:33.31,Default,,0000,0000,0000,,Unfortunately, or fortunately…\NNo, I would say ‘unfortunately’,
Dialogue: 0,0:15:33.31,0:15:36.81,Default,,0000,0000,0000,,the NOKE firmware was read protected.\NBecause there’s no need for it.
Dialogue: 0,0:15:36.81,0:15:40.37,Default,,0000,0000,0000,,The NOKE firmware Flash ports can’t\Nbe accessed without opening the lock.
Dialogue: 0,0:15:40.37,0:15:44.18,Default,,0000,0000,0000,,So you don’t lock somebody out\Nby read protecting it, except for
Dialogue: 0,0:15:44.18,0:15:48.04,Default,,0000,0000,0000,,the legitimate owner. But okay, it was\Nread protected, and I was saying: “Oh,
Dialogue: 0,0:15:48.04,0:15:52.04,Default,,0000,0000,0000,,decompiling firmware, that’s hard\Nwork anyway, let’s skip that one.”
Dialogue: 0,0:15:52.04,0:15:55.15,Default,,0000,0000,0000,,But of course you could use these flash\Ninterfaces to write own firmwares
Dialogue: 0,0:15:55.15,0:15:58.71,Default,,0000,0000,0000,,to these locks. Possibly make them open\Nsource one day. Or do something else.
Dialogue: 0,0:15:58.71,0:16:03.05,Default,,0000,0000,0000,,Or just use them as cool dev\Nboards. With some actors on it.
Dialogue: 0,0:16:03.05,0:16:08.56,Default,,0000,0000,0000,,So, let’s go for the first\Ninteresting thing, I would say.
Dialogue: 0,0:16:08.56,0:16:13.57,Default,,0000,0000,0000,,The communication with the ‘Cloud’.
Dialogue: 0,0:16:21.90,0:16:24.87,Default,,0000,0000,0000,,So your phone speaks to some servers\Nwhich is provided by the vendor
Dialogue: 0,0:16:24.87,0:16:30.12,Default,,0000,0000,0000,,of your hardware usually. And\Nit’s usually a TLS encrypted link
Dialogue: 0,0:16:30.12,0:16:36.14,Default,,0000,0000,0000,,using HTTP. Over this link the application\Non your phone sends login data,
Dialogue: 0,0:16:36.14,0:16:39.98,Default,,0000,0000,0000,,gets back from the cloud the information\Nabout the lock. So you can install
Dialogue: 0,0:16:39.98,0:16:42.82,Default,,0000,0000,0000,,your app on a new phone, enter your\Nlogin credentials and instantly use
Dialogue: 0,0:16:42.82,0:16:47.38,Default,,0000,0000,0000,,all your locks. Or the locks that were\Nshared to you. Usually these apps also
Dialogue: 0,0:16:47.38,0:16:51.04,Default,,0000,0000,0000,,send events to the cloud, when you open\Nyour locks. So if you share the lock
Dialogue: 0,0:16:51.04,0:16:55.17,Default,,0000,0000,0000,,with someone you can see on your other\Nphone that he opened it, and possibly
Dialogue: 0,0:16:55.17,0:16:59.71,Default,,0000,0000,0000,,where he opened it. And things like that.\NAnd of course also data is edited,
Dialogue: 0,0:16:59.71,0:17:04.67,Default,,0000,0000,0000,,if you add a new code to it or something.\NSo this is sent over the link.
Dialogue: 0,0:17:04.67,0:17:09.19,Default,,0000,0000,0000,,So, some people would say: “Oh,\Nbut TLS encryption is secure, isn’t it?”
Dialogue: 0,0:17:09.19,0:17:13.05,Default,,0000,0000,0000,,Of course, usually it is. There are flaws\Nwhich you hear about from time to time
Dialogue: 0,0:17:13.05,0:17:17.09,Default,,0000,0000,0000,,at these conferences. But that’s not the\Nproblem here. The problem is – but
Dialogue: 0,0:17:17.09,0:17:20.54,Default,,0000,0000,0000,,it’s not a problem, it’s nice for us\Nresearchers – you own the phone
Dialogue: 0,0:17:20.54,0:17:25.70,Default,,0000,0000,0000,,with the app. You control the app. You can\Neven modify the app. But owning the phone
Dialogue: 0,0:17:25.70,0:17:29.89,Default,,0000,0000,0000,,you control the TLS trust store,\Nwith the certificate authorities. So
Dialogue: 0,0:17:29.89,0:17:35.77,Default,,0000,0000,0000,,you can install a new CA and trust your\Nown servers. People could try to
Dialogue: 0,0:17:35.77,0:17:39.70,Default,,0000,0000,0000,,prevent this using key pinning in the app.\NBut, again, you also control the app.
Dialogue: 0,0:17:39.70,0:17:43.56,Default,,0000,0000,0000,,You can change the app, you can remove\Nthe key pinning. So, basically, breaking
Dialogue: 0,0:17:43.56,0:17:47.65,Default,,0000,0000,0000,,into this TLS is something the vendor\Nhas to expect. It’s your device,
Dialogue: 0,0:17:47.65,0:17:51.94,Default,,0000,0000,0000,,it’s your communication. You can\Nlisten to it. So, and the nice thing
Dialogue: 0,0:17:51.94,0:17:55.53,Default,,0000,0000,0000,,– and this is what I’m trying to tell all\Nof you here in this talk – these things
Dialogue: 0,0:17:55.53,0:17:58.84,Default,,0000,0000,0000,,are not difficult. There are nice\Navailable tools; and if you have some apps
Dialogue: 0,0:17:58.84,0:18:03.52,Default,,0000,0000,0000,,which do some things you want to know –\Ninstall such a tool, watch your app doing
Dialogue: 0,0:18:03.52,0:18:07.60,Default,,0000,0000,0000,,transferring data, and look what your\Napps actually communicate. Actually it’s
Dialogue: 0,0:18:07.60,0:18:11.89,Default,,0000,0000,0000,,quite interesting to see what your phone\Ncommunicates to Google all the time.
Dialogue: 0,0:18:11.89,0:18:15.53,Default,,0000,0000,0000,,I realized it: one of these apps is\Ntelling Facebook when I started,
Dialogue: 0,0:18:15.53,0:18:21.76,Default,,0000,0000,0000,,every time. What the Fuck?? But you easily\Nsee it. What you do is you install e.g.
Dialogue: 0,0:18:21.76,0:18:25.62,Default,,0000,0000,0000,,mitmproxy, it’s a small hell of Python\Ndependencies, but it’s usually installable
Dialogue: 0,0:18:25.62,0:18:29.22,Default,,0000,0000,0000,,on a Linux, and even on a Mac machine.\NHaven’t tried it on Windows but
Dialogue: 0,0:18:29.22,0:18:33.24,Default,,0000,0000,0000,,I’m pretty sure there’s options for that.\NAnd you install it as a web proxy, so,
Dialogue: 0,0:18:33.24,0:18:37.63,Default,,0000,0000,0000,,you change the internet connection of your\Nphone, and say: “Oh, this Wi-Fi has to use
Dialogue: 0,0:18:37.63,0:18:43.58,Default,,0000,0000,0000,,a proxy, enter the IP of your proxy…”\NAnd mitmproxy creates fake certificates
Dialogue: 0,0:18:43.58,0:18:47.41,Default,,0000,0000,0000,,on the fly. So whatever side you access\Nit creates a new certificate looking
Dialogue: 0,0:18:47.41,0:18:52.00,Default,,0000,0000,0000,,the same, signs it with the fake CA, and\Nyou can install the fake CA just
Dialogue: 0,0:18:52.00,0:18:55.77,Default,,0000,0000,0000,,by going to http://mitm.it/\NSo, man-in-the-middle it.
Dialogue: 0,0:18:55.77,0:18:59.18,Default,,0000,0000,0000,,And there’s a link to install a fake CA\Non your phone. So that’s actually really
Dialogue: 0,0:18:59.18,0:19:03.64,Default,,0000,0000,0000,,[done] in, like, 5..10 minutes, with\Ncompiling of the Python stuff 15 minutes,
Dialogue: 0,0:19:03.64,0:19:07.40,Default,,0000,0000,0000,,and you have a working man-in-the-middle\Nsetup and can watch your communication.
Dialogue: 0,0:19:07.40,0:19:11.39,Default,,0000,0000,0000,,This is what the app looks like. So\Nwe see here a few POST requests
Dialogue: 0,0:19:11.39,0:19:17.13,Default,,0000,0000,0000,,to the NOKE app. We get replies;\Nactually we see funny 403’s here.
Dialogue: 0,0:19:17.13,0:19:21.25,Default,,0000,0000,0000,,I’m not sure why it’s doing that. But\Nokay. But this is what the NOKE app
Dialogue: 0,0:19:21.25,0:19:25.16,Default,,0000,0000,0000,,does on startup. And of course we can\Nnot just see the requests, we can look
Dialogue: 0,0:19:25.16,0:19:30.18,Default,,0000,0000,0000,,into the request itself. And it’s e.g.\Na good way to recover your password.
Dialogue: 0,0:19:30.18,0:19:34.60,Default,,0000,0000,0000,,Possibly I should have blurred it here.\NSo if you have forgotten your password
Dialogue: 0,0:19:34.60,0:19:38.53,Default,,0000,0000,0000,,you just sniff your communication. It\Nalso works for your Play Store password,
Dialogue: 0,0:19:38.53,0:19:43.46,Default,,0000,0000,0000,,usually. Usually they use a token\Nbut some time it’s renewed.
Dialogue: 0,0:19:43.46,0:19:46.71,Default,,0000,0000,0000,,So every app that has a password\Nand sends it to the cloud – you can
Dialogue: 0,0:19:46.71,0:19:53.37,Default,,0000,0000,0000,,recover it with that. And from\Nthis login you get data back.
Dialogue: 0,0:19:53.37,0:19:57.28,Default,,0000,0000,0000,,And in the NOKE app it’s\Nusually done like I send
Dialogue: 0,0:19:57.28,0:20:00.05,Default,,0000,0000,0000,,login, with user and password,\Nand I get a token back.
Dialogue: 0,0:20:00.05,0:20:02.92,Default,,0000,0000,0000,,And then all following your request\NI just have to send this token, and
Dialogue: 0,0:20:02.92,0:20:08.53,Default,,0000,0000,0000,,then I’m authenticated. So that’s\Nan okay mechanism I would say.
Dialogue: 0,0:20:08.53,0:20:11.46,Default,,0000,0000,0000,,So. What do we get also? We\Nhave a GETLOCKS key, and
Dialogue: 0,0:20:11.46,0:20:15.08,Default,,0000,0000,0000,,when we call ‘getlocks’ we get\Nthe information about our locks.
Dialogue: 0,0:20:15.08,0:20:18.58,Default,,0000,0000,0000,,So this basically is an ID of the lock.\NThis is a lock key. There’s something
Dialogue: 0,0:20:18.58,0:20:22.10,Default,,0000,0000,0000,,to remember: 0137 – we’ll see that later.
Dialogue: 0,0:20:22.10,0:20:25.20,Default,,0000,0000,0000,,You see the MAC of the lock,\Nyou see a picture URL
Dialogue: 0,0:20:25.20,0:20:29.00,Default,,0000,0000,0000,,where the application shows me\Nthe lock – if I have multiple locks
Dialogue: 0,0:20:29.00,0:20:34.06,Default,,0000,0000,0000,,I can assign different pictures\Nto it. And this is a quick open code
Dialogue: 0,0:20:34.06,0:20:37.11,Default,,0000,0000,0000,,where I can push on the\Nshackle to open this lock.
Dialogue: 0,0:20:37.11,0:20:40.59,Default,,0000,0000,0000,,So this is all no hacking because\Nthis data I’m supposed to know.
Dialogue: 0,0:20:40.59,0:20:44.24,Default,,0000,0000,0000,,It’s my lock, I can know the information,\Nthen it’s not a big problem.
Dialogue: 0,0:20:44.24,0:20:47.87,Default,,0000,0000,0000,,But it’s interesting to see what it’s\Ndoing to understand how it’s working.
Dialogue: 0,0:20:47.87,0:20:50.88,Default,,0000,0000,0000,,Then we have the next\Nthing, the ‘shared locks’.
Dialogue: 0,0:20:50.88,0:20:55.69,Default,,0000,0000,0000,,This is more interesting, possibly because\NI see: “Oh, I’m allowed to use it all day,
Dialogue: 0,0:20:55.69,0:20:59.17,Default,,0000,0000,0000,,starting at that day,\Nstarting at that time,
Dialogue: 0,0:20:59.17,0:21:03.99,Default,,0000,0000,0000,,ending at that date, at that time”.\NAnd this lock has a key,
Dialogue: 0,0:21:03.99,0:21:08.47,Default,,0000,0000,0000,,and there’s another key.\NAnd another MAC.
Dialogue: 0,0:21:08.47,0:21:12.76,Default,,0000,0000,0000,,So, the nice thing is, the\Nlock does not have a time.
Dialogue: 0,0:21:12.76,0:21:16.58,Default,,0000,0000,0000,,The lock does not know\Nwhen I’m allowed to open it.
Dialogue: 0,0:21:16.58,0:21:21.52,Default,,0000,0000,0000,,So all I need is this key. And the nice\Nthing also is I don’t have to manipulate
Dialogue: 0,0:21:21.52,0:21:27.05,Default,,0000,0000,0000,,the app in any way. I can use Mitmproxy\Nto change the data on the fly.
Dialogue: 0,0:21:27.05,0:21:33.26,Default,,0000,0000,0000,,So I just tell Mitmproxy,\Nplease change 2016 to 2066,
Dialogue: 0,0:21:33.26,0:21:36.83,Default,,0000,0000,0000,,then the reply comes back, and then the\NNOKE app thinks “Oh, he’s still allowed
Dialogue: 0,0:21:36.83,0:21:42.42,Default,,0000,0000,0000,,to use that”. Of course the NOKE people\Nwere clever and do an online check.
Dialogue: 0,0:21:42.42,0:21:47.16,Default,,0000,0000,0000,,Which actually means you can only\Nunlock a lock if you have a shared lock.
Dialogue: 0,0:21:47.16,0:21:50.64,Default,,0000,0000,0000,,Your own lock you can use offline. But a\Nshared lock you can only use when you
Dialogue: 0,0:21:50.64,0:21:55.47,Default,,0000,0000,0000,,have internet. Not good if it’s the cellar\Nor something. But it does an online check,
Dialogue: 0,0:21:55.47,0:22:01.61,Default,,0000,0000,0000,,it asks: “Can unlock?” and the cloud\Nanswers: “Yes, success, can unlock”.
Dialogue: 0,0:22:01.61,0:22:06.92,Default,,0000,0000,0000,,Of course I can also fake that! So this\Nis completely bogus; it’s unnecessary
Dialogue: 0,0:22:06.92,0:22:09.92,Default,,0000,0000,0000,,to be online. I could do it offline. If\NI want to hack the lock I can do it
Dialogue: 0,0:22:09.92,0:22:14.51,Default,,0000,0000,0000,,in the cellar. Only the legitimate\Nuser has to be online.
Dialogue: 0,0:22:14.51,0:22:21.76,Default,,0000,0000,0000,,So the sharing feature of the NOKE already\Nis broken just with the Mitmproxy tool.
Dialogue: 0,0:22:21.76,0:22:27.67,Default,,0000,0000,0000,,Really, that’s not big hacking. They\Ncould have thought about that. But okay.
Dialogue: 0,0:22:27.67,0:22:33.58,Default,,0000,0000,0000,,So, once somebody shares\Na lock to you, a NOKE to you,
Dialogue: 0,0:22:33.58,0:22:36.77,Default,,0000,0000,0000,,you have this key and you can\Nuse this key from then forever on.
Dialogue: 0,0:22:36.77,0:22:43.23,Default,,0000,0000,0000,,Using the original app. That’s the nice\Nthing. You don’t have to change it.
Dialogue: 0,0:22:43.23,0:22:47.66,Default,,0000,0000,0000,,One thing which is positive about the\Narchitecture here, the key that they use
Dialogue: 0,0:22:47.66,0:22:51.75,Default,,0000,0000,0000,,for sharing is a different key than you\Nhave to operate your lock. That means
Dialogue: 0,0:22:51.75,0:22:56.86,Default,,0000,0000,0000,,with this sharing key I can not\Nmodify the lock. I can’t re-key it,
Dialogue: 0,0:22:56.86,0:23:02.05,Default,,0000,0000,0000,,or change the click code, or things\Nlike that. So I just can open it.
Dialogue: 0,0:23:02.05,0:23:06.89,Default,,0000,0000,0000,,And they have an option to change the\Nkey of the lock. So I can go to my lock
Dialogue: 0,0:23:06.89,0:23:12.30,Default,,0000,0000,0000,,and say “Re-key!”, and the they do a new\Nkey. But for that I have to go to my lock.
Dialogue: 0,0:23:12.30,0:23:16.03,Default,,0000,0000,0000,,So that’s nothing if I share the lock to\Nyou from Congress, and the lock is
Dialogue: 0,0:23:16.03,0:23:22.06,Default,,0000,0000,0000,,somewhere in… Salzburg! Then that\Ndoesn’t work. So not really helping.
Dialogue: 0,0:23:22.06,0:23:25.55,Default,,0000,0000,0000,,Possibly one time keys or something like\Nthat would be a better option, or just
Dialogue: 0,0:23:25.55,0:23:29.82,Default,,0000,0000,0000,,some challenge/response mechanism.\NIf you have to be online, why not.
Dialogue: 0,0:23:29.82,0:23:34.39,Default,,0000,0000,0000,,But that’s something for the future.\NCurrently lock sharing is not very secure,
Dialogue: 0,0:23:34.39,0:23:39.77,Default,,0000,0000,0000,,and I would advise you to keep that in\Nmind when you use the Sharing feature.
Dialogue: 0,0:23:39.77,0:23:44.07,Default,,0000,0000,0000,,Oh, regarding dumping firmware: as I said\Nbefore a firmware was not dumpable
Dialogue: 0,0:23:44.07,0:23:47.82,Default,,0000,0000,0000,,from the NOKE. The Dog & Bone I didn’t\Neven try to dump the firmware because
Dialogue: 0,0:23:47.82,0:23:52.38,Default,,0000,0000,0000,,it was shimmable. But they sent me\Nan URL in the CONNECT where I can
Dialogue: 0,0:23:52.38,0:23:58.51,Default,,0000,0000,0000,,download the firmware.\NAnd if you… {\i1}laughs{\i0}
Dialogue: 0,0:23:58.51,0:24:04.24,Default,,0000,0000,0000,,{\i1}laughter and applause{\i0}
Dialogue: 0,0:24:04.24,0:24:07.38,Default,,0000,0000,0000,,Again, I don’t consider this\Na vulnerability. I think if I own the lock
Dialogue: 0,0:24:07.38,0:24:11.01,Default,,0000,0000,0000,,I should be allowed to read the firmware.\NIf you download that it’s an actual
Dialogue: 0,0:24:11.01,0:24:15.34,Default,,0000,0000,0000,,hex dump of the firmware. It looks like\Ndirectly what you would flash on the chip.
Dialogue: 0,0:24:15.34,0:24:17.98,Default,,0000,0000,0000,,So if you want to do some firmware\Nreverse engineering that’s a very easy
Dialogue: 0,0:24:17.98,0:24:21.80,Default,,0000,0000,0000,,starting point to get the firmware from\Nthe internet, disassemble it, play with it,
Dialogue: 0,0:24:21.80,0:24:24.16,Default,,0000,0000,0000,,flash it possibly to your own dev\Nboard without even owning the lock,
Dialogue: 0,0:24:24.16,0:24:29.85,Default,,0000,0000,0000,,to play with it. Why not. Okay, so,\Nso much for the app communication.
Dialogue: 0,0:24:29.85,0:24:33.78,Default,,0000,0000,0000,,You can do quite a lot with it already.\NBut we want to go a little deeper.
Dialogue: 0,0:24:33.78,0:24:37.88,Default,,0000,0000,0000,,We want to go for the Bluetooth Low\NEnergy level. So the communication
Dialogue: 0,0:24:37.88,0:24:44.40,Default,,0000,0000,0000,,between my phone and my lock.\NOr my vibrator. Or whatever.
Dialogue: 0,0:24:44.40,0:24:49.38,Default,,0000,0000,0000,,So Bluetooth Low Energy is newer, but\Nactually easier to sniff than Bluetooth.
Dialogue: 0,0:24:49.38,0:24:53.24,Default,,0000,0000,0000,,There’s a talk called “With Low\NEnergy comes Low Security”
Dialogue: 0,0:24:53.24,0:24:57.60,Default,,0000,0000,0000,,if you want to have an introduction to\Nthat. You find it on Youtube. Basically,
Dialogue: 0,0:24:57.60,0:25:02.46,Default,,0000,0000,0000,,it has 3 security modes. But the most\Ncommon used are NON and ADHOC
Dialogue: 0,0:25:02.46,0:25:07.25,Default,,0000,0000,0000,,which is like almost none security. And\Nthe third one would be pairing with a code
Dialogue: 0,0:25:07.25,0:25:10.90,Default,,0000,0000,0000,,which is usually a 6-digit number.\NIf you listen to that pairing you also
Dialogue: 0,0:25:10.90,0:25:16.13,Default,,0000,0000,0000,,own everything. This improved with\NBluetooth Low Energy 4.2, or Bluetooth 4.2
Dialogue: 0,0:25:16.13,0:25:20.71,Default,,0000,0000,0000,,which includes a new Low Energy standard.\NBut this is not implemented very commonly
Dialogue: 0,0:25:20.71,0:25:25.33,Default,,0000,0000,0000,,today, and won’t be in the\Nvery near future. Because
Dialogue: 0,0:25:25.33,0:25:30.11,Default,,0000,0000,0000,,not so many devices support it. So for now\NBluetooth Low Energy is an easy target
Dialogue: 0,0:25:30.11,0:25:34.44,Default,,0000,0000,0000,,to get into research. There’s available\Ntools for it like the Ubertooth One
Dialogue: 0,0:25:34.44,0:25:38.80,Default,,0000,0000,0000,,by Mike Ossmann. The Adafruit\NBTLE sniffer for… very cheap.
Dialogue: 0,0:25:38.80,0:25:42.51,Default,,0000,0000,0000,,And you can build your own one by flashing\Na firmware available from Nordic
Dialogue: 0,0:25:42.51,0:25:46.83,Default,,0000,0000,0000,,directly to any dev board\Nwith this chip you have.
Dialogue: 0,0:25:46.83,0:25:50.61,Default,,0000,0000,0000,,So this is the hackerspace entry point.\NIf you have this stuff lying around…
Dialogue: 0,0:25:50.61,0:25:54.76,Default,,0000,0000,0000,,Otherwise I would recommend going\Nfor the Adafruit Sniffer. It’s orderable
Dialogue: 0,0:25:54.76,0:25:59.08,Default,,0000,0000,0000,,even in Europe, very easily.\NSo not a big problem.
Dialogue: 0,0:25:59.08,0:26:03.09,Default,,0000,0000,0000,,But the very cheap option is:\Nget a 3..5 Euros dev board
Dialogue: 0,0:26:03.09,0:26:06.59,Default,,0000,0000,0000,,like this from China,\Nuse your STM32 programmer.
Dialogue: 0,0:26:06.59,0:26:10.22,Default,,0000,0000,0000,,I have another board here which is\Na serial interface. But you could use
Dialogue: 0,0:26:10.22,0:26:15.43,Default,,0000,0000,0000,,your normal FTDI USB-to-Serial,\Nalso. And then this board
Dialogue: 0,0:26:15.43,0:26:21.56,Default,,0000,0000,0000,,is identical to the Adafruit Bluetooth\NLE Sniffer, for like 5 bucks.
Dialogue: 0,0:26:21.56,0:26:26.32,Default,,0000,0000,0000,,Okay. Talking about this research.\NThis is nothing nobody did before.
Dialogue: 0,0:26:26.32,0:26:31.16,Default,,0000,0000,0000,,Somebody like e.g. Rose & Ramsey did it at\NDEF CON and presented quite a nice talk
Dialogue: 0,0:26:31.16,0:26:36.84,Default,,0000,0000,0000,,where he analyzed a lot of locks. He had\Nlike 15 locks of it, and 12 of them broken.
Dialogue: 0,0:26:36.84,0:26:40.64,Default,,0000,0000,0000,,So it was really plain text passwords\Non the Bluetooth LE, for the Quicklock,
Dialogue: 0,0:26:40.64,0:26:45.19,Default,,0000,0000,0000,,iBluLock, Plantraco Phantomlock.\NI hope that’s correct.
Dialogue: 0,0:26:45.19,0:26:49.33,Default,,0000,0000,0000,,I don’t claim that to be true. But he told\N[it] in the talk. He found replay attacks
Dialogue: 0,0:26:49.33,0:26:53.86,Default,,0000,0000,0000,,on these locks. So you can just resend\Nthe same code that you saw before,
Dialogue: 0,0:26:53.86,0:26:57.19,Default,,0000,0000,0000,,even without understanding it. But he\Nstopped where it became interesting.
Dialogue: 0,0:26:57.19,0:27:01.68,Default,,0000,0000,0000,,And instead of that posted\Nthis slide. Which I hate.
Dialogue: 0,0:27:01.68,0:27:07.09,Default,,0000,0000,0000,,He wrote about uncracked locks. And\Nthe first one was the NOKE padlock.
Dialogue: 0,0:27:07.09,0:27:11.59,Default,,0000,0000,0000,,And for the time line: at that point\NI already had disclosed to NOKE
Dialogue: 0,0:27:11.59,0:27:16.47,Default,,0000,0000,0000,,our findings. Which you will see today.\NSo the NOKE company knew about
Dialogue: 0,0:27:16.47,0:27:20.72,Default,,0000,0000,0000,,the lock being completely broken on the\Ncrypto layer [at that time]. But they see
Dialogue: 0,0:27:20.72,0:27:24.21,Default,,0000,0000,0000,,this talk by Rose & Ramsey and post\Na blog post: “NOKE just one of the few
Dialogue: 0,0:27:24.21,0:27:30.46,Default,,0000,0000,0000,,Bluetooth locks to pass hacker testing”…\NSERIOUSLY?? They were notified!
Dialogue: 0,0:27:30.46,0:27:34.40,Default,,0000,0000,0000,,And they… we had active communication\Nabout them changing the crypto protocol.
Dialogue: 0,0:27:34.40,0:27:39.10,Default,,0000,0000,0000,,Possibly the social network people are\Nnot so close with the technical people.
Dialogue: 0,0:27:39.10,0:27:44.85,Default,,0000,0000,0000,,But okay. So, let’s crack it. Using the\NNordic Bluetooth LE sniffer firmware,
Dialogue: 0,0:27:44.85,0:27:48.68,Default,,0000,0000,0000,,which is… unfortunately the easiest way\Nto use is on Windows. But you can use it
Dialogue: 0,0:27:48.68,0:27:52.86,Default,,0000,0000,0000,,with Python also on Linux. And\NWireshark integration isn’t that nice…
Dialogue: 0,0:27:52.86,0:27:58.03,Default,,0000,0000,0000,,So if you have a Windows, or Windows\NVM it’s the more easy entry point.
Dialogue: 0,0:27:58.03,0:28:01.77,Default,,0000,0000,0000,,Here you have a text interface where\Nyou say: “I want to sniff to this device”,
Dialogue: 0,0:28:01.77,0:28:05.10,Default,,0000,0000,0000,,then you get a lot of lot of lot of packets\Nhere. Mostly ‘discovery, discovery, discovery’.
Dialogue: 0,0:28:05.10,0:28:09.16,Default,,0000,0000,0000,,You have to look for the bigger packets.\NThis was a bigger packet with some payload,
Dialogue: 0,0:28:09.16,0:28:14.21,Default,,0000,0000,0000,,and it contains a very long string\Nwhich looks completely random.
Dialogue: 0,0:28:14.21,0:28:19.27,Default,,0000,0000,0000,,So I see from phone to NOKE there’s\Nrandom; from NOKE to phone there’s random.
Dialogue: 0,0:28:19.27,0:28:25.45,Default,,0000,0000,0000,,Looks actually encrypted. And NOKE\Nis claiming they are using AES128.
Dialogue: 0,0:28:25.45,0:28:29.17,Default,,0000,0000,0000,,So I didn’t even try to understand\Nwhat I see here because
Dialogue: 0,0:28:29.17,0:28:33.35,Default,,0000,0000,0000,,if it’s AES encrypted you\Nwon’t find any meaning in it.
Dialogue: 0,0:28:33.35,0:28:37.38,Default,,0000,0000,0000,,So let’s put the sniffing aside for\Na moment. We can’t sniff to the data.
Dialogue: 0,0:28:37.38,0:28:41.43,Default,,0000,0000,0000,,We can get this communication off the air.\NBut for the NOKE we can’t do anything
Dialogue: 0,0:28:41.43,0:28:47.78,Default,,0000,0000,0000,,with that. So let’s go for app hacking.
Dialogue: 0,0:28:47.78,0:28:52.14,Default,,0000,0000,0000,,There are different approaches. One\N– the easiest… not the easiest but
Dialogue: 0,0:28:52.14,0:28:58.87,Default,,0000,0000,0000,,the first one we did –\Nis manipulating the apps.
Dialogue: 0,0:28:58.87,0:29:03.61,Default,,0000,0000,0000,,So you can get an APK from your phone very\Neasily with ADB. You don’t have to have
Dialogue: 0,0:29:03.61,0:29:08.45,Default,,0000,0000,0000,,a rooted device for that. You can just\Nenable Devel mode and copy the APK over.
Dialogue: 0,0:29:08.45,0:29:11.78,Default,,0000,0000,0000,,There’s lots of tutorials on the internet\Nhow to do it. It’s basically 3 calls
Dialogue: 0,0:29:11.78,0:29:17.09,Default,,0000,0000,0000,,on the shell. And those APKs can easily\Nbe disassembled with a tool like SMALI.
Dialogue: 0,0:29:17.09,0:29:21.29,Default,,0000,0000,0000,,You can change things in it, like\Na URL. You can change values.
Dialogue: 0,0:29:21.29,0:29:25.92,Default,,0000,0000,0000,,Then you can re-assemble it, self-sign it,\Nand put it again on your phone.
Dialogue: 0,0:29:25.92,0:29:29.59,Default,,0000,0000,0000,,One thing you can do with that is\Nchange the app to use a different URL
Dialogue: 0,0:29:29.59,0:29:34.28,Default,,0000,0000,0000,,for its communication. And that’s actually\Nquite a nice idea. Because we saw before
Dialogue: 0,0:29:34.28,0:29:37.50,Default,,0000,0000,0000,,we can completely understand this\Nprotocol. It’s not a complicated protocol.
Dialogue: 0,0:29:37.50,0:29:40.71,Default,,0000,0000,0000,,It’s sending some requests, and it’s\Ngetting some JSON responses. I can
Dialogue: 0,0:29:40.71,0:29:45.07,Default,,0000,0000,0000,,write this in a Python script with a few\N100 lines, and fake their server.
Dialogue: 0,0:29:45.07,0:29:50.86,Default,,0000,0000,0000,,So I actually could run my NOKE lock – if\Nit would be having good crypto, but okay –
Dialogue: 0,0:29:50.86,0:29:55.02,Default,,0000,0000,0000,,on my own server. Not connected to their\Ncloud, but build my own NOKE app and
Dialogue: 0,0:29:55.02,0:30:01.04,Default,,0000,0000,0000,,have it communicate with my NOKE server.\NWhy not. Possibly in the far future
Dialogue: 0,0:30:01.04,0:30:04.63,Default,,0000,0000,0000,,NOKE doesn’t exist anymore, who knows?\NIt happened before to other companies:
Dialogue: 0,0:30:04.63,0:30:08.38,Default,,0000,0000,0000,,the servers are gone – your hardware is\Ngone. If you understand the protocol,
Dialogue: 0,0:30:08.38,0:30:11.37,Default,,0000,0000,0000,,if you have sniffed it before you can\Nreimplement it and continue using
Dialogue: 0,0:30:11.37,0:30:15.82,Default,,0000,0000,0000,,your hardware. Except for that I wouldn’t\Nlike to have my locks in the cloud!
Dialogue: 0,0:30:15.82,0:30:19.52,Default,,0000,0000,0000,,We actually used this method during\Nthe analysis of the NOKE lock
Dialogue: 0,0:30:19.52,0:30:23.26,Default,,0000,0000,0000,,to change a random number generator\Nin the app to always return ‘42’.
Dialogue: 0,0:30:23.26,0:30:27.50,Default,,0000,0000,0000,,Thanks to Sec for that one. He did\Na binary patch on the MIPS binary on it.
Dialogue: 0,0:30:27.50,0:30:31.98,Default,,0000,0000,0000,,We just put it in and had a nice\Nrandom number to spot it easier
Dialogue: 0,0:30:31.98,0:30:37.87,Default,,0000,0000,0000,,on the communication. The other thing\Nis you can decompile these app APKs.
Dialogue: 0,0:30:37.87,0:30:42.34,Default,,0000,0000,0000,,You get it, again with ADB. Run it through\Na decompiler like Jadx which you can
Dialogue: 0,0:30:42.34,0:30:45.88,Default,,0000,0000,0000,,install on your PC. You can download\Nit from Github. Or if you just want
Dialogue: 0,0:30:45.88,0:30:50.27,Default,,0000,0000,0000,,an easy decompile you go to\Nan online decompilation service.
Dialogue: 0,0:30:50.27,0:30:54.36,Default,,0000,0000,0000,,They say: “Please only use it for\Nlegitimate purposes”, but we do!
Dialogue: 0,0:30:54.36,0:31:00.46,Default,,0000,0000,0000,,And yesterday Sec was very annoyed\Nby the Adblocker blocker they have.
Dialogue: 0,0:31:00.46,0:31:04.46,Default,,0000,0000,0000,,But if you ignore that then it’s\Nvery easy to just upload an APK,
Dialogue: 0,0:31:04.46,0:31:08.13,Default,,0000,0000,0000,,get back the source code. And then,\Nbasically, you have Java source
Dialogue: 0,0:31:08.13,0:31:15.52,Default,,0000,0000,0000,,which you can read, you can search,\Nyou can grep… Oh! You can grep.
Dialogue: 0,0:31:15.52,0:31:21.48,Default,,0000,0000,0000,,So. We were looking for AES!\N{\i1}laughter{\i0}
Dialogue: 0,0:31:21.48,0:31:30.73,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:31:30.73,0:31:34.81,Default,,0000,0000,0000,,Yeah, everybody is laughing at that\Nslide. But there’s 2 things to mention.
Dialogue: 0,0:31:34.81,0:31:38.69,Default,,0000,0000,0000,,First of all this is not all of our\Nresearch. This is just the beginning.
Dialogue: 0,0:31:38.69,0:31:42.67,Default,,0000,0000,0000,,Then it became difficult. The other\Nthing is this key of course is very silly.
Dialogue: 0,0:31:42.67,0:31:47.27,Default,,0000,0000,0000,,They actually use 01 to 15\Nas an AES encryption key.
Dialogue: 0,0:31:47.27,0:31:50.61,Default,,0000,0000,0000,,But if they would have used a real random\Npre-shared key I still would have found it
Dialogue: 0,0:31:50.61,0:31:55.08,Default,,0000,0000,0000,,that way. So, actually, it’s not really\Nless secure. It’s just possibly left over
Dialogue: 0,0:31:55.08,0:31:59.82,Default,,0000,0000,0000,,from development. I have no idea\Nwhy you would use that key! But still
Dialogue: 0,0:31:59.82,0:32:02.53,Default,,0000,0000,0000,,– even a better key, I would have found\Nit in the source code. Because it’s
Dialogue: 0,0:32:02.53,0:32:06.77,Default,,0000,0000,0000,,a pre-shared key. The lock knows it.\NThe app knows it – has to know it
Dialogue: 0,0:32:06.77,0:32:11.30,Default,,0000,0000,0000,,because it’s pre-shared. So, yeah…\NBut still it’s very funny that they have
Dialogue: 0,0:32:11.30,0:32:15.88,Default,,0000,0000,0000,,this silly key in there. And we were\Nactually wondering quite a lot:
Dialogue: 0,0:32:15.88,0:32:20.08,Default,,0000,0000,0000,,“Oh, but what blockchaining mode\Ndo they use? How do they use AES?
Dialogue: 0,0:32:20.08,0:32:24.02,Default,,0000,0000,0000,,Is there an initialization vector?”.\NI don’t know.
Dialogue: 0,0:32:24.02,0:32:29.21,Default,,0000,0000,0000,,Took us quite a while until we realized:\Nit’s simply just one block! If we use
Dialogue: 0,0:32:29.21,0:32:34.74,Default,,0000,0000,0000,,that thing that we sniffed earlier\Nand just run one AES decryption
Dialogue: 0,0:32:34.74,0:32:39.57,Default,,0000,0000,0000,,with the key 0001 etc. we get something
Dialogue: 0,0:32:39.57,0:32:43.75,Default,,0000,0000,0000,,which includes our 42 numbers. Oh!\NOur ‘random’ numbers turn up!
Dialogue: 0,0:32:43.75,0:32:48.59,Default,,0000,0000,0000,,How are the chances for that? No.\NSo, actually this key decrypted the thing
Dialogue: 0,0:32:48.59,0:32:52.90,Default,,0000,0000,0000,,we got from the wire. So we thought:\N“Success!” and NOKE is cracked!
Dialogue: 0,0:32:52.90,0:32:56.16,Default,,0000,0000,0000,,Unfortunately it only worked for the\Nfirst 2 messages, and all we saw
Dialogue: 0,0:32:56.16,0:32:59.55,Default,,0000,0000,0000,,in these 2 messages is our ‘random’\Nnumber, and in the answer
Dialogue: 0,0:32:59.55,0:33:03.99,Default,,0000,0000,0000,,another obviously real random number,\Nbecause we didn’t patch the lock.
Dialogue: 0,0:33:03.99,0:33:10.48,Default,,0000,0000,0000,,The next messages from that on\Nagain were completely scrambled.
Dialogue: 0,0:33:10.48,0:33:15.27,Default,,0000,0000,0000,,So we had to do some\Nmore reverse-engineering.
Dialogue: 0,0:33:15.27,0:33:20.91,Default,,0000,0000,0000,,Unfortunately, or fortunately – to make\Nit a little more interesting for us –
Dialogue: 0,0:33:20.91,0:33:25.18,Default,,0000,0000,0000,,this APK from NOKE doesn’t\Nonly include the Java source.
Dialogue: 0,0:33:25.18,0:33:29.08,Default,,0000,0000,0000,,It has some shared object files.\NSo, binaries, which are compiled
Dialogue: 0,0:33:29.08,0:33:34.16,Default,,0000,0000,0000,,with some other compiler, probably C.\NLuckily those were in there for Android,
Dialogue: 0,0:33:34.16,0:33:38.29,Default,,0000,0000,0000,,for multiple architectures. And one of\Nthose – I don’t know who is using Android
Dialogue: 0,0:33:38.29,0:33:44.25,Default,,0000,0000,0000,,on x86, but obviously it exists – so\Nwe had all the libraries also in x86.
Dialogue: 0,0:33:44.25,0:33:48.09,Default,,0000,0000,0000,,Which we could run through a commonly\Navailable disassembler. I started doing
Dialogue: 0,0:33:48.09,0:33:51.76,Default,,0000,0000,0000,,this object dump, and things (?) a little\Nbit. But it’s really hard to read, and
Dialogue: 0,0:33:51.76,0:33:57.31,Default,,0000,0000,0000,,you don’t come so far with it. So,\Nbig thanks again to Sec and to e7p
Dialogue: 0,0:33:57.31,0:34:01.21,Default,,0000,0000,0000,,who helped me a lot during Easterhegg\Nthis year, which was a quite nice event,
Dialogue: 0,0:34:01.21,0:34:06.00,Default,,0000,0000,0000,,where we did some lock hacking. And they\Nwere staring with me at IDA Pro dumps
Dialogue: 0,0:34:06.00,0:34:11.64,Default,,0000,0000,0000,,all the time to find the key exchange,\Nand finally, it worked out.
Dialogue: 0,0:34:11.64,0:34:16.46,Default,,0000,0000,0000,,So, all the assembler is very hard\Nto read, I think. But we see there’s
Dialogue: 0,0:34:16.46,0:34:20.58,Default,,0000,0000,0000,,a parseCmd function we found.\NActually they had the labels in there!
Dialogue: 0,0:34:20.58,0:34:23.54,Default,,0000,0000,0000,,Which again is not the vulnerability,\Nit just made it easier for us
Dialogue: 0,0:34:23.54,0:34:29.53,Default,,0000,0000,0000,,to spot the stuff. I don’t think\Nthat’s bad from them. It’s okay.
Dialogue: 0,0:34:29.53,0:34:35.25,Default,,0000,0000,0000,,So we found this parseCmd. It actually\Ncalls an AES decrypt function.
Dialogue: 0,0:34:35.25,0:34:39.64,Default,,0000,0000,0000,,It gets a little bigger and bigger\Nand bigger. There we find
Dialogue: 0,0:34:39.64,0:34:44.34,Default,,0000,0000,0000,,– I actually can’t read it from here very\Ngood – this was the Create Session key.
Dialogue: 0,0:34:44.34,0:34:49.33,Default,,0000,0000,0000,,This sounds very promising. It was\Ncalled ‘CreateSessionKey’. Hm.
Dialogue: 0,0:34:49.33,0:34:54.41,Default,,0000,0000,0000,,Might have something to do with the things\Nwe saw before. And it has this in a loop.
Dialogue: 0,0:34:54.41,0:34:58.25,Default,,0000,0000,0000,,And this loop is actually something people\Ncould understand if they can read some
Dialogue: 0,0:34:58.25,0:35:03.34,Default,,0000,0000,0000,,x86 assembler. It’s a loop of\N4 iterations. And it’s XORing values
Dialogue: 0,0:35:03.34,0:35:09.49,Default,,0000,0000,0000,,from one array to another.\NSo it’s basically XORing 4 values.
Dialogue: 0,0:35:09.49,0:35:14.03,Default,,0000,0000,0000,,And this is the core component of the key\Nexchange. This is the 4 byte numbers
Dialogue: 0,0:35:14.03,0:35:20.32,Default,,0000,0000,0000,,that we saw earlier. My 42 42 42 42…\Nand the other one coming from the lock,
Dialogue: 0,0:35:20.32,0:35:25.44,Default,,0000,0000,0000,,are XORed together, and then there’s\Nsome more magic done. So basically
Dialogue: 0,0:35:25.44,0:35:29.38,Default,,0000,0000,0000,,the app sends a random number to the lock,\Nthe lock sends a random number to the app.
Dialogue: 0,0:35:29.38,0:35:34.43,Default,,0000,0000,0000,,And from that there’s a session\Nkey calculated by adding XOR
Dialogue: 0,0:35:34.43,0:35:40.30,Default,,0000,0000,0000,,of these 2 numbers to the\Nmiddle of the original key.
Dialogue: 0,0:35:40.30,0:35:45.20,Default,,0000,0000,0000,,So you have this original\Nkey which we saw before.
Dialogue: 0,0:35:45.20,0:35:49.14,Default,,0000,0000,0000,,And you add this result onto it. So.
Dialogue: 0,0:35:49.14,0:35:54.41,Default,,0000,0000,0000,,We saw from the app our 42 44 42.\NOf course if you have the real app
Dialogue: 0,0:35:54.41,0:35:58.80,Default,,0000,0000,0000,,running that would be still real random.\NBut this doesn’t make a difference.
Dialogue: 0,0:35:58.80,0:36:01.95,Default,,0000,0000,0000,,It just was easier for us to see\Nit’s the same every time, so…
Dialogue: 0,0:36:01.95,0:36:06.45,Default,,0000,0000,0000,,It helped a little bit, but not too much.\NSo the lock sends the key, those 2 values
Dialogue: 0,0:36:06.45,0:36:12.68,Default,,0000,0000,0000,,are XORed together; and then they are\Nadded onto this silly pre-shared key.
Dialogue: 0,0:36:12.68,0:36:17.33,Default,,0000,0000,0000,,I don’t know why they’re doing that!\NI mean, they could have at least added it
Dialogue: 0,0:36:17.33,0:36:21.43,Default,,0000,0000,0000,,to different parts of it, and they\Nwould have more entropy in it, or…
Dialogue: 0,0:36:21.43,0:36:24.14,Default,,0000,0000,0000,,I’m not sure who sits in the cell and\Ndoes some coding, and thinks:
Dialogue: 0,0:36:24.14,0:36:30.16,Default,,0000,0000,0000,,“This is a good key exchange!”?\NYou can’t really look into these minds.
Dialogue: 0,0:36:30.16,0:36:34.26,Default,,0000,0000,0000,,But okay, so, we can do something\Nin our head. We see here is 0xFD,
Dialogue: 0,0:36:34.26,0:36:39.07,Default,,0000,0000,0000,,we add 0x05 to it. So it rolls over. This\Nis why here’s the Modulo operation.
Dialogue: 0,0:36:39.07,0:36:43.61,Default,,0000,0000,0000,,And get the 0x02. We have 0xBB\Nhere. We add 0x06 to 0xBB.
Dialogue: 0,0:36:43.61,0:36:48.90,Default,,0000,0000,0000,,If you can calculate hex you see it comes\Nto 0xC1. Etc. So everything that changed
Dialogue: 0,0:36:48.90,0:36:55.66,Default,,0000,0000,0000,,in the key is the middle 4 bytes.\NWhich is actually another vulnerability.
Dialogue: 0,0:36:55.66,0:37:00.22,Default,,0000,0000,0000,,Because it means even if for some reason,\Nwhich I really can’t imagine because
Dialogue: 0,0:37:00.22,0:37:04.40,Default,,0000,0000,0000,,this exchange is done everytime you\Nopen your lock. It’s not something done
Dialogue: 0,0:37:04.40,0:37:08.84,Default,,0000,0000,0000,,on the first time or done once per phone\Nor something. Everytime somebody opens
Dialogue: 0,0:37:08.84,0:37:12.44,Default,,0000,0000,0000,,this NOKE this whole sequence is run\Nthrough. It connects to the lock, sends
Dialogue: 0,0:37:12.44,0:37:19.47,Default,,0000,0000,0000,,a random number, receives a random number,\Nthe session key is calculated, and using
Dialogue: 0,0:37:19.47,0:37:23.54,Default,,0000,0000,0000,,the new session key the rest of the\Ncommunication is done. But just in case
Dialogue: 0,0:37:23.54,0:37:27.42,Default,,0000,0000,0000,,you did miss the first packets for some\Nreason: if you have a real attack scenario
Dialogue: 0,0:37:27.42,0:37:31.09,Default,,0000,0000,0000,,where you can’t replay it it might happen\Nthat it’s scrambled. Then it’s still
Dialogue: 0,0:37:31.09,0:37:34.29,Default,,0000,0000,0000,,4 bytes changed in the key, so we can\Nbrute-force the new key. By knowing
Dialogue: 0,0:37:34.29,0:37:39.08,Default,,0000,0000,0000,,the old one and brute-forcing those\N4 bytes. So I think that’s doable
Dialogue: 0,0:37:39.08,0:37:43.39,Default,,0000,0000,0000,,on a modern machine without\Nbigger problem. So really,
Dialogue: 0,0:37:43.39,0:37:47.81,Default,,0000,0000,0000,,not the cleverest key exchange.\NBut even if it would be better
Dialogue: 0,0:37:47.81,0:37:51.06,Default,,0000,0000,0000,,it wouldn’t really help. Because there’s\Nno asymmetric crypto in it, there’s
Dialogue: 0,0:37:51.06,0:37:54.87,Default,,0000,0000,0000,,nothing preventing us from following it.\NIf you exchange a session key
Dialogue: 0,0:37:54.87,0:37:58.63,Default,,0000,0000,0000,,over a pre-shared secret, somebody\Nknowing the pre-shared secret
Dialogue: 0,0:37:58.63,0:38:03.35,Default,,0000,0000,0000,,will always be able to follow it.\NSo, they have to do some big changes
Dialogue: 0,0:38:03.35,0:38:08.25,Default,,0000,0000,0000,,there to make it proof against sniffing.
Dialogue: 0,0:38:08.25,0:38:13.49,Default,,0000,0000,0000,,We have this new session key and of course\Nwe have to verify what is happening.
Dialogue: 0,0:38:13.49,0:38:18.87,Default,,0000,0000,0000,,We have the next message on our\Nwire. We’re decoding it with the new
Dialogue: 0,0:38:18.87,0:38:21.82,Default,,0000,0000,0000,,– very cool – key we have. And we\Nget something that doesn’t look
Dialogue: 0,0:38:21.82,0:38:25.85,Default,,0000,0000,0000,,completely random. We do it with multiple\Nones and see some structure in it.
Dialogue: 0,0:38:25.85,0:38:30.95,Default,,0000,0000,0000,,It’s always… {\i1}strange guttural noises{\i0}\NI think I pasted the wrong thing here,
Dialogue: 0,0:38:30.95,0:38:36.22,Default,,0000,0000,0000,,actually. Very sorry for that. You have\Nto imagine a different message here.
Dialogue: 0,0:38:36.22,0:38:40.04,Default,,0000,0000,0000,,Encrypt that using that key and you\Nwould see what would be up here.
Dialogue: 0,0:38:40.04,0:38:44.28,Default,,0000,0000,0000,,But here would be this random we got\Nfrom the air. We de-crypt it with that,
Dialogue: 0,0:38:44.28,0:38:49.87,Default,,0000,0000,0000,,and get this. And this dissects into an\Nop code which is always at the third byte.
Dialogue: 0,0:38:49.87,0:38:53.64,Default,,0000,0000,0000,,And after the op code we actually see\Nthe lock key which you remember from
Dialogue: 0,0:38:53.64,0:38:58.59,Default,,0000,0000,0000,,one of the first slides – 013755 –\Nthis is the key from my lock.
Dialogue: 0,0:38:58.59,0:39:05.61,Default,,0000,0000,0000,,So we now got the key from the air,\Nand have full access to the lock.
Dialogue: 0,0:39:05.61,0:39:08.25,Default,,0000,0000,0000,,Bad luck for NOKE.
Dialogue: 0,0:39:08.25,0:39:16.43,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:39:16.43,0:39:20.27,Default,,0000,0000,0000,,So 06 is just one of the op codes. When\Nyou browse through the Java source
Dialogue: 0,0:39:20.27,0:39:26.11,Default,,0000,0000,0000,,you see much more op codes that might\Nhappen. So e.g. there’s the Rekey option
Dialogue: 0,0:39:26.11,0:39:30.85,Default,,0000,0000,0000,,which you send to the lock, and the lock\Nstarts to re-key to regenerate the key,
Dialogue: 0,0:39:30.85,0:39:34.53,Default,,0000,0000,0000,,send back the new keys. You can\Nunlock – which is what we just saw.
Dialogue: 0,0:39:34.53,0:39:38.91,Default,,0000,0000,0000,,Get the battery level. Set a new Quick\NOpening Code. Can reset the lock.
Dialogue: 0,0:39:38.91,0:39:42.89,Default,,0000,0000,0000,,Can do a firmware update. That looks\Npromising! I have the idea, we will see
Dialogue: 0,0:39:42.89,0:39:48.77,Default,,0000,0000,0000,,this op code in the near future.\NAnd you can enable ‘key fob’
Dialogue: 0,0:39:48.77,0:39:52.64,Default,,0000,0000,0000,,which a small device is which you can\Nuse to open the lock without a phone.
Dialogue: 0,0:39:52.64,0:39:57.21,Default,,0000,0000,0000,,So you can send commands\Nto pair those, and add them,
Dialogue: 0,0:39:57.21,0:40:00.79,Default,,0000,0000,0000,,and get locks of this (?). So this is just\Na few, we haven’t played with all of them.
Dialogue: 0,0:40:00.79,0:40:04.72,Default,,0000,0000,0000,,The SetQuickCode,\NI think I sniffed a few…
Dialogue: 0,0:40:04.72,0:40:09.26,Default,,0000,0000,0000,,Yeah, but that’s basically the things you\Ncan do, and you can decode all of them
Dialogue: 0,0:40:09.26,0:40:12.15,Default,,0000,0000,0000,,with the message shown before.
Dialogue: 0,0:40:12.15,0:40:16.43,Default,,0000,0000,0000,,So some history of\Nthe vendor notification.
Dialogue: 0,0:40:16.43,0:40:20.10,Default,,0000,0000,0000,,We did this on the Easterhegg [2016].\NEverybody knows Easterhegg is Easter.
Dialogue: 0,0:40:20.10,0:40:23.44,Default,,0000,0000,0000,,So this was in April [2016].\NPossibly it wasn’t
Dialogue: 0,0:40:23.44,0:40:26.83,Default,,0000,0000,0000,,the best idea to send\Nthem on April, 1st. But…
Dialogue: 0,0:40:26.83,0:40:28.90,Default,,0000,0000,0000,,{\i1}laughter{\i0}
Dialogue: 0,0:40:28.90,0:40:35.42,Default,,0000,0000,0000,,No, they replied and took it seriously. So\Nthey actually very instantly told us they
Dialogue: 0,0:40:35.42,0:40:39.37,Default,,0000,0000,0000,,like the research and everything.\NThey knew their crypto isn’t perfect,
Dialogue: 0,0:40:39.37,0:40:42.47,Default,,0000,0000,0000,,but the product has to get out. And they\Nwere working on a new protocol, they sent
Dialogue: 0,0:40:42.47,0:40:47.58,Default,,0000,0000,0000,,a few details of that. We don’t have full\Ndetails so far, so we can’t really tell
Dialogue: 0,0:40:47.58,0:40:52.71,Default,,0000,0000,0000,,if the new protocol is very good. But\Nit looked, from the idea, a little better.
Dialogue: 0,0:40:52.71,0:40:57.20,Default,,0000,0000,0000,,They’re bringing out a Bike U-lock which\Nis not out yet. And it’s supposed to have
Dialogue: 0,0:40:57.20,0:41:01.46,Default,,0000,0000,0000,,the new protocol from shipping.\NWe will see. A thing which I found
Dialogue: 0,0:41:01.46,0:41:05.60,Default,,0000,0000,0000,,very funny is I downloaded a new [NOKE] app\Nin November, and it has a major update
Dialogue: 0,0:41:05.60,0:41:10.55,Default,,0000,0000,0000,,in the screen: the ‘Rekey’\Nbutton is now hidden!
Dialogue: 0,0:41:10.55,0:41:13.51,Default,,0000,0000,0000,,So, remember, that’s the only button\Nwhich saves you from someone
Dialogue: 0,0:41:13.51,0:41:17.45,Default,,0000,0000,0000,,you shared a lock to, to lock him out.\NSo this button now is hidden.
Dialogue: 0,0:41:17.45,0:41:21.20,Default,,0000,0000,0000,,Possibly not the best idea. Possibly\Npeople weren’t understanding it.
Dialogue: 0,0:41:21.20,0:41:25.08,Default,,0000,0000,0000,,But it can be enabled in the ‘Advanced\NSettings’ menu. So, no problem.
Dialogue: 0,0:41:25.08,0:41:28.68,Default,,0000,0000,0000,,But they just recently told me that\Nthey’re planning to actually fix that
Dialogue: 0,0:41:28.68,0:41:33.05,Default,,0000,0000,0000,,in January. So we’re actually\Nreally in a Zeroday here.
Dialogue: 0,0:41:33.05,0:41:37.54,Default,,0000,0000,0000,,So the locks are still vulnerable.\NBut 8 months, sorry… I…
Dialogue: 0,0:41:37.54,0:41:41.96,Default,,0000,0000,0000,,the conference is now, we couldn’t\Nchange that! {\i1}laughter{\i0}
Dialogue: 0,0:41:41.96,0:41:53.45,Default,,0000,0000,0000,,{\i1}Ray laughs{\i0}\N{\i1}applause{\i0}
Dialogue: 0,0:41:53.45,0:41:58.30,Default,,0000,0000,0000,,If you use such a NOKE lock I still\Nwant to say I like the hardware.
Dialogue: 0,0:41:58.30,0:42:01.51,Default,,0000,0000,0000,,It’s quite a nice hardware. Possibly\Nwrite an open source firmware for it,
Dialogue: 0,0:42:01.51,0:42:04.92,Default,,0000,0000,0000,,build your own crypto, during\Nthe time. Or just don’t use it
Dialogue: 0,0:42:04.92,0:42:09.42,Default,,0000,0000,0000,,for real valuable things. Or use your\NAluburka or other shielding while
Dialogue: 0,0:42:09.42,0:42:15.05,Default,,0000,0000,0000,,opening it, I don’t know. But just be\Naware if someone sniffs your communication
Dialogue: 0,0:42:15.05,0:42:18.65,Default,,0000,0000,0000,,using his 5 Dollar dev board\Nhe probably knows your codes.
Dialogue: 0,0:42:18.65,0:42:25.30,Default,,0000,0000,0000,,So, yeah. So much for the NOKE.\NThis is not really the end, it’s just
Dialogue: 0,0:42:25.30,0:42:31.68,Default,,0000,0000,0000,,the beginning of the end section. Because\Nwe still have one mechanical bypass left.
Dialogue: 0,0:42:31.68,0:42:36.53,Default,,0000,0000,0000,,You remember that earlier I mentioned\Nalso the Master Lock doesn’t have
Dialogue: 0,0:42:36.53,0:42:41.61,Default,,0000,0000,0000,,no mechanical bypass that we found. If you\Nremember Chaos Communication Congress
Dialogue: 0,0:42:41.61,0:42:45.28,Default,,0000,0000,0000,,4 years ago – you can remember from\Nthe Rocket standing exactly here –
Dialogue: 0,0:42:45.28,0:42:48.19,Default,,0000,0000,0000,,{\i1}points to picture on slide{\i0} we did\Na presentation on this first Bluetooth…
Dialogue: 0,0:42:48.19,0:42:52.53,Default,,0000,0000,0000,,not Bluetooth, on this first electronic\Npadlock by Master Lock, where we had
Dialogue: 0,0:42:52.53,0:42:56.11,Default,,0000,0000,0000,,a nice mechanical magnet attack,\Nwhich was found by Michael Hübler
Dialogue: 0,0:42:56.11,0:43:01.83,Default,,0000,0000,0000,,by very cleverly drilling a hole,\Nobserving the motors, acting with magnets…
Dialogue: 0,0:43:01.83,0:43:07.83,Default,,0000,0000,0000,,and found this special move\Nwhich opens the old Master Lock.
Dialogue: 0,0:43:07.83,0:43:11.20,Default,,0000,0000,0000,,And we reported that back then.\NSo 4 years ago we told Master Lock:
Dialogue: 0,0:43:11.20,0:43:15.92,Default,,0000,0000,0000,,“Oh, your padlock can be opened\Nwith a magnet, this is not very good”.
Dialogue: 0,0:43:15.92,0:43:21.54,Default,,0000,0000,0000,,But this was a 30 Dollars padlock, and…\Noh my god, could be done with a magnet.
Dialogue: 0,0:43:21.54,0:43:25.31,Default,,0000,0000,0000,,So this is the new one, and they changed\Nsomething. Actually it’s something they
Dialogue: 0,0:43:25.31,0:43:30.99,Default,,0000,0000,0000,,told us back then that they’re planning\Nto do. They added a shielding metal.
Dialogue: 0,0:43:30.99,0:43:36.72,Default,,0000,0000,0000,,So, this very big, thick shielding\Nhere which I would use to block
Dialogue: 0,0:43:36.72,0:43:43.10,Default,,0000,0000,0000,,all the radiation from whatever\Nit is, around half of the motor
Dialogue: 0,0:43:43.10,0:43:49.46,Default,,0000,0000,0000,,is supposed to help. Let’s have a look.
Dialogue: 0,0:43:49.46,0:43:52.53,Default,,0000,0000,0000,,{\i1}silent video starts{\i0}\NSo this is the Master Lock.
Dialogue: 0,0:43:52.53,0:43:56.26,Default,,0000,0000,0000,,We have a bigger magnet. I have to admit\Nyou see it’s a much bigger magnet.
Dialogue: 0,0:43:56.26,0:44:02.52,Default,,0000,0000,0000,,Those magnets are illegal to possess\Nall over Germany, I hope, soon!
Dialogue: 0,0:44:02.52,0:44:05.75,Default,,0000,0000,0000,,And we have a different move. We’re\Nnow rotating the magnet. We were
Dialogue: 0,0:44:05.75,0:44:09.76,Default,,0000,0000,0000,,shifting it before. – And it’s open!
Dialogue: 0,0:44:09.76,0:44:24.65,Default,,0000,0000,0000,,{\i1}laughter and applause{\i0}
Dialogue: 0,0:44:24.65,0:44:28.25,Default,,0000,0000,0000,,This also is not really Zeroday because\Nas you saw before on the slide
Dialogue: 0,0:44:28.25,0:44:33.54,Default,,0000,0000,0000,,by Rose & Ramsey he also told\Nthe Master Lock is unpickable.
Dialogue: 0,0:44:33.54,0:44:37.99,Default,,0000,0000,0000,,And after the talk at DEF CON I, in\Nthe Q&A section somehow mentioned
Dialogue: 0,0:44:37.99,0:44:42.69,Default,,0000,0000,0000,,that I doubt that. I didn’t tell\Nwhat to do exactly because
Dialogue: 0,0:44:42.69,0:44:46.74,Default,,0000,0000,0000,,I wanted to give Master Lock some\Nresponse time. But directly after the talk
Dialogue: 0,0:44:46.74,0:44:50.60,Default,,0000,0000,0000,,somebody approached me: “That’s very\Ninteresting, I’m with Master Lock!” {\i1}laughs{\i0}
Dialogue: 0,0:44:50.60,0:44:53.40,Default,,0000,0000,0000,,{\i1}laughter{\i0}\NAnd I actually showed him this and he
Dialogue: 0,0:44:53.40,0:44:59.09,Default,,0000,0000,0000,,filmed it with his mobile phone.\NSo I consider the vendor notified!
Dialogue: 0,0:44:59.09,0:45:09.75,Default,,0000,0000,0000,,{\i1}laughs{\i0}\N{\i1}laughter and applause{\i0}
Dialogue: 0,0:45:09.75,0:45:13.02,Default,,0000,0000,0000,,So I would say: “Works for me!”
Dialogue: 0,0:45:13.02,0:45:20.45,Default,,0000,0000,0000,,{\i1}laughter and applause{\i0}
Dialogue: 0,0:45:20.45,0:45:25.01,Default,,0000,0000,0000,,So I have a message to all these vendors\Nand kickstarters and lock makers:
Dialogue: 0,0:45:25.01,0:45:28.95,Default,,0000,0000,0000,,“Don’t try to be smart, be smart!\NAnd disclose your crypto protocols!”
Dialogue: 0,0:45:28.95,0:45:32.15,Default,,0000,0000,0000,,There’s really no need to make\Na secret crypto protocol. And if
Dialogue: 0,0:45:32.15,0:45:35.61,Default,,0000,0000,0000,,your development department tells\Nyou: ”No no, we can’t disclose that,
Dialogue: 0,0:45:35.61,0:45:39.43,Default,,0000,0000,0000,,that’s a really silly idea to disclose our\Ncrypto!” you probably have bad crypto,
Dialogue: 0,0:45:39.43,0:45:42.71,Default,,0000,0000,0000,,and they know it!\N{\i1}laughter{\i0}
Dialogue: 0,0:45:42.71,0:45:47.12,Default,,0000,0000,0000,,And, of course, if you build a new\Nthing like a hardware, like a lock e.g.
Dialogue: 0,0:45:47.12,0:45:51.92,Default,,0000,0000,0000,,try to get your hardware in the hands of\Nexperienced lockpickers, or locksmiths.
Dialogue: 0,0:45:51.92,0:45:55.08,Default,,0000,0000,0000,,The shimming bypass, of the\NDog & Bone padlock, really,
Dialogue: 0,0:45:55.08,0:45:58.46,Default,,0000,0000,0000,,every locksmith in the\NU.S. would have told them:
Dialogue: 0,0:45:58.46,0:46:04.53,Default,,0000,0000,0000,,“You can’t build a 100 Dollar padlock\Nwhich can be shimmed with a soda can!”
Dialogue: 0,0:46:04.53,0:46:07.84,Default,,0000,0000,0000,,Especially if you’re an electronics\Ncompany what those Dog & Bone people
Dialogue: 0,0:46:07.84,0:46:11.18,Default,,0000,0000,0000,,obviously are: Don’t trust on your\Nelectronics knowledge. The hardware
Dialogue: 0,0:46:11.18,0:46:16.05,Default,,0000,0000,0000,,also has to work. And please, if you give\Nthis hardware to people don’t try to get
Dialogue: 0,0:46:16.05,0:46:19.44,Default,,0000,0000,0000,,any NDA’s, or “Oh you can’t disclose”\N– because then they won’t do it, and
Dialogue: 0,0:46:19.44,0:46:24.48,Default,,0000,0000,0000,,you will wait just for the product to come\Nout, and disassemble it then. So really…
Dialogue: 0,0:46:24.48,0:46:28.74,Default,,0000,0000,0000,,Actually, I must say the\NNOKE people which I…
Dialogue: 0,0:46:28.74,0:46:32.53,Default,,0000,0000,0000,,the lock isn’t working that good but\NI think the company is doing quite well.
Dialogue: 0,0:46:32.53,0:46:36.39,Default,,0000,0000,0000,,They sent us one of their\Nlocks for mechanical analysis
Dialogue: 0,0:46:36.39,0:46:40.57,Default,,0000,0000,0000,,after our Master Lock presentation.\NSo we tested their lock
Dialogue: 0,0:46:40.57,0:46:43.91,Default,,0000,0000,0000,,on our magnetic attack and that didn’t\Nwork. And still doesn’t work. So
Dialogue: 0,0:46:43.91,0:46:47.25,Default,,0000,0000,0000,,that thing they did good. The other thing\Nis that they didn’t get the crypto right.
Dialogue: 0,0:46:47.25,0:46:50.50,Default,,0000,0000,0000,,But okay. People are learning.\N{\i1}some laughter{\i0}
Dialogue: 0,0:46:50.50,0:46:53.97,Default,,0000,0000,0000,,So if someone really wants to be smart\N– and we also tried to tell that [to] NOKE
Dialogue: 0,0:46:53.97,0:46:57.22,Default,,0000,0000,0000,,in the kickstarter campaign –\Ntry to become the first one.
Dialogue: 0,0:46:57.22,0:47:01.29,Default,,0000,0000,0000,,And this is really ‘WTF’. Why is\Nthere no – at all – open source lock?
Dialogue: 0,0:47:01.29,0:47:06.10,Default,,0000,0000,0000,,Or light bulb? Or vibrator?\NI have no idea. But…
Dialogue: 0,0:47:06.10,0:47:09.06,Default,,0000,0000,0000,,I think you want to sell the hardware! Why\Ndon’t make the software open source
Dialogue: 0,0:47:09.06,0:47:10.98,Default,,0000,0000,0000,,and make it auditable?
Dialogue: 0,0:47:10.98,0:47:21.68,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:47:21.68,0:47:25.53,Default,,0000,0000,0000,,Oopf… What’s that slide? Oh\Nyeah, there’s Hacker Jeopardy!
Dialogue: 0,0:47:25.53,0:47:29.72,Default,,0000,0000,0000,,If you want Hacker Jeopardy to happen\Nnext year please send content!
Dialogue: 0,0:47:29.72,0:47:35.74,Default,,0000,0000,0000,,{\i1}laughs{\i0}\N{\i1}applause and cheers{\i0}
Dialogue: 0,0:47:35.74,0:47:39.89,Default,,0000,0000,0000,,I heard from that Sec guy and that\NRay guy that they’re really old,
Dialogue: 0,0:47:39.89,0:47:43.40,Default,,0000,0000,0000,,and they don’t know the things that the\Nyoung generation wants to have asked
Dialogue: 0,0:47:43.40,0:47:46.55,Default,,0000,0000,0000,,in a Jeopardy. And what Pokémons\Nyou have to ask, and stuff like that…
Dialogue: 0,0:47:46.55,0:47:50.87,Default,,0000,0000,0000,,So send a few ideas! There’s a German\Npage, but Hacker Jeopardy will be German
Dialogue: 0,0:47:50.87,0:47:55.13,Default,,0000,0000,0000,,next year. So, sorry for that. A German\Npage which tells you how to submit ideas,
Dialogue: 0,0:47:55.13,0:47:59.41,Default,,0000,0000,0000,,how to make good ideas. And if you\Nsend enough content possibly next year
Dialogue: 0,0:47:59.41,0:48:03.75,Default,,0000,0000,0000,,there will be Hacker Jeopardy, again.
Dialogue: 0,0:48:03.75,0:48:09.73,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:48:09.73,0:48:14.36,Default,,0000,0000,0000,,So, we have some links. Actually, this\Nis the Zeroday tool we are releasing,
Dialogue: 0,0:48:14.36,0:48:19.12,Default,,0000,0000,0000,,by e7p. It’s not on there yet, I think.\NOr possibly he’s sitting in the audience
Dialogue: 0,0:48:19.12,0:48:23.54,Default,,0000,0000,0000,,and uploading it right now. It’s a small\NPython script. It needs Python3.
Dialogue: 0,0:48:23.54,0:48:27.82,Default,,0000,0000,0000,,And it implements this crypto session\Nexchange. So what you basically do is
Dialogue: 0,0:48:27.82,0:48:31.64,Default,,0000,0000,0000,,you get the values from your Wireshark,\Nwhich is all these Hex strings,
Dialogue: 0,0:48:31.64,0:48:36.36,Default,,0000,0000,0000,,put them to a file, start the\Ndecode-NOKE tool and it will tell you
Dialogue: 0,0:48:36.36,0:48:40.23,Default,,0000,0000,0000,,what keycode is in there, what things are\Nset. Currently it only supports, I think,
Dialogue: 0,0:48:40.23,0:48:43.90,Default,,0000,0000,0000,,the ‘Open’ command mainly, and the\N‘Read Battery’ possibly. But we’ll try
Dialogue: 0,0:48:43.90,0:48:48.29,Default,,0000,0000,0000,,to add a few more codes as we decode them.\NBut it’s enough to get the lock code
Dialogue: 0,0:48:48.29,0:48:52.25,Default,,0000,0000,0000,,from the air. So with this tool\N– but you could implement it yourself –
Dialogue: 0,0:48:52.25,0:48:57.42,Default,,0000,0000,0000,,you easily can crack the locks.\NAnd there’s a blog entry by MH
Dialogue: 0,0:48:57.42,0:49:00.02,Default,,0000,0000,0000,,who did a nice paper about the NOKE’s\Nhardware and everything. If you really
Dialogue: 0,0:49:00.02,0:49:04.04,Default,,0000,0000,0000,,want to look inside the lock look at this.\NAnd then there’s of course the link
Dialogue: 0,0:49:04.04,0:49:08.36,Default,,0000,0000,0000,,to the Nordic RF sniffer software.
Dialogue: 0,0:49:08.36,0:49:12.59,Default,,0000,0000,0000,,This is one of the decompilers which\Nhas the Adblocker blocker on it.
Dialogue: 0,0:49:12.59,0:49:16.14,Default,,0000,0000,0000,,And there’s an article from Sec’s blog\Ntelling you how to decompile and recompile
Dialogue: 0,0:49:16.14,0:49:21.85,Default,,0000,0000,0000,,an app. Which I found quite\Nhelpful during the working.
Dialogue: 0,0:49:21.85,0:49:25.94,Default,,0000,0000,0000,,So okay. So, thanks for listening.
Dialogue: 0,0:49:25.94,0:49:29.98,Default,,0000,0000,0000,,Please, if you have smart things\Naround, and want to play with that,
Dialogue: 0,0:49:29.98,0:49:34.58,Default,,0000,0000,0000,,I have one of these dev boards left. So\NI have 2, one for me and one I can lend
Dialogue: 0,0:49:34.58,0:49:39.54,Default,,0000,0000,0000,,to someone who wants to sniff to his/her\Nhardware. Come to the MuCCC assembly
Dialogue: 0,0:49:39.54,0:49:46.41,Default,,0000,0000,0000,,and tell me what you want to attack,\Nand I’ll give you my RF sniffer board.
Dialogue: 0,0:49:46.41,0:49:49.55,Default,,0000,0000,0000,,Or leave the things there, and we play\Nduring Congress. Not today, possibly,
Dialogue: 0,0:49:49.55,0:49:53.50,Default,,0000,0000,0000,,but tomorrow I’ll be in the assembly, or\Nsomeone will be there. And I think
Dialogue: 0,0:49:53.50,0:49:57.53,Default,,0000,0000,0000,,now I have basically exactly 10 minutes,\Nand I hope there are some questions.
Dialogue: 0,0:49:57.53,0:50:00.18,Default,,0000,0000,0000,,Otherwise I was too quick! Thank you!
Dialogue: 0,0:50:00.18,0:50:11.20,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,0:50:11.20,0:50:14.34,Default,,0000,0000,0000,,Herald: {\i1}leise:{\i0} Hallo! Mikro wär’ schön!\NRufender: Musst’ nur anmachen!
Dialogue: 0,0:50:14.34,0:50:16.81,Default,,0000,0000,0000,,Herald: Is an!\NRay: He wants a microphone for the questions!
Dialogue: 0,0:50:16.81,0:50:19.47,Default,,0000,0000,0000,,{\i1}Herald is told how to switch on microphone{\i0}
Dialogue: 0,0:50:19.47,0:50:21.96,Default,,0000,0000,0000,,Herald: Hah, wer lesen\Nkann ist klar im Vorteil!
Dialogue: 0,0:50:21.96,0:50:26.76,Default,,0000,0000,0000,,Ray, thank you very much!\NDo you have some time later?
Dialogue: 0,0:50:26.76,0:50:31.38,Default,,0000,0000,0000,,I might need to ask a favour! Did I told\Nyou about that friend that I’m having
Dialogue: 0,0:50:31.38,0:50:36.68,Default,,0000,0000,0000,,with the Bluetooth enabled coffee\Nmachine? We, we speak later!
Dialogue: 0,0:50:36.68,0:50:40.51,Default,,0000,0000,0000,,We have some questions, and we have some\Nquestions from the internet. So here we go!
Dialogue: 0,0:50:40.51,0:50:43.51,Default,,0000,0000,0000,,Signal Angel: Yes, thank\Nyou. Ray, are you aware
Dialogue: 0,0:50:43.51,0:50:47.70,Default,,0000,0000,0000,,of any secure Bluetooth locks?\NWith decent crypto?
Dialogue: 0,0:50:47.70,0:50:52.16,Default,,0000,0000,0000,,Ray: Actually… not! What I can’t tell is
Dialogue: 0,0:50:52.16,0:50:56.58,Default,,0000,0000,0000,,if the crypto of the Master Lock, or\Nthe crypto of the Dog & Bone are good,
Dialogue: 0,0:50:56.58,0:51:01.58,Default,,0000,0000,0000,,because we really haven’t looked into\Nit. But it wouldn’t really help because
Dialogue: 0,0:51:01.58,0:51:05.99,Default,,0000,0000,0000,,the hardware is broken. The NOKE people,\Nas I said, are bringing out a new firmware
Dialogue: 0,0:51:05.99,0:51:11.34,Default,,0000,0000,0000,,in January [2017]. I’ll try to make them\Ntell me what they’re doing. Because
Dialogue: 0,0:51:11.34,0:51:14.63,Default,,0000,0000,0000,,I’m not really going to reverse-engineer\Nit again. I do that for a vendor once.
Dialogue: 0,0:51:14.63,0:51:17.80,Default,,0000,0000,0000,,We don’t have to do it a second time. So I\Nhope they just tell me what they’re doing,
Dialogue: 0,0:51:17.80,0:51:21.52,Default,,0000,0000,0000,,and we can have a look if it looks\Npromising. But at least they react.
Dialogue: 0,0:51:21.52,0:51:25.62,Default,,0000,0000,0000,,So, possibly, the NOKE is becoming a\Nmore secure padlock. But besides that
Dialogue: 0,0:51:25.62,0:51:30.57,Default,,0000,0000,0000,,I don’t know any, so far. You can find the\Ntalk by Rose & Ramsey on the internet.
Dialogue: 0,0:51:30.57,0:51:36.04,Default,,0000,0000,0000,,It’s unusual for DEF CON talks but this\NDEF CON talk is online. So you see lots of
Dialogue: 0,0:51:36.04,0:51:39.42,Default,,0000,0000,0000,,locks there which he attacked, and they\Nall were worse than the ones we had here.
Dialogue: 0,0:51:39.42,0:51:43.81,Default,,0000,0000,0000,,So, sorry, no. Which I could recommend.
Dialogue: 0,0:51:43.81,0:51:46.48,Default,,0000,0000,0000,,And I wouldn’t recommend it, anyway,\Nbecause if it’s not open source you
Dialogue: 0,0:51:46.48,0:51:50.89,Default,,0000,0000,0000,,don’t know if it’s secure! You just\Nknow it’s currently uncracked. So,
Dialogue: 0,0:51:50.89,0:51:53.60,Default,,0000,0000,0000,,possibly stick to your old ones!\N{\i1}laughs{\i0}
Dialogue: 0,0:51:53.60,0:51:54.81,Default,,0000,0000,0000,,But thanks for the question.
Dialogue: 0,0:51:54.81,0:51:58.60,Default,,0000,0000,0000,,Herald: Then we’re gonna\Nhop over to microphone no. 2!
Dialogue: 0,0:51:58.60,0:52:03.20,Default,,0000,0000,0000,,Question: Thank you. That was quite\Na bit of ‘Fremdschäming’. Fun talk. (?)
Dialogue: 0,0:52:03.20,0:52:07.50,Default,,0000,0000,0000,,Just one thought: You said that\Nit’s about selling the hardware.
Dialogue: 0,0:52:07.50,0:52:12.44,Default,,0000,0000,0000,,Well, maybe it’s not. Because from what\NI understand most of those devices
Dialogue: 0,0:52:12.44,0:52:17.80,Default,,0000,0000,0000,,are cloud-enabled. So I’m pretty\Nsure they collect all the data,
Dialogue: 0,0:52:17.80,0:52:20.42,Default,,0000,0000,0000,,and maybe it’s about mining\Nthat, for them. I don’t know.
Dialogue: 0,0:52:20.42,0:52:25.62,Default,,0000,0000,0000,,Ray: Actually, yes. The NOKE has a Pro\Nversion where they sell a company license
Dialogue: 0,0:52:25.62,0:52:29.18,Default,,0000,0000,0000,,where you can have a company software\Nto the cloud, and have more features like
Dialogue: 0,0:52:29.18,0:52:34.50,Default,,0000,0000,0000,,sharing other’s locks. But still you can\Nmake it open source, and make a license
Dialogue: 0,0:52:34.50,0:52:38.26,Default,,0000,0000,0000,,that disallows commercial use, or\Nsomething like that. Open source
Dialogue: 0,0:52:38.26,0:52:43.14,Default,,0000,0000,0000,,doesn’t have to mean it’s free to use.\NAnd if you have very complicated logic
Dialogue: 0,0:52:43.14,0:52:48.34,Default,,0000,0000,0000,,for your company portal, or something,\Npossibly keep that closed-source.
Dialogue: 0,0:52:48.34,0:52:52.03,Default,,0000,0000,0000,,But enable me to follow your\Ncommunication, to understand
Dialogue: 0,0:52:52.03,0:52:55.76,Default,,0000,0000,0000,,how keys are generated, and stuff\Nlike that. This is not your secret.
Dialogue: 0,0:52:55.76,0:52:59.68,Default,,0000,0000,0000,,This is something… this\Nis the elementary function.
Dialogue: 0,0:52:59.68,0:53:02.79,Default,,0000,0000,0000,,People should be able to understand an\Naudit. And especially in a commercial
Dialogue: 0,0:53:02.79,0:53:06.98,Default,,0000,0000,0000,,environment, if you ask a locksmith\Nor some other security expert:
Dialogue: 0,0:53:06.98,0:53:11.99,Default,,0000,0000,0000,,“Would you recommend this device?”, if he\Ncan’t look into it he can’t recommend it.
Dialogue: 0,0:53:11.99,0:53:16.85,Default,,0000,0000,0000,,So I think also for selling appliances, or\Nselling services open source algorithms
Dialogue: 0,0:53:16.85,0:53:23.04,Default,,0000,0000,0000,,or open source protocols would be the best\Nsolution. But especially in the lock industry
Dialogue: 0,0:53:23.04,0:53:26.25,Default,,0000,0000,0000,,that’s very very uncommon. I had\Nreally bad experience talking to
Dialogue: 0,0:53:26.25,0:53:29.89,Default,,0000,0000,0000,,normal lock manufacturers about open\Nsourcing their stuff. It’s an idea they
Dialogue: 0,0:53:29.89,0:53:34.30,Default,,0000,0000,0000,,don’t understand. They’re about secrets,\NI don’t know. Let’s hope for the future!
Dialogue: 0,0:53:34.30,0:53:36.96,Default,,0000,0000,0000,,{\i1}laughs{\i0} Another…\NHerald: Okay, we had…
Dialogue: 0,0:53:36.96,0:53:41.12,Default,,0000,0000,0000,,No. 1 is just coming up! He was queuing\Nat ‘3’ but covering the camera, and then
Dialogue: 0,0:53:41.12,0:53:44.52,Default,,0000,0000,0000,,the camera man got a little bit disturbed,\Nand… it’s a long story. ‘1’, we go!
Dialogue: 0,0:53:44.52,0:53:47.93,Default,,0000,0000,0000,,Question: I was wondering if you knew\Nabout the new locks which advertise
Dialogue: 0,0:53:47.93,0:53:51.27,Default,,0000,0000,0000,,their existence, like broadcast\Nthings, or things like that?
Dialogue: 0,0:53:51.27,0:53:54.65,Default,,0000,0000,0000,,Could you like walk through the street and\Nknow there are Bluetooth locks around you?
Dialogue: 0,0:53:54.65,0:53:59.23,Default,,0000,0000,0000,,Ray: No, those locks usually don’t broadcast\Nbecause it would use too much energy.
Dialogue: 0,0:53:59.23,0:54:02.79,Default,,0000,0000,0000,,So usually you have to push the\Nshackle of the lock or something.
Dialogue: 0,0:54:02.79,0:54:06.87,Default,,0000,0000,0000,,And then it broadcasts. There are actually\Nif you go back to this DEF CON talk
Dialogue: 0,0:54:06.87,0:54:11.17,Default,,0000,0000,0000,,I was talking about – and I think that’s\Nenough shaming of Master Lock here –
Dialogue: 0,0:54:11.17,0:54:16.18,Default,,0000,0000,0000,,{\i1}video playback stops{\i0}\Nif he has door locks and stuff like that,
Dialogue: 0,0:54:16.18,0:54:19.12,Default,,0000,0000,0000,,those possibly are connected to [the]\Npower [grid] and advertise all the time.
Dialogue: 0,0:54:19.12,0:54:23.41,Default,,0000,0000,0000,,So he did some lock wardriving.\NBut for the padlocks that doesn’t work.
Dialogue: 0,0:54:23.41,0:54:27.38,Default,,0000,0000,0000,,But of course you can go and click\Nthem, and then… get the idea.
Dialogue: 0,0:54:27.38,0:54:30.51,Default,,0000,0000,0000,,And of course you can do the other thing:\Nyou could walk around and pretend
Dialogue: 0,0:54:30.51,0:54:34.70,Default,,0000,0000,0000,,you’re a lock, and see if someone has the\Napp running, and connects back to you.
Dialogue: 0,0:54:34.70,0:54:37.03,Default,,0000,0000,0000,,That might work!
Dialogue: 0,0:54:37.03,0:54:39.69,Default,,0000,0000,0000,,Herald: And over to\Nmicrophone no. 2, please!
Dialogue: 0,0:54:39.69,0:54:45.78,Default,,0000,0000,0000,,Question: I was wondering\Nabout that strong encryption,
Dialogue: 0,0:54:45.78,0:54:50.81,Default,,0000,0000,0000,,meaning AES, and on the other\Nhand the very weak, or vulnerable,
Dialogue: 0,0:54:50.81,0:54:56.53,Default,,0000,0000,0000,,or flawed key exchange: do you\Nthink that might be due to out-tasking,
Dialogue: 0,0:54:56.53,0:55:01.78,Default,,0000,0000,0000,,like they have specified that they\Nwant encryption, and have not specified
Dialogue: 0,0:55:01.78,0:55:05.98,Default,,0000,0000,0000,,how key exchange is to be handled,\Nand that might be the reason why
Dialogue: 0,0:55:05.98,0:55:10.71,Default,,0000,0000,0000,,it takes them 8 months\Nor more to fix that?
Dialogue: 0,0:55:10.71,0:55:14.13,Default,,0000,0000,0000,,Ray: This is basically 2 questions.\NOf course I can only speculate.
Dialogue: 0,0:55:14.13,0:55:18.92,Default,,0000,0000,0000,,It might be out-tasking, it might\Nalso be that they just had the time…
Dialogue: 0,0:55:18.92,0:55:22.40,Default,,0000,0000,0000,,if you follow the NOKE kickstarter\Ncampaign – it was all funded
Dialogue: 0,0:55:22.40,0:55:25.87,Default,,0000,0000,0000,,in a kickstarter – they had a lot of\Nproblems in delivering on time.
Dialogue: 0,0:55:25.87,0:55:29.81,Default,,0000,0000,0000,,So there’s lots and lots of comments\N“I’m waiting for my lock, oh. Oh god,
Dialogue: 0,0:55:29.81,0:55:33.28,Default,,0000,0000,0000,,another delay, now you’re claiming\Nmanufacturing is difficult…”, so, many,
Dialogue: 0,0:55:33.28,0:55:37.41,Default,,0000,0000,0000,,many people saying “you have to come out\Nwith that”. So it might be time pressure,
Dialogue: 0,0:55:37.41,0:55:40.74,Default,,0000,0000,0000,,it might be out-tasking, and of course\Nit might be that they just specified:
Dialogue: 0,0:55:40.74,0:55:44.44,Default,,0000,0000,0000,,“Oh, we want to use AES”. And that’s\Nthe other thing, everybody says:
Dialogue: 0,0:55:44.44,0:55:48.42,Default,,0000,0000,0000,,“We disclose what we’re using. We’re using\NAES!” Here we have a very good example,
Dialogue: 0,0:55:48.42,0:55:51.98,Default,,0000,0000,0000,,yes, it really is using AES. And it’s\Nusing a correct implementation.
Dialogue: 0,0:55:51.98,0:55:56.75,Default,,0000,0000,0000,,We actually found it’s a TI example\Nimplementation of AES that they’re using.
Dialogue: 0,0:55:56.75,0:56:01.56,Default,,0000,0000,0000,,So it’s completely valid AES128,\Nbut still it’s completely insecure.
Dialogue: 0,0:56:01.56,0:56:06.09,Default,,0000,0000,0000,,So people just claim they’re using AES, or\N“We’re using SHA-somesing or somesing”.
Dialogue: 0,0:56:06.09,0:56:09.100,Default,,0000,0000,0000,,Isn’t enough. You have to know the whole\Nprotocol. And that wasn’t the case here.
Dialogue: 0,0:56:09.100,0:56:12.58,Default,,0000,0000,0000,,{\i1}laughs{\i0}\NHerald: Okay, then we’re gonna go over
Dialogue: 0,0:56:12.58,0:56:14.58,Default,,0000,0000,0000,,to the internet, again!\NRay: The internet… of…
Dialogue: 0,0:56:14.58,0:56:19.42,Default,,0000,0000,0000,,Signal Angel: Thank you. Actually it’s a\Nfollow-up question for the previous one:
Dialogue: 0,0:56:19.42,0:56:22.81,Default,,0000,0000,0000,,would it be sufficient to have\Na hardware-accelerated AES
Dialogue: 0,0:56:22.81,0:56:25.38,Default,,0000,0000,0000,,on these Bluetooth thingies?
Dialogue: 0,0:56:25.38,0:56:30.45,Default,,0000,0000,0000,,Ray: Actually hardware-accelerated AES\Ndoesn’t have to do anything with that.
Dialogue: 0,0:56:30.45,0:56:34.01,Default,,0000,0000,0000,,That might be helpful if you have\Na chip which is a crypto chip,
Dialogue: 0,0:56:34.01,0:56:37.90,Default,,0000,0000,0000,,if you have things like side channel\Nattacks. If you would have a key fob
Dialogue: 0,0:56:37.90,0:56:41.87,Default,,0000,0000,0000,,which has a secret key in it which should\Nnot be extractable, those keys can be
Dialogue: 0,0:56:41.87,0:56:45.80,Default,,0000,0000,0000,,extracted with electronic attacks, side\Nchannel attacks, power measurements.
Dialogue: 0,0:56:45.80,0:56:50.56,Default,,0000,0000,0000,,Against these attacks a crypto chip could\Nhelp because it has a good implementation.
Dialogue: 0,0:56:50.56,0:56:55.15,Default,,0000,0000,0000,,But for this… AES is AES. As I said\Nthe implementation of AES is valid.
Dialogue: 0,0:56:55.15,0:56:59.19,Default,,0000,0000,0000,,So an accelerated chip wouldn’t help.\NAnd they’re not doing bad crypto
Dialogue: 0,0:56:59.19,0:57:03.10,Default,,0000,0000,0000,,for performance reasons. It’s only one\NAES operation. They’re doing it because
Dialogue: 0,0:57:03.10,0:57:06.73,Default,,0000,0000,0000,,it’s more difficult to do it right. And it\Npossibly would need asymmetric crypto.
Dialogue: 0,0:57:06.73,0:57:08.63,Default,,0000,0000,0000,,That could need acceleration,\Non the other hand.
Dialogue: 0,0:57:08.63,0:57:11.88,Default,,0000,0000,0000,,But it doesn’t have to do with the chip.
Dialogue: 0,0:57:11.88,0:57:15.42,Default,,0000,0000,0000,,Herald: Are you queuing there, on ‘5’?\N{\i1}lowered voice:{\i0} Well, then here we go!
Dialogue: 0,0:57:15.42,0:57:20.84,Default,,0000,0000,0000,,Question: Okay, two little questions,\Nmore hardware related. First one:
Dialogue: 0,0:57:20.84,0:57:24.96,Default,,0000,0000,0000,,How could you build a lock which\Nisn’t susceptible to the attack
Dialogue: 0,0:57:24.96,0:57:28.100,Default,,0000,0000,0000,,you showed in the video,\Nlike flipping the magnet?
Dialogue: 0,0:57:28.100,0:57:33.95,Default,,0000,0000,0000,,That’s the one, and the second one\Nis that Trelock, or ABUS I think,
Dialogue: 0,0:57:33.95,0:57:39.19,Default,,0000,0000,0000,,says they have an electronic bike\Nlock which doesn’t have any battery,
Dialogue: 0,0:57:39.19,0:57:43.72,Default,,0000,0000,0000,,and I’m quite confused how they\Nwill do it. Have you any idea?
Dialogue: 0,0:57:43.72,0:57:48.42,Default,,0000,0000,0000,,Ray: Actually I don’t know – starting with\Nthe second question – the ABUS lock
Dialogue: 0,0:57:48.42,0:57:52.74,Default,,0000,0000,0000,,at all, I must admit. But there are e.g.\Nalso Cyberlock is it called, they have
Dialogue: 0,0:57:52.74,0:57:56.05,Default,,0000,0000,0000,,battery in the key, and you put the key to\Nit. If it’s a Bluetooth lock I don’t know
Dialogue: 0,0:57:56.05,0:58:00.25,Default,,0000,0000,0000,,how they’re doing it. It might be possible\Nthat you push something and it starts
Dialogue: 0,0:58:00.25,0:58:04.81,Default,,0000,0000,0000,,a generator. I’ve seen buttons which you\Npress and they generate the energy to send
Dialogue: 0,0:58:04.81,0:58:07.99,Default,,0000,0000,0000,,while you press it. So it might be\Nthat, but I don’t know the products.
Dialogue: 0,0:58:07.99,0:58:11.24,Default,,0000,0000,0000,,The other question, I must admit I didn’t\Nreally understand what you want to know.
Dialogue: 0,0:58:11.24,0:58:14.75,Default,,0000,0000,0000,,Can you repeat the first one?
Dialogue: 0,0:58:14.75,0:58:18.29,Default,,0000,0000,0000,,Question: Of course. I was just\Nasking how to protect the lock
Dialogue: 0,0:58:18.29,0:58:22.11,Default,,0000,0000,0000,,so it can’t be opened by flipping\Na magnet, like you did in the video.
Dialogue: 0,0:58:22.11,0:58:26.18,Default,,0000,0000,0000,,Ray: How to protect it, that’s a very\Ngood question. I think we know
Dialogue: 0,0:58:26.18,0:58:30.48,Default,,0000,0000,0000,,how NOKE did it. And the thing is\NI don’t think NOKE did it intentionally.
Dialogue: 0,0:58:30.48,0:58:34.61,Default,,0000,0000,0000,,It just happened to be in their design.\NWe can’t open the NOKE because
Dialogue: 0,0:58:34.61,0:58:38.81,Default,,0000,0000,0000,,the rotating actor they have is also\Nmagnetic. So if I put my magnet there
Dialogue: 0,0:58:38.81,0:58:43.82,Default,,0000,0000,0000,,I lock the lock. In the Master Lock it’s\Nsome cast metal which is not magnetic.
Dialogue: 0,0:58:43.82,0:58:47.24,Default,,0000,0000,0000,,So changing this to magnetic would\Npossibly help. Using a completely
Dialogue: 0,0:58:47.24,0:58:51.60,Default,,0000,0000,0000,,different approach, like the motor in The\NQuicklock, or which needs more power,
Dialogue: 0,0:58:51.60,0:58:54.91,Default,,0000,0000,0000,,or works differently like a servo would\Nhelp. But would be a completely
Dialogue: 0,0:58:54.91,0:58:59.69,Default,,0000,0000,0000,,different design. But it’s really a tricky\Npart. There have lots of different locks
Dialogue: 0,0:58:59.69,0:59:04.34,Default,,0000,0000,0000,,in the past, also door locks, been\Nattackable by hardware attacks.
Dialogue: 0,0:59:04.34,0:59:10.59,Default,,0000,0000,0000,,So building a good, really good mechanic,\Nor electromechanic isn’t easy.
Dialogue: 0,0:59:10.59,0:59:15.26,Default,,0000,0000,0000,,Herald: And I think we have time\Nfor the last one, at microphone 5.
Dialogue: 0,0:59:15.26,0:59:19.34,Default,,0000,0000,0000,,Question: So this isn’t a question,\Nit’s just a precision. At one point
Dialogue: 0,0:59:19.34,0:59:23.78,Default,,0000,0000,0000,,during the presentation you talked\Nabout open source smart appliances,
Dialogue: 0,0:59:23.78,0:59:28.31,Default,,0000,0000,0000,,and you said, nobody really does\Nthat. And you urge people
Dialogue: 0,0:59:28.31,0:59:34.19,Default,,0000,0000,0000,,to be the first to do e.g.\Nopen source sex toys.
Dialogue: 0,0:59:34.19,0:59:38.78,Default,,0000,0000,0000,,And it happens that someone is doing that.
Dialogue: 0,0:59:38.78,0:59:43.12,Default,,0000,0000,0000,,So on Github it’s Q-dot,\Nif you want to learn more
Dialogue: 0,0:59:43.12,0:59:47.60,Default,,0000,0000,0000,,about what they’re doing.\NThey have, you know,
Dialogue: 0,0:59:47.60,0:59:52.96,Default,,0000,0000,0000,,several public repositories about\N‘teledildonics’. So, you know, just,
Dialogue: 0,0:59:52.96,0:59:55.52,Default,,0000,0000,0000,,if anyone wants to check\Nthat out, just saying.
Dialogue: 0,0:59:55.52,0:59:58.66,Default,,0000,0000,0000,,Ray: Okay, thanks for your\Nself-advertisement. {\i1}laughter{\i0}
Dialogue: 0,0:59:58.66,1:00:02.60,Default,,0000,0000,0000,,And I was mainly talking about locks, I\Nmust admit. I don’t know the other fields
Dialogue: 0,1:00:02.60,1:00:05.56,Default,,0000,0000,0000,,so well. But locks is really difficult\Nto get open source. If you have
Dialogue: 0,1:00:05.56,1:00:09.27,Default,,0000,0000,0000,,more questions I’ll be at the MuCCC\Nassembly. I’m waiting for you to bring
Dialogue: 0,1:00:09.27,1:00:14.04,Default,,0000,0000,0000,,devices, get the dev board, hack the\Nstuff. And thanks again, for listening!
Dialogue: 0,1:00:14.04,1:00:16.50,Default,,0000,0000,0000,,{\i1}applause{\i0}
Dialogue: 0,1:00:16.50,1:00:21.77,Default,,0000,0000,0000,,{\i1}postroll music{\i0}
Dialogue: 0,1:00:21.77,1:00:40.39,Default,,0000,0000,0000,,{\i1}subtitles created by c3subtitles.de\Nin the year 2017. Join, and help us!{\i0}