Shortly after the NSA ANT catalog was leaked, I started thinking about how to make the gadgets in the catalog. Many of the capabilities described in the ANT catalog are things that we in the information security community already know how to do to some extent, and every one appears to be something that we can build with off-the-shelf or open source hardware and software.
I prepared a talk for Hack In The Box (Amsterdam) 2014 called The NSA Playset and later gave the same talk at ToorCamp 2014. In this presentation, I shared my thoughts about how we in the open security community can build everything in the catalog. My focus was primarily on hardware.
At ToorCamp I was fortunate to be joined by Dean Pierce who originally came up with the name, "NSA Playset". Thanks to Marshall Hecht, we have video of the presentation at ToorCamp:
You can also download slides from the presentation, but you should watch the video to understand what we were trying to say.
The NSA Playset project has grown quite a bit over the past few months, and we encourage new people to contribute. We have a wiki where we are starting to develop pages for individual solutions with some similarity to capabilities in the ANT catalog. It's still pretty thin, but look for several things to be finalized there as we present various topics at DEF CON 22. We discuss upcoming NSA Playset contributions on our mailing list.
Next weekend at DEF CON, we have several events planned:
- I will present NSA Playset: RF Retroreflectors;
- Josh Datko and Teddy Reed will present NSA Playset: DIY WAGONBED Hardware Implant over I2C;
- Dean Pierce and Loki will present NSA Playset: GSM Sniffing;
- Joe FitzPatrick and Miles Crabill will present NSA Playset: PCIe; and
- Mike Ryan will present The NSA Playset: Bluetooth Smart Attack Tools at the DEF CON Wireless Village.
There is a good chance you'll be able to see additional NSA Playset content, from us or others, at future information security conferences.
Since my talk at HITB, the project has had a fair bit of press coverage, notably from Help Net Security, New Scientist, and ZDNet. At ToorCamp I did a video interview for Hak5. Note to reporters: I'd love to talk to you after you watch my DEF CON talk. At the talk I'll let you know when and where I'll have an open Q&A session.