Hacking a Virtual Power Plant

I recently had solar panels and a battery storage system from GivEnergy installed at my house. A major selling point for me was that they have a local network API which can be used to monitor and control everything without relying on their cloud services. My plan is to set up Home Assistant and integrate it with that, but in the meantime, I decided to let it talk to the cloud. I set up some scheduled charging, then started experimenting with the API.

The next evening, I had control over a virtual power plant comprised of tens of thousands of grid connected batteries.

Read more...

Putting an xz Backdoor Payload in a Valid RSA Key

Last week, a backdoor was discovered in xz-utils. The backdoor processes commands sent using RSA public keys as a covert channel. In order to prevent anyone else from using the backdoor, the threat actor implemented a cryptographic signature check on the payload.

I have seen a number of people claim that this would necessarily result in an obviously invalid RSA public key, or at least one with no corresponding private key.

This is incorrect, and someone nerd sniped me into proving it.

Read more...

UK Slashes Recognition of Foreign Gender Corrections

Kemi made her plan clear — anywhere offering “self-id” was going to be purged from the approved list. A statutory instrument to do that was introduced 6th December 2023. It was approved yesterday, 18th March 2024. The changes are extensive — twenty-five US states (plus Washington, DC), four Australian territories, and twenty-five entire countries have been cut.

Read more...

UK to Curtail Legal Recognition of Trans Immigrants

The UK's “Minister for Women and Equality”, Kemi Badenoch, who openly espouses hate for LGBTQ+ people, has said that many of these countries and territories no longer meet British standards. This is because they have followed the overall world-wide trend of improved rights for transgender people, which the UK opposes. The precise line between political scapegoating and bigotry on this issue is unclear.

Read more...

Dan Kaminsky - A Eulogy

I remember attending Dan Kaminsky’s talk at DEFCON 12 and being blown away by it. Three years later, I went on the original “Hackers on a Plane” trip and ended up seated next to Dan on one of the flights. We quickly became friends. His mentorship over the years had an enormous impact on me.

Read more...

You Can Create Art and Beauty on a Computer

In the early 90s, when I was in elementary school, I got assigned to write a report on a topic of my choosing. I decided to write about computer viruses. There weren’t many books at the time I could use as sources, but I found Levy’s “Hackers: Heroes of the Computer Revolution”

One thing from the book that stuck with me was “You can create art and beauty on a computer”.

Read more...

DKIM: Show Your Privates

If you’re like most people, there’s a good chance that it’s been years since you’ve sent an email that wasn’t cryptographically signed. You don’t use PGP, you say? Well, even if you are not signing your email, your provider is almost certainly doing it for you. Plausible deniability has been tossed aside in the name of stopping spam, but it doesn’t have to be.

Read more...

Artisanal RSA

Sometimes hacking requires doing things that, while possible to do with some algorithm, simply aren’t supported by any existing implementation. Usually for good reason. A good example of this that I’ve run into in the past is needing to initialize a hash algorithm with a specific state. There’s really not any reason to do this unless you’re trying to execute a length extension attack, and with the exception of HashPump (which was written specifically for that use case) I’m not aware of any library that supports it. I recently ran into this with problem with RSA.

Read more...

Bitfi’s Hardware Wallet is Terrible

It recently came to my attention that John McAfee has been advertising a cryptocurrency hardware wallet from a company called Bitfi, with the claim that it is “unhackable”. There’s even a $250,000 bounty to hack it. I do not have one of the actual devices in my possession, but from my review of the publicly available “source code” [PDF] and their private key calculator, my conclusion is that their product is most charitably described as a “footgun”.

Read more...

Storybits: Error Resistant Mnemonics

At DEFCON 22, Dan Kaminsky and I talked a little bit about something I built which he dubbed “Storybits”. Storybits can reversibly transform short strings of binary data into a series of words designed to produce a mental image. Order of the words does not matter, and many typos can be corrected automatically. I already had working code at the time of that talk, but since then it’s just been sitting around on my computer. People have been asking about it, so I put it up on GitHub, though it’s still a hacky prototype. I’ve thrown together a demo and written a bit about how it works.

Read more...