DEF CON Safe Mode - James Pavur - Whispers Among the Stars

Рет қаралды 37,752

Күн бұрын

Пікірлер: 78

@zvnavv3w5 4 жыл бұрын

Shout out to the DEFCON media team for adding that super-cool interlaced effect, making it super easy to read smaller font and graphs...

@DrTune 4 жыл бұрын

indeed, also SO much wasted screen real-estate on pointless static graphics. I hope this stuff gets re-thunk next time, it's the triumph of visual designer over content and it's nothing like as 'cool' as the video editor thought it would be:-(

@L1m3r 4 жыл бұрын

For years I felt that conferences organized by the CCC (XYc3 and so on) had much better streams/videos then DEFCON (quality etc. - not necessarily content). But I haven't watched that many Talks from DEFCONs so my opinion wasn't that applicable. Now I'm content to say that imho DEFCON sucks at streaming/recording...

@FlagstaffslowTV 4 жыл бұрын

@@L1m3r Agreed, even the titles on these videos are poor. The actual title gets cut off on the thumbnail and all you see is "DEF CON Safe Mode" - We know these are DEF CON videos, it is the name of your channel!!

@DrTune 3 жыл бұрын

@@FlagstaffslowTV At least this year('21) no stripes. Still same title issue.. well.. one step at a time..!

@eklypzn 4 жыл бұрын

Didn't think I was gonna last the full 45min, but that was extremely interesting

@spicybaguette7706 4 жыл бұрын

"So we were listening to the traffic of this Greek billionaire's megayacht" That has to be one of the most badass things said at defcon

@tpfaff 4 жыл бұрын

Not really. I think either any of the people successfully owning voting machines or the people that successfully took over the USAF (CTF objective) cube-sat have that beat by a bit.

@artiem5262 4 жыл бұрын

applause -- good presentation backed by very good research!

@AntiProtonBoy 4 жыл бұрын

Pretty good talk. Cheers for putting this together.

@waq4s 4 жыл бұрын

What a great presentation. Fascinating!

@LievenHollevoet 4 жыл бұрын

Great content and very clear way of presenting it. Kudo's!

@WalterMelonhead 4 жыл бұрын

Thanks you for the great talk! Very clear!

@jezwilliams3162 Жыл бұрын

Thanks for the great work

@NoBug404 4 жыл бұрын

Unbelievable. "Hey your system is really insecure. Here's some proof." "I'm gonna sue you."

@Malaphor2501 3 жыл бұрын

If there was one company to name and shame, this would have been the one.

@UBG_Marine 4 жыл бұрын

And the next talk will be titled, "How did the FBI get my paper before I gave it to anyone?"

@JoolsUK 3 жыл бұрын

AKA So I was intercepting satellite comms and was surprised national intelligence services had noticed

@Tom-kt8lu 2 жыл бұрын

Good teacher.

@ldstyle0178 3 жыл бұрын

Bro you are a genius!! Really cool video honestly didn’t know all that was possible

@chetranqui 4 жыл бұрын

Incredible work. Thank you for sharing it with us. :-)

@sashaecg 4 жыл бұрын

This is great. The low SNR is due to the size of his RX antenna... As you go to higher modulation conditions you need to have a larger dish. 32APSK at 53 Mhz is gonna need a larger dish!

@excitedbox5705 4 жыл бұрын

yup any pc card with a BNC connector and fast enough adc should be able to decode any protocol you can pickup as long as you write your own software. A cheap software defined radio hooked to a larger dish should work as well. He did say they focused on off the shelf solutions so they could spend more time on the data than on setting up their tools.

@linusgk5042 4 жыл бұрын

Nice job! 👍

@Spacefish007 4 жыл бұрын

Expected nothing less :). Thanks for the great research! I also wonder if orbital control commands to the satellite are encrypted / signed.. I guess especially for older satellites, there is only some sort of FEC but no real encryption / signing.. So if you know the protocol, you can potentially de-orbit a satellite / cause some serious trouble, by shutting down systems / power and so on.

@CellularInterceptor 4 жыл бұрын

That's already been done over 40 years ago.

@MCtheMD 4 жыл бұрын

Worth mentioning that the attack at 34:00 has already been done, and indeed found out, by the Epic Turla group.

@ZodMagus 4 жыл бұрын

Love how he's using wsl. Pretty dope and easy

@tbbw 4 жыл бұрын

It would have been fun to get a reference time for page load ( 41:29 ) with the encrypted demo so you could tell how many seconds these guys tried to save vs no encryption.

@lhzav 4 жыл бұрын

Does anyone have further recommendations for resources/documentation on setting up an eavesdropping device.

@csvscs 4 жыл бұрын

Commence the rick rolling

@CellularInterceptor 4 жыл бұрын

Aside from satirical responses here, you may start with www.rtl-sdr.com/

@csvscs 4 жыл бұрын

Turn up the audio

@zaprodk 4 жыл бұрын

I had to boost the preset max volume on my speaker set to be able to hear anything properly, so i agree.

@ikedacripps 4 жыл бұрын

Ghana with the advantage for tcp hijacking

@cedricvillani8502 3 жыл бұрын

just used a simple "Spring Method" instead of a Fast Fourier Transform, and got amazing results

@ctged 4 жыл бұрын

Super low audio. Had to crank volume up to max to hear it from loudspeakers.

@mojoblues66 4 жыл бұрын

and when you happen to receive an e-mail or message during the playback your neighbours go boom

@jennirmz2381 4 жыл бұрын

fascinating and also terrifying

@mcseevujohnkiller 3 жыл бұрын

did you know the cost from a VSAT?? is more then 30K

@doit9854 4 жыл бұрын

The anonymous downlink method has been used for years in Special Operations for a long time. I'd love to see your research extend into using these sat links to coordinate RF backscatter expeditions to help triangulate tuned radios. #FoxHuntingFromSpace

@doit9854 4 жыл бұрын

"Only one company threatened to sue us"

@lukasblenk3684 3 жыл бұрын

Correct me if i am wrong but this was done a million times. (Yes its still cool ;D) And he would have had it much easier using dvb-tools on linux. But whats cool is the de anonymisation and analytic part. :D

@drmocm 4 жыл бұрын

This could be done 20 years ago with the streams of various satellite internet providers, seems like nothing has changed.

@spicybaguette7706 4 жыл бұрын

It's probably because not many people have taken a close look at this I think

@CellularInterceptor 4 жыл бұрын

30 years ago, I remember a rumor that elite hackers were able download images and scrambled audio from spy satellites and influence and control their orbits

@mcseevujohnkiller 3 жыл бұрын

Marcus providers has been make huge changes, this is old data 25 year ago, nothing here to proved,.. EXAMPLE "Dish Network" they come up with diferent encription where all of them was compromised, the latest one, have not been come up any body with a proved hack, why???? they did a very good develop where the ECM and EMM chANGE every 5 second and automatic detect the intruder who have been able to decrypted DES-Keys , on top of that your Settopbox where the smartcard was compromised to get this key are Unique. wich mean you will see a error saying please call customer service, they send you NEW CARDS , if you doit aging they already know what you doing.. And your account will be Suspended.. Show me if this can be bypass , yes is possible but take years to come up with a solution.

@maverickstclare3756 4 жыл бұрын

It's not just fingerprinting How many people visit your personal account pages on reddit / facebook / linkedIn / wherever It doesn't take too many to find out exactly who you are, or at least who you are online If you get a bunch of URLs from anonymized to "user 123" chances are you can out them pretty easily

@kevin2domingo950 4 жыл бұрын

Instead of a hub use a specialized smart switch

@katiedonovanAlt 4 жыл бұрын

*sigh* Great talk, man. I can kiss my Sat backdoors goodbye for a while....but, oh, well. Time passes; and there's always quantum communications....lol

@concernedcitizen3254 4 жыл бұрын

TLS works with POP

@zaphhood4745 4 жыл бұрын

Could you put some gain on the audio, can't hear shit.

@88tx 4 жыл бұрын

for next time please remove weird filter yes? and fix low audio issue.

@marcelozezan8625 4 жыл бұрын

OOOOoooooooo super

@tpfaff 4 жыл бұрын

How is this possible. Raw data should be impossible to read if they just used TLS. How many people/websites arent using https? How lazy can sysadmins be? Also the 'vulnerabilities' described in TLS at 18:25 are fixed in TLS 1.3. So that shouldnt even be possible anymore. And again the situation described requires email to not being using TLS. What email provider is not using STARTTLS? These are very simple fixes. Its very simple. Run software not from 2005 and you are immune to primitive attacks like this. LIterally all of this would be impossible if sysadmins did their job 8 years ago.

@CellularInterceptor 4 жыл бұрын

A lot of times is not the SysAdmins - It's the bad management not willing to pay for an upgrade because it "still works"

@versimpeld3611 4 жыл бұрын

Great talk, but that thumping door or whatever it is in the background is REALLY annoying when listening with some high-end headphones.

@Malaphor2501 3 жыл бұрын

It was his hand hitting the desk. Might want to do some research into how microphones work. I didn't even notice something until I read the comments towards the end of the video.

@innerfire369 4 жыл бұрын

if you want normal speed, watch witch 0.75 ;d

@chilled_beer821 2 жыл бұрын

don't use starlink guys this man can hack it

4 жыл бұрын

Big Nation: I buy Big Boi Antenna to spy satellites, taxpayer money goes brrrr This Guy: *hold my TV Tuner* Somewhat more seriously, that first example about satellite eavesdropping sounds oddly familiar... There’re this guys in my city who are reselling Spanish fiber to North Africa via some cool antenas that bounce to a satellite... I think I should go there and show them this video just to see their “Surprised Pickachu” faces :D

@ivars9828 4 жыл бұрын

What are the guys saying?

@Mr.Oblivian 3 жыл бұрын

What is ‘Spanish fiver’?

3 жыл бұрын

@@Mr.Oblivian Optic fiber internet, with the excitement I misspelled it xD