Randomdata was invited again to join this years Hack in The Box' commsec village.
This years Commsec village consisted out of various hackerspaces but also some other communities like OWASP Netherlands, OHM2013 and Nikhef.
A wide range of hardware was available in the villages including 3D printers, Alarm systems, Old computers, LED's, OWASP rockets (grr!) and much, much more.
On the media side the Commsec village was a popular place to take photos, also the Dutch television was enjoying the hacky environment. HITB came in the news a lot with subjects but of course most media was interested in "old DDOS news", I'm glad we could convince them there where better subjects! You can find items on CNN, RTL Nieuws, Nieuwsuur but also the newspapers/sites had more then average attention for all the hackers.
The CTF was inspired by the game Pole position, the title was PWN position and the scoreboard was a racetrack!
One of the challenges at the CTF was supplied by Randomdata, we used one of the wireless alarms where we added a wireless sniffer and transmitter to. The challenge was to sniff the wireless signal, decode the pulses and find the "code" of the system. The easiest was to check the Randomdata wiki but the alarm was "anonymous" so it wasn't that easy. Second way was to sniff a "on" and "off" code, compare them and BOOM!
There were a lot of great talks this year; talks about aircraft hacking, failing customs, how Canon cameras can be used as spycams, and of course great keynotes!
For The Netherlands there where some hi-impact ones too:
*Wilco Baan Hofman, a friend of Randomdata and Bitlair member, was presenting a talk about alarm protocols (remember HITR2NDB?)
*Blasty presented a leak in KPN routers, I do have to say they fixed it fast and I liked their response :-)
You can find a copy of the slides at the
All in all another great HITB conference, let's hope 2014 will bring one as well!
De open hackerspace dag was voor ons een succes. Gedurende de dag zijn er ongeveer 20 personen langs gekomen om eens te kijken wat een hackerspace is. We hadden een 3D printer werkend die onderdelen aan het printen was voor een andere printer en een aantal bezoekers hebben wat gewerkt op een Raspberry Pi. In de middag heeft nog iemand zijn router voorzien van OpenWRT. Verder is er veel gepraat over een hackerspace en wat mensen ertoe bracht om eens een bezoek te brengen.
Ook is het Utrechts Dagblad nog even langs geweest en heeft een leuk artikel geplaatst:
Randomdata is also joining the "Open day of the Dutch hackerspaces". Always wanted to know what hackers do and who we are? Well, this is your chance! Check out our wiki page with sample activity's. We will be open from 10:00 till 17:00 but we might stay open until late if enough people come over and would like to hang out at the space.
Message for the press: please contact us in advance.
Op 30 maart 2013 openen hackerspaces in Nederland haar deuren voor iedereen die wil weten wat echte hackers zijn en wat ze doen. Nederland telt momenteel twaalf hackerspaces.
Van vork naar iPhone-standaard, van pallet naar stoel, van eenvoudig speelgoed ombouwen naar een toonaangevend muziekinstrument, van oud laken naar kledingstuk of beamerscherm, een koffieautomaat aanzetten met je mobiel, van je WiFi-router een radio maken. Klinkt dit bekend? Dan ben je een hacker: hacken is alledaags en met de juiste mindset kan iedereen een hacker zijn. Dat laten de Nederlandse hackerspaces zien tijdens hun open dag. Vorig jaar bezochten ruim 300 mensen de allereerste open dag, wat werd gezien als een succes. Op 30 maart laten de hackerspaces opnieuw zien dat de hackergemeenschap een omvangrijk spectrum aan interesses kent, en ook een rijke historie heeft; zo komt bijvoorbeeld internetprovider XS4ALL voort uit de hackerswereld.
Vandaag de dag zijn er meer dan tien hackerspaces in Nederland: open werkplaatsen waar wordt geprogrammeerd, gesoldeerd, geknutseld en gediscussieerd. Ook worden er vaak lezingen en workshops gehouden.
Termen als ethisch hacken, knuffelhackers en vrije kennis worden graag uitgelegd. Delen van kennis, ook op technisch en ethisch vlak, wordt door veel hackerspaces gezien als een kernwaarde. “Veel projecten die in de space worden gemaakt staan ook gedocumenteerd op internet. Zo kunnen andere geinteresseerden het project hergebruiken of verbeteren”, aldus Dave Borghuis, initiatiefnemer van de open dag en oprichter van Twentse hackerspace TkkrLab. “Een simpele vraag over de werking of het maken van iets leidt snel tot samenwerking en dus kennisdeling. Dat is heel toegankelijk en heeft met meer dan alleen computers te maken.”
Hackers maken graag dingen, zo vinden oude spullen regelmatig een weg naar de hackerspace. Een motor van een oude mixer wordt bijvoorbeeld gebruikt om een autootje aan te drijven. Maar ook nog niet bestaande spullen worden zelf vervaardigd met 3D printers en andere gereedschappen, hackers maken hun eigen nieuwe electronica of schrijven hun eigen software. Allemaal gebaseerd op open en vrij beschikbare kennis die daarna volop en actief wordt gedeeld.
De open dag is een kleurrijk geheel met activiteiten door het hele land. Iedere hackerspace geeft hieraan een eigen invulling. Een willekeurige greep uit de onderwerpen die aan bod komen: producten maken met 3D printers, het gebruik van lasersnijders, workshops solderen en elektronica voor beginners, lockpicking, veilig surfen op internet en nog veel meer. Voor een overzicht van de activiteiten en openingstijden per space kan men terecht op http://hackerspaces.nl/.
Iedereen is welkom om een kijkje te nemen. Om 10:00 uur ‘s ochtends openen de deuren, om 17:00 is het dagprogramma afgelopen. Sommige spaces zijn ook ‘s avonds geopend.
Aanmelden is niet nodig, het wordt wel op prijs gesteld dat pers zich vooraf meldt.
On the 8th of this month it was time again for a real Hack In The Random 2600 NL Data box, the joined forces between Randomdata, Hack In The Box and 2600NL. 30 Invited attendees were able to gain the latest 1337 information from a great list of speakers. ...
The opening was done by DrWhax and Fish_ (who else :), announcing the future activities and wrapping up the last 10 months. For starters there was an update on Video Surveillance by Dave van der Poel, a nice overview about the current activities and possibilities on video surveillance. For the most of us it was, yet again, an acknowledgement of technology which can do more, gather more information and, if used wrong, be a dangerous tool for privacy. Next talk was done By Wilco Baan Hofman, he played enough with the SIA-HS alarm IP transmit protocol and cracked it, well, cracked... let's call it XOR. Next up was the coffee break and a lot of Clubmate clips where 3D printed so nobody lost his own bottle of Mate. Fresh and mate'd up, we started the live hookup of Spacenet of Randomdata by AK47. And, of course, it worked out of the box. After that it was time for some more heavy "shit", Blasty compiled a nice story of patching of binaries in memory. He didn't took the most easiest one. No, no, he had chosen a little nightmare called openssh. It worked out in a successful acceptance of his Pub key in the deamon, impressive stuff if you know what kind of hacks he needed. To finish the heavy stuff Aczid had a nice story about ELF binary debugging and anti-debugging, let's bring /proc/ a bit in to confusion! :D
To close the event we asked Winn Schwartau to give us a nice, inspiring talk, one of his main messages I remembered is about putting the right guy on the job. We (the people's) are often making the big mistake of putting a guy/girl on the job who fit the company profile, but what if he/she is autistic? Or has ADHD? No, we should first think about the quality and not focus on how strange somebody is. And let's be honest, aren't we all a bit strange? :D
As some of you know, a lot of Randomdata people are involved with the organization of HITB in Amsterdam.
Same this year, the Amsterdam 2012 edition in the Okura Hotel For a grand total of 5 days the hotel was pwnd by the hackers of Hack In The Box. The first 3 days were training and conference setup, the last (but not least) 2 days was the full-blown conference.
The Commsec playground/village
One of the activities was the HITB Commsec village where hackerspaces from The Netherlands and Belgium, and their community, were representing themselves:
We, as Randomdata, brought in Blinky (of course!) but also showed a demo set of how to sniff "in" hardware and how to start reverse-engineering on hardware. We showed the attendees how easy it is to reverse a media box just by looking into it, do some analyses on the pin-out and just hookup a TTL cable.
A nice overview of the atmosphere of the Commsec area:
Also the Commsec challenge was part of the activities for the hackerspaces this year, Randomdata decided to support the challenge instead of attending due to our 31337 coder named [com]buster, who is a bit too expert on the challenge subject. The challange was sponsored by Microsoft and they brought in Kinect sets to play around with. The hackerspaces had the challenge to create a software interface for the Kinect set so you could create words, sentences and phrases with your body. Finally, at the end of the conference, 3 spaces where left with a working POC, (even one on Linux with freshly written drivers!) and fight for the price of the year, a cheque of 1000 euros!
Since Har2009, a hackerfestival/conference in the Netherlands, our little hackerspace in Utrecht, RandomData, has been quite close with the guys from Hack in the Box. I have to admit that I'd never heard of this security group from Malaysia back then. We were talking about the conferences that they were giving in different places around the world and about them willing to come to The Netherlands for their next conference. We were all excited.
In 2010 the fist HiTB conference was an actual happening. Lots of guys from the hackerspace community, 2600nl and other friends of Randomdata+Hack in the Box joined up as volunteers to make this an experience to remember. For hackerspaces, there was a special area of the conference to set-up and show off your projects which was visited by a dozen of people who had nothing to do with the con, but who were just interested. Of course, with every start of something, we ran into some minor problems but in the end, it was a successful conference. They would continue to host conferences in Amsterdam.
Months of preparation it took the guys from HiTB and the volunteers to get the conference of 2011 set up. This year a lot of guys from the Dutch hackerspace community volunteered to make this another unforgettable experience. Because the guys behind HiTB and HiTB.nl saw how enthusiastic the hackerspaces scene was, this year they turned it up a notch. There was an actual hackerspace challenge, sponsored by ITQ. No space knew what it was about or what to bring. After social engineering a bit, I found out that we were going to play with Lego! Too bad my skillz aren't that good, or I would've been able to found out more. Spaces from our neighbouring countries entered the challenge as well hailing from Belgium and France.
The challenge was awesome, to say the least. We were to play with Lego NXT(c) \o/. The challenge was to build a robot of some kind, using only the bits provided and the things that you brought with you to the conference. It was not allowed to go out and buy stuff, only allowed to hack the stuff you had with you to build "extras". The ITQ stand had something which resembled a battleground, at least - that's what we made of it. But after explanation of the challenge, the objective was that you would program your robot so that it would automatically drive to a light, which was placed on one of the four corners of the "battlefield". The first one to arrive would gain a point and this with a time limit of a few minutes. You could gain extra points by obstructing the opposing robot and having nice code or a cool looking robot.
Because RandomData and HiTB are so close, all our members kinda volunteered for the con so it was a small problem to actually get guys to show off our (amazing and oh-so-many) projects. Good thing [com]buster was able to get time off work and was glad to join myself with the showing-off, who is an excellent coder where as I am horrible at it.
The building of the our robot, it was lots of fun and good experience. It was cool to see what path our hackerspace friends took, some started with the basics, others thought that the language provided by Lego was inferior and started by making the NXT brick speak a different language. I saw another space who just started to build a dragon out of it. Our road was less spectacular. We just wanted to get the robot working with all the different sensors so it would be able to compete in the challenge, then worry about arming ourselves for the obstruction bonus points. The challenge had certain hours to build, only five on the first day and three on the second.
At the end of the second day every space had a working robot out and proudly set them ready to play in the challenge. At this point, we found that our robot was actually doing very well. We saw that some robots were using sensors for the black lines at the end of the field, so they would know where to stop. Fifteen minutes before the start of the challenge we thought up a little idea; To add black markers to the side of our robot which would write on the ground, where ever we went. The idea was good but the lines were too thin. The lines our robot made, the perfection... It could be sold as art! Another idea we had was to build a lightdome on top of our robot. Seeing the objective was too be the first at the light, we thought this might sidetrack some robots. After some soldering and failing, we saw that bitlair (highlight/url) was building a bulldozer-like robot which would pick up anything it would drive against. We added some extra lego-bar protection instead of a lightdome.
After thirty minutes of stealing the show at the conference, the challenge was done. After some quick calculations of the ITQ team, RandomData was pronounced the winner, huzzah! Bitlair and their bulldozer robot came second, I think it was whitespace(0x20) from Gent, Belgium who came third. RandomData takes home a 1000 euro cheque to spend on our space!
Overall, it was a very cool conference and we're all looking forward to next year's event!