Description: Check your pocket, or your wrist, or your doorlock. From lightbulbs to keyboards and mice, Bluetooth Smart (a.k.a. BLE) just won't stop popping up. Given such a huge proliferation, it's no surprise that the NSA ANT catalog includes tools that target this fundamentally insecure wireless protocol. And this is the NSA we're talking about, they're not after your pedometer. Build out your own SIGINT capabilities with my Bluetooth Smart Attack tools: modeled on tools from the NSA ANT catalog, built with open source hardware and software, and ready to play with today!
Bio: Mike Ryan is a penetration tester ("security engineer") at iSEC Partners. At iSEC, Mike does low-level wireless and embedded testing as much as possible. Too often he's stuck doing web crap. In 2013 Mike released a tool called crackle to exploit a major crypto vulnerability in Bluetooth Smart (BLE). Crackle cracks BLE's key exchange, allowing a *passive* eavesdropper to capture and decrypt all data sent over BLE. Earlier this year Mike presented research on fuzzing BLE devices at the application level. He publicly demonstrated a stack-level crash against Bluedroid, Android's Bluetooth stack, that he discovered using a dumb mutative fuzzer based on BlueZ. Mike has presented ToorCon, ShmooCon, BlackHat, CanSecWest, and USENIX Security. He has been playing the game since 2002 and employs a wide array of skills, tricks, and leet hax on a daily basis.
For More Information please visit : - http://defcon-wireless-village.com/
http://www.irongeek.com/i.php?page=videos/defcon-wireless-village-2014/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.