I was arrested last week, just prior to attending Defcon, for driving under the influence of a prescription medication, and for possession of loaded handguns while under said influence. I do, infrequently, dance across the line of normally accepted behaviours and I apologise to my readers if this offends them. It began when I refused to swear allegiance to the flag when I was nine and it has been with me ever since.
So, while at Defcon, Spike TV began filming its six part miniseries about my life. The first day of shooting they filmed a discussion between myself, my good friend and fellow hacker Chris Roberts - the gentleman accused of commandeering a United Airlines flight a few months back.
Chris asked me, referring to my arrest, how I managed a life that seemed so frequently to be on the edge. I responded with what I believed to be the truth: that we are all living on an edge - an edge that is much sharper and far deeper than the tiny boundaries that I occasionally dance across. I am acutely aware of this edge upon which we all stand. It is an abyss of incalculable proportions. Yet many seem totally oblivious to this precarious situation.
Hacking connected cars
At Defcon, the Internet of Things played prominently as a core theme. New Jeep automobiles, for example, that can be remotely driven and crashed by any hacker with access to the Internet from anywhere on the planet. They can simply take over the control computer, accelerate to 90mph and then drive you into a tree, or some other obstruction. The driver loses all control over steering, brakes, acceleration and every other aspect. This system control fault affects millions of Jeeps.
Who is John McAfee?
John McAfee is one of the most influential commentators on cybersecurity anywhere in the world. His new venture – Future Tense Central – focuses on security and personal privacy-related products.
McAfee provides regular insight on global hacking scandals and internet surveillance, and has become a hugely controversial figure following his time in Belize, where he claims to have exposed corruption at the highest level before fleeing the country amid accusations of murder (the Belize government is currently not pursuing any accusations against him).
Two months ago, Chris Roberts took control of a United Airlines flight simply by hacking into the entertainment system. He also described to me how the same thing can be done remotely by using the Internet from the comfort of your home.
But these examples pale in comparison to what is coming down the road. It became clear at Defcon that every manufacturer of any device that is electrically powered is rushing to include "smarts" into their design coupled with an ability to connect to the internet.
Here is the problem: Frigidaire probably knows everything there is to know about making an appliance that can efficiently cool something down or freeze it. But what does it know about computerized control mechanisms, cybersecurity, data storage and manipulation, communications protocols and connectivity to other smart devices? Next to nothing would be my guess. The same for toaster manufacturers, watch makers, Blu-ray devices, coffee machine manufacturers, alarm clocks, GPS devices, etc, etc.
This rush to market, in order to one-up their competition, has already created monsters that defy belief.
The most astonishing demonstration that I attended was put on by BishopFox, an English security firm. They were retained by Brinks - America's number one trusted safe supplier - to test out the new "Brinks Smart Safe". This safe was touted as the most secure in the world.
Brinks has a world renowned reputation for building safes that are virtually uncrackable. Along with building military tank-styled armoured cars, their bank safes are four foot thick solid hardened steel containing the most sophisticated mechanical locks ever conceived. A person can trust Brinks. Their history speaks for itself. The name inspires confidence and security. But let's take a look at their smart safe.
It is based on Windows – not known as a stellar player in the secure operating system field. But let's set this aside since it is completely insignificant in the unbelievably bizarre design of the device.
The first thing anyone might notice is the existence of a USB port on the front panel. Yes, I kid you not. A USB port. What might come to my mind is simply unplugging the device, placing my own operating system into a thumb drive, inserting it, and turning it back on – thus giving access to my thumb drive, and thus to me. There would be a few steps after that, but a moderately sharp hacker could deal with them in a matter of minutes and walk off with the contents.
The testers, however, under the assumption (I guess) that such a simple hack would be cheating, and would be unworthy of a self-respecting hacker, and therefore not likely to happen, chose instead to open the front panel that is used to accesses the computing system. A simple screwdriver removing four screws was all that was necessary. Inside was the entire works, including a red button with no label.
Pressing this button brought up a screen saying simply: "Would you like to 'shutdown' or 'reboot'?" That is certainly easier than my suggestion which required finding a power plug, unplugging it and then plugging back in; or, in the worst case, having to find a breaker box and resetting it in order to force a reboot.
Rebooting from any rooted system (through the USB port) gives access to all files, including password files. The system has the advantage of having a built-in screen so that a hacker need not bring his own. I appreciated the thoughtfulness of their architect in including a screen, because nothing annoys me more than having to carry a bulky screen around with my hacker toolkit when I do product testing for companies.
The default password is '12345'
The lazy ones among us will also be enthralled to know that we could bypass the odious task of decrypting any encrypted passwords (an extra 10 minutes that at my age simply can't be wasted if it can otherwise be avoided) by simply reading the instruction manual conveniently included as one of the files on the device. In the manual, the section on passwords states: "If you forget your password, remember that the default password is '12345'".
The worst of all of this, is that every component of this device used off-the-shelf hardware that any of us can buy at any decent electronics store - all of which come with full documentation. There was not a single custom hardware component.
You will think, at this point, that I am still under the influence of the drug that got me arrested. But I swear to you, I am stone cold sober. I myself am thinking at this point that I might be having an acid flashback. It seems that in any conceivable universe this safe, manufactured by the God of safes, is not a safe in any sense of the word, but rather a cryptic message – a harbinger of things to come - that, if seen through the right kind of eyes, conveys a message of epic proportions – that we are on the edge of the abyss.
My favourite nightmare
Do not let this one point leave your mind: Brinks truly is the God of safe making. What is going to happen when Sears releases it's line of smart vacuum cleaners, smart toasters, smart riding mowers, and, God forbid, smart handguns. What will happen when farmers finally get their smart tractors and smart threshing machines? What happens when Home Depot releases their smart band saws, smart compressors and smart fuses for detonation devices? And my favourite nightmare – smart ignition systems for every propane or natural gas powered device on the planet. Hackers could orchestrate a fireworks display magnificent enough for the entire world to see.
For those who still doubt my current state of sobriety you may see the Brinks hack in horrifying detail below.