DEF CON is a yearly conference with a focus on information security. At this years DEF CON 30 conference various talks on RF related topics were presented. In the past few weeks talks have been uploaded to YouTube for all to watch. Below we highlight a few we found interesting. The list of all main talks can be found on the Defcon YouTube channel, and talks from the RF Village can be found on the RF Hackers Sanctuary YouTube page.
J9 - Biohacking Using SDR When You Don’t Know What You’re Doing
Security Researcher and BioHacker J9 presented an interesting and entertaining talk about how she used an SDR to listen in and decode a wireless pH sensor pill she ingested as part of a medical test.
What would you do if you were implanted with a medical device that broadcasts every 12 seconds?
Starting with loads of curiosity and very little knowledge about RF, how to use a software defined radio (SDR), and no knowledge of how to decode captured RF signals, I embarked on an adventure to teach myself something new. Jumping head first into the RF CTF helped greatly!
This presentation starts with cocaine and ketamine (in a controlled medical setting) and includes a near-death experience and new skills attained by building on the work of those who came before me. The end result of this adventure led me to the US Capitol to sit down with Senate staffers about the security and exploitability of medical devices.
Erwin Karincic - Have a SDR? - Design and make your own antennas
In this talk Erwin Karincic explains how to design and make custom PCB antennas using home based or low cost techniques.
Most Software Defined Radios (SDRs) process a wide range of frequencies usually ranging from few MHz to multiple GHz where different antennas are used to pick up signals in a specific subset of that range. All applications using SDR require antennas to operate efficiently at very specific frequencies. Most inexpensive commercial antennas are designed either for wider ranges with lower gain over the entire range or very specific known frequencies with higher gain. The problem occurs when the researcher performs an assessment of a device and requires the use of specific frequency for which an antenna with high gain is not readily available. Most security researchers within wireless domain have outlined that their specific attack or exploit could be executed at higher range if antenna had better gain at that specific frequency. This talk focuses on bridging that gap by providing a way for researchers to create their own patch antennas without deep electrical engineering experience.
Andrew Logan - Tracking Military Ghost Helicopters over Washington DC
In this talk Andrew explains how ADS-B receivers, combined with ATC communications, public announcements and crowd sourced visual identification have helped track the activity of military helicopters operating over the Washington DC area.
There's a running joke around Washington D.C. that the "State Bird" is the helicopter. Yet 96% of helicopter noise complaints from 2018-2021 went unattributed: D.C. Residents can not tell a news helicopter from a black hawk. Flight tracking sites remove flights as a paid service to aircraft owners and government agencies; even in the best case these sites do not receive tracking information from most military helicopters due to a Code of Federal Regulations exemption for "sensitive government mission for national defense, homeland security, intelligence or law enforcement." This makes an enormous amount of helicopter flights untraceable even for the FAA and leaves residents in the dark.
What if we could help residents identify helicopters? What if we could crowd source helicopter tracking? What if we could collect images to identify helicopters using computer vision? What if we could make aircraft radio as accessible as reading a map? What if we could make spotting helicopters a game that appeals to the competitive spirit of Washingtonians? And what if we could do all of this... on Twitter?