Day 4: Saturday, 8/11/12
I actually slept decently well the previous night. During my normal morning run, I crossed paths with George Dyson, who was apparently also one of the few morning joggers. On my run, I decided that I should check in to a hotel that night in order to get better sleep and not have to drive as far the following day. As much as I wanted to stay the night, I know that the partying would go until the wee hours of the morning, and I would need to wake up at around 7am the next morning in order to make my flight at 2pm in Seattle. Since this involved 4+ hours of driving, I needed the sleep.
I cooked the rest of my breakfast foods and shared what I had left. My fellow campers were quite thankful for the community bacon. Who doesn’t love community bacon? Besides, it resulted in a fair exchange of bacon for coffee.
After cleaning everything up, I called a motel in Port Angeles, WA and booked a room. At this point, my camping buddies and I learned that there was an extra “Arduino workshop” that was added to the schedule for that morning. So, we scampered down to the workshop area and signed up.
While it was billed as an “Arduino workshop,” it turned out to be more of a “soldering workshop” that happened to have an Arduino on a PCB. The board wasn’t laid out quite right, so a few adjustments were needed, such as re-aligning some of the pins. Once the soldering was complete, we were able to test the board by plugging it into a robot. That’s right – the Arduino board was a simple server controller and was pre-programmed with controls for a 4-legged walker.
It was then off to the talks. I attended 3 of the talks, which dealt with hacking Android devices and cracking open smart cards.The first talk was by Parity, who told the tale about helping a friend find his stolen cell phone. While that alone may not be so interesting, the speaker used a variety of hacking techniques to track the phone and report its location to the police. Once the phone was recovered, Parity cracked the new password in the Android phone by using brute force techniques. He collected SMS text files, photos, and GPS data in order to help the police build a better case against the phone thief. The lesson here? Don’t piss off hackers.
Christopher Tarnovsky, owner of Flylogic, Inc., specializes in die-level analysis of microchips. In this talk, he dissected an Atmel ST19WP18, which is commonly found in smart cards. By carefully etching away the top of the chip, he was able to see the burned ROM image with an electron microscope. With the ROM image, Tarnovsky could reverse engineer the program (firmware) in the chip, making the “Secure Trusted Platform Module (TPM)” not so “secure.”
For the final talk I attended, Kyle Osborn presented a suite of tools capable of throwing a number of exploits against Android via USB. Ideally, these tools can be loaded on a host Android device and, using a USB-OTG cable, attack another Android device. Osborn’s code can be found on github.
At this point, it was time to say my goodbyes. I cooked one last meal and packed my rental car. I exchanged contact information with my fellow camp mates and hit the road.
There is apparently a lighthouse at the very edge of the Indian Reservation – the northwest point of the contiguous United States. I attempted to drive through some unpaved roads to locate said lighthouse, but I was only able to find the entrance to a hiking trail, which would have been a 2 mile hike to the coast. Unfortunately, I didn’t have time to hike, so I continued driving a bit farther. I came upon an open dumping ground. It was quite disheartening to see vast amounts of garbage on such beautiful land.
The two hour drive to Port Angeles was uneventful, save for some gorgeous scenery along the road. I checked in to the Royal Victorian Motel, which provided a hot shower and a clean bed. A good night’s sleep was much needed in preparation for the drive to Seattle the following morning.
Apparently, I missed quite a show at ToorCamp’s final night. Computerworld provided some insights on some of the fun antics, including a collection of lasers totaling 26 Watts shot into the atmosphere, which required FAA approval.
In conclusion, ToorCamp was an amazing amount of fun and a great opportunity to meet some of the best minds in the underground hacking community. In retrospect (or as a note to myself when I visit again), I would have gone as part of a hackerspace, such as the People’s Republic of Noisebridge. This would let me take part in one of the themed campsites and not feel a bit of an outsider. Additionally, I would want to leave ample time (e.g. a few days) after the event for recuperation. I would have been more inclined to stay the final night had I not had to drive four hours the next morning. All in all, I consider ToorCamp 2012 a success and a great way to meet people and learn a few new skills.