| Previously on | @doegox |
| Wiki | https://wiki.yobi.be/index.php/User:PhilippeTeuwen |
| Github | https://github.com/doegox |
| Keybase | https://doegox.keybase.pub/mastodon.html |
| @doegox |
γγγ«γ‘γ― Tokyo!
"Of all things, I liked bugs best."
β Nikola Tesla
Quarkslab is happy to participate in Pwn2Own
Automotive and tomorrow we will try to demonstrate a RCE on an Electric Vehicle Charger on stage.
Nikola enlight us, Murphy stay home!
https://www.zerodayinitiative.com/blog/2025/1/21/pwn2own-automotive-2025-the-full-schedule
γγγ«γ‘γ― and welcome to the second annual Pwn2Own Automotive competition. We are at Automotive World in Tokyo, and weβve brought together some of the best researchers in the world to test the latest automotive components. We had our random drawing for the order of events earlier today, and from th
Had a blast again this year helping running the Hardware CTF at #hardwear_io with @doegox @Phil_BARR3TT and Jilles Groenendijk! It's always super cool to see people breaking stuff we've built for this CTF π€©. See you next year !
Are "MIFARE-compatible" contactless cards not playing fair? That's what you may wonder after
@doegox spotted some odd
behavior.
Curiosity led to experiments that resulted in devising a new attack technique that uncovered some backdoors, and here we are π
The RFID hacking spirit lives on!
https://blog.quarkslab.com/mifare-classic-static-encrypted-nonce-and-backdoors.html
We studied the most secure static encrypted nonce variant of "MIFARE Classic compatible" cards -- meant to resist all known card-only attacks -- and developed new attacks defeating it, uncovering a hardware backdoor in the process. And that's only the beginning...
MIFARE Classic: exposing the static encrypted nonce variant
Iβve got a bit more, should I throw it in?
by @doegox from @quarkslab
Our #pts24 program & booking site are online π
- 21 talks on 10 topics, 9 (!) workshops
- by experts from @letsencrypt , Google CT and DFIR teams, @quarkslab , Synacktiv, Revng , KudelskiSec ...
Happy (free) booking!
π PROGRAM: https://cfp.pass-the-salt.org/pts2024/schedule/
ποΈ BOOKING SITE: https://pretix.eu/passthesalt/2024/
Thanks for relaying this messageπβ€οΈ
Cryptographic vulnerabilities with a "low" or "informational" severity are like tiny pebbles in your shoe, you know they're in there but why take them out if you can still walk?
Take care of them before they cause major discomfort!
@cryptopote explains why here:
Are we human? or are we dancer?
Introducing HydraDancer: A new hardware board and open source firmware for faster USB peripheral emulation.
The Facedancer legacy lives on!
If only we've gone faster it is because we relied on the previous work of our good neighbors
ThiΓ©baud Fuchs tells the story here
https://blog.quarkslab.com/hydradancer-faster-usb-emulation-for-facedancer.html
quarkslab
Damien Cauquil
Alexandre Dulaunoy
Pass the SALT Conference