I just spent 3 very long days attending the 2015 Adobe Tech Summit at the Moscone convention center in San Francisco. This was a rare opportunity for me, as I now am involved in something I like to describe as “Dark Ops” from outside the organization (if you want an explanation of what I mean by that, hit me up in the comments and we can discuss). Myself and my colleagues Joey Princz and James Begera were the only “outsiders” in this invited crowd of 3,000 brilliant and accomplished technologists, all current Adobe employees.
Due to the nature of the trust placed in me by my former employer and current client, I cannot reveal much of what went on there, but one thing I can do is share the following story that involves non-confidential, publicly available information.
I also need to state that this is provided for informational purposes only and I don’t’ recommend you try any of this at home as to do so would be highly illegal and could definitely land you in prison.
On the first night of the conference, there was a Tech Fair where many teams from within Adobe showcased various inventions and technologies they are working on. I saw a lot of mind-blowing shit there and I really wish I could tell you all about it. You will find out about some of it eventually.
Part of the fair involved a “Hacker Village” where members of the Adobe Security team led hands-on labs in which you could learn how to perform common hacks so you could also learn how to prevent them from happening to you or your team. We read about how hacks can happen all the time, but for me, learning to do it hands-on, and then hacking my own Android Phone and Clipper card (SF Bay Area transit money card) with readily available, inexpensive components and software still has me shaken.
There were other labs which involved even scarier things like hacking passwords and entire websites. They were really crowded and I wanted to let the real professionals who really need to know this stuff have the floor so I didn’t do any of those. Security is a hot topic at Adobe, as there was a major breach there last year. What’s even more frightening, in a way, is that this is just the tip of the iceberg, just the things we know about. We should all consider that all information on the internet is fair game for anyone. That has become very apparent to me.
HACKING THE CLIPPER CARD
The Clipper card uses RFID technology, which is used by many other types of electronic key ID cards, garage door openers, Passports, etc. Basically, the card has a unique ID code that the RFID chip transmits.
Here is how I hacked my own Clipper card and basically stole it from myself:
- Using a very simple physical device, involving components purchased from Radio Shack, connected to a laptop via WiFi, I scanned the area for RFID signals. This device can detect any RFID within 2 feet. It detected the Clipper card in my wallet and displayed it’s unique alphanumeric ID.
- Using a blank card of the same variety, I used another simple and readily available device attached to the laptop to create a new card with the same ID.
- I now had an exact copy of my Clipper card. I could use it on any SF Bay Area transit and the money would be deducted from my account, just as if it were my own card. Since this card is linked to my credit card, just imagine the damage that could be done here.
What can be done to prevent this shit from happening to you? Keep those ID cards in a wallet that is designed to block the RFID frequencies. You can find them online and at the geek supply store nearest you.
HACKING THE MOBILE PHONE (or any other device that uses WiFi to connect to the Internet):
This lab also involved a laptop, a $30 scanner purchased from Best Buy, and an application readily available from many online hacker communities.
Here is how I hacked my own phone in order to steal everything I am doing on the Internet via that phone, including my logins, passwords, account information, and all the rest. The whole shebang:
- With the scanner attached to the computer, and the software app running, I pressed a button to scan for WiFi connection requests in the area. This might not be the proper technical terminology for this, but the general gist is the following:
- When you connect to any WiFi network, your phone remembers it. Let’s say for the sake of this example, I had connected about a month ago to a WiFi network with the SSID “SFO FREE WIFI” when waiting for a flight at San Francisco International Airport.
- Whenever my phone is on, and my WiFi is on, and I’m NOT currently connected to a WiFi network, the phone is looking for “SFO FREE WIFI” along with any other networks I had previously connected to. The phone remembers EVERYTHING including any previously used logins/passwords associated with those previous connections of mine. (This goes for any WiFi enabled mobile phone or tablet, by the way. iPhone, iPad, Android, Windows, whatever.)
- I could instantly see that my phone was searching for “SFO FREE WIFI” amongst other various previously used WiFi SSIDs.
- I then used another readily-available app to create a new WiFi network called “SFO FREE WIFI”.
- My phone connected to this bogus “SFO FREE WIFI” network instantly, assuming it was the one I had previously been connected to at San Francisco International Airport a month ago.
- Via this app, all my information was now passing through a “trap application” (also not a true technical term) in which everything was being captured.
How can you prevent against this? Keep your WiFi turned off on your phone whenever you are not in your home or office or any other place where you are connecting to a trusted network. It also saves your battery.
In fact, don’t connect to ANY WiFi network until you’re completely convinced that it’s a reliable and trustworthy source.
When you do connect to a trusted public network such as an airport or hotel, uncheck the “remember this network” box if it exists on your device.
That is all the scaremongering I have in me for today. Carry on.