tag:blogger.com,1999:blog-207399102024-03-19T06:33:48.210-06:00mossmann's blogI am a terrible bloggerMichael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.comBlogger217125tag:blogger.com,1999:blog-20739910.post-61024418117661562102014-09-01T10:36:00.000-06:002014-09-01T10:36:34.678-06:00Learning SDRI recently launched Software Defined Radio with HackRF, an instructional video series that I hope will make it easier than ever for people to learn the basics of Software Defined Radio (SDR).
When I first learned to use SDR for my wireless security research, it was hard. At first I thought, "I can build radios out of software! I don't know anything about building radios, but I know Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com74tag:blogger.com,1999:blog-20739910.post-19764892869169950582014-09-01T09:10:00.001-06:002014-09-01T09:10:09.186-06:00Talking SDR with Robert Ghilduta and Balint SeeberAs usual, the DEF CON Wireless Village put on an excellent program this year at DEF CON 22. In addition to the fantastic Wireless CTF contest, the village put together an impressive schedule of talks worthy of a much larger room.
Among the speakers lined up by the village were Balint Seeber of Ettus Research, Robert Ghilduta of Nuand, and myself of Great Scott Gadgets. Since the three of us Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com34tag:blogger.com,1999:blog-20739910.post-34822955659510424112014-07-31T23:20:00.000-06:002014-07-31T23:20:39.227-06:00The NSA PlaysetShortly after the NSA ANT catalog was leaked, I started thinking about how to make the gadgets in the catalog. Many of the capabilities described in the ANT catalog are things that we in the information security community already know how to do to some extent, and every one appears to be something that we can build with off-the-shelf or open source hardware and software.I prepared a talk for Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com27tag:blogger.com,1999:blog-20739910.post-269615645821895842014-06-10T22:51:00.001-06:002014-06-10T22:51:51.317-06:00Interview on Security WeeklyI had a great time talking with Paul and company on the Episode 376 of the Security Weekly Podcast. We talked a little about HackRF, but most of the discussion was about Ubertooth and Bluetooth security. This conversation prompted me to write a full description of how we recover Bluetooth UAPs by passive monitoring with Ubertooth.Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com22tag:blogger.com,1999:blog-20739910.post-78832024063363357382014-06-10T22:42:00.000-06:002014-06-10T22:42:20.763-06:00The Amp Hour #198We discussed Daisho, USB 3.0, Chris's portalab, and many other things on Episode 198 of The Amp Hour.Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com7tag:blogger.com,1999:blog-20739910.post-61328518327316523772014-04-26T22:28:00.000-06:002014-04-26T22:28:27.302-06:00The Amp Hour #185Chris and I interviewed Hank Zumbahlen, analog expert, on Episode 185 of The Amp Hour.Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com10tag:blogger.com,1999:blog-20739910.post-50285310756913496842014-01-10T16:06:00.000-07:002014-01-10T16:06:16.118-07:00HackRF Present and FutureAt CSAW THREADS in November I gave a talk about the present and future of the HackRF project (video). I reviewed the new HackRF One design, and then I showed all sorts of different things that people are already doing with HackRF Jawbreaker. It's pretty exciting to see all the applications that people are coming up with!Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com29tag:blogger.com,1999:blog-20739910.post-68462970930206930892014-01-04T14:29:00.000-07:002014-04-26T22:29:11.471-06:00The Amp Hour #177I joined Dave and Chris again on Episode 177 of The Amp Hour. Happy Festivus!Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com11tag:blogger.com,1999:blog-20739910.post-38722831050980340552013-11-16T11:09:00.002-07:002014-09-02T11:27:44.966-06:00Multiplexed Wired Attack SurfacesKyle Osborn and I presented Multiplexed Wired Attack Surfaces at ToorCon 15. This was the second time we gave the talk. The first was at Black Hat USA 2013, but the ToorCon video was posted first. The basic idea is that connectors on electronic devices are often used in unexpected ways and that some devices, especially phones and tablets, even multiplex several functions onto a single connectorMichael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com28tag:blogger.com,1999:blog-20739910.post-9456463031164779482013-10-30T12:38:00.000-06:002013-10-30T12:38:01.247-06:00Unintended Acceleration, Software, and SadnessA few years ago I became concerned about reports of sudden unintended acceleration in Toyota vehicles, especially when some of my family members started driving new Toyotas. At first I was skeptical of the reports, but they kept coming. In time, a friend of a friend had a terrible accident, and I was only two trustworthy people removed from a firsthand experience.I started paying more attentionMichael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com98tag:blogger.com,1999:blog-20739910.post-29169041064981248842013-10-26T11:31:00.000-06:002014-04-26T22:29:40.207-06:00Appearance on The Amp HourIn case further evidence is needed to demonstrate that I am a terrible blogger, I submit this: I had a wonderful time as a guest on Episode 161 of The Amp Hour and forgot to mention it here for nearly eight weeks! We discussed HackRF, Daisho, Ubertooth, wireless security, and how I came to the world of open source hardware from a background in information security. Thanks for having me on the Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com10tag:blogger.com,1999:blog-20739910.post-62778376124624886732013-07-31T10:33:00.001-06:002013-07-31T10:33:57.116-06:00HackRF is on KickstarterI launched HackRF on Kickstarter today. I hope you'll take a look, pledge your support, and spread the word. Thanks for your support!Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com29tag:blogger.com,1999:blog-20739910.post-20555817969365573622013-06-23T11:30:00.000-06:002013-06-23T11:30:38.517-06:00HackRF LEGO CarIn the Hacker Lounge at Open Source Bridge last week, the well-stocked LEGO table caught my eye. In particular, I spotted an antenna protruding from the pile, and I followed it down to a radio-controlled LEGO car platform! The controller was quickly located, a battery replaced, and I found that it worked pretty well.The controller was clearly marked with a sticker indicating operation at 27 MHzMichael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com222tag:blogger.com,1999:blog-20739910.post-71246425932335679472013-06-22T22:47:00.000-06:002013-06-22T22:47:10.813-06:00HackRF Beta Distribution
I've been working day and night to test, rework (You don't mind a few scorch marks, do you?), and ship HackRF beta units over the last four weeks. It has been a bigger job than I planned on, but the end is near. I expect to ship the last of the beta units before the end of June. I will have shipped a total of 500 units with more than 200 of those going to people who signed up for the waiting Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com34tag:blogger.com,1999:blog-20739910.post-57427581461829878812013-05-09T16:53:00.000-06:002013-05-09T17:00:08.780-06:00Giving Away HackRFThe HackRF project has been open source from the very beginning. Even before we started the project, Jared Boone and I wanted to have an open source hardware platform for Software Defined Radio (SDR). Our early prototype designs were published in our repository along with every step of our hardware and software development, and we used open source development tools including KiCad and GCC.We Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com41tag:blogger.com,1999:blog-20739910.post-43715193729992503752013-05-06T22:03:00.000-06:002013-11-16T11:10:31.368-07:00Introducing DaishoAt TROOPERS13, Dominic Spill and I presented Introducing Daisho, Monitoring Multiple Technologies at the Physical Layer (video, slides). It was the first public presentation about Daisho, a new project to build an open source hardware platform for in-line monitoring of several different wired communication media at the lowest possible layer. The project targets high speed communication Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com11tag:blogger.com,1999:blog-20739910.post-35609418548353142192013-04-29T14:08:00.000-06:002013-04-29T14:41:21.379-06:00Register for the HackRF Beta TestIt is now time to register for the HackRF beta test. Invitation codes that I distributed at ToorCon 14 and at the 2012 GNU Radio Conference may be redeemed for a HackRF Jawbreaker by registering for the beta test. If you do not have a code but would like a beta unit, register without a code and you will be placed on a waiting list for excess units.I expect the beta units to ship by the end of Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com31tag:blogger.com,1999:blog-20739910.post-67223700387122936772013-02-06T08:50:00.000-07:002013-02-06T08:51:38.461-07:00Jawbreaker Components Ready to ShipThe last components needed for the HackRF Jawbreaker beta production are now ready to ship to China for manufacturing. Unfortunately some additional delay caused us to run into Chinese New Year (bane of electronics designers), so the parts will not be shipped until after the extended holiday. This means that assembly will start around the end of February. I should have the finished boards in Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com28tag:blogger.com,1999:blog-20739910.post-30267550592128659462013-01-08T12:35:00.000-07:002013-01-08T12:35:12.235-07:00Funtenna!I just watched Hacking Cisco Phones: Just because you are paranoid doesn't mean your phone isn't listening to everything you say, an excellent presentation by Ang Cui and Michael Costello at 29C3. I particularly liked that they coined the term "funtenna" to describe the potential capability of malware using the off-hook switch in a VoIP phone as an antenna to transmit data over RF.I appreciate Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com22tag:blogger.com,1999:blog-20739910.post-20772143062970772042012-12-06T16:24:00.000-07:002012-12-06T16:24:33.390-07:00HackRF Beta UpdateSorry, folks! HackRF beta manufacturing (that I had hoped would take place in December) has been delayed until late January or early February. The reason for the delay is the most mundane that you can imagine: ordering components and getting them all delivered to the factory.Generally speaking, it's pretty easy to buy a handful of parts for prototyping, and it is easy to buy tens of thousands Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com21tag:blogger.com,1999:blog-20739910.post-65012704572179937922012-11-14T17:20:00.001-07:002012-11-14T17:20:04.669-07:00So You Want to Track People with Ubertooth. . .Dominic started a blog for Project Ubertooth recently, so I will publish most future Ubertooth related content over there. My first post is a FAQ for people wanting to use Ubertooth to track the movements of Bluetooth devices.Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com8tag:blogger.com,1999:blog-20739910.post-72618813882553742522012-10-26T14:28:00.000-06:002012-10-26T14:36:18.469-06:00The ToorCon 14 Badge
I designed an electronic badge for ToorCon again this year. It features a CC1111 sub-1 GHz wireless transceiver IC with USB connectivity. This chip has the same radio as the CC1110 in the popular IM-Me. While the badge is certainly hackable hardware-wise, I hoped that it would allow people to explore radio applications without having to heat up any soldering irons.The ToorCon 14 Badge shipped Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com20tag:blogger.com,1999:blog-20739910.post-90927830127186269872012-10-25T21:42:00.000-06:002013-11-16T11:11:18.490-07:00Announcing the HackRF BetaJared Boone and I had the honor of presenting the keynote at ToorCon 14 over the weekend. In our talk, HackRF: A Low Cost Software Defined Radio Platform, we described our project to build a low cost, open source, wideband, portable Software Defined Radio peripheral. You can watch video of the presentation or download the slides.In addition to introducing HackRF to the ToorCon audience, we Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com24tag:blogger.com,1999:blog-20739910.post-30471577120069402772012-10-17T00:28:00.000-06:002013-11-16T11:11:37.224-07:00Programming Pink Pagers in Style
After two and a half years of programming the IM-Me by soldering wires to the test points in the battery compartment, I finally got around to making a GoodFET/IM-Me spring pin adapter. I call it GIMME. Now I can install my spectrum analyzer application or any other firmware onto an IM-Me by simply removing the batteries and pressing the GIMME against the test points while the attached GoodFET Michael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com84tag:blogger.com,1999:blog-20739910.post-15547893096574161772012-10-01T11:07:00.000-06:002012-10-01T11:07:18.950-06:00HackRF Jawbreaker
Last week at the GNU Radio Conference I showed off Jawbreaker, the first unified HackRF board. I had assembled it just prior to leaving for the conference. It is completely built (including a couple of minor corrections), and I am about three-quarters of the way through validating the design.Jawbreaker integrates three separate designs into a single circuit board, making it smaller and easier toMichael Ossmannhttp://www.blogger.com/profile/12869105044455059297noreply@blogger.com47