Hacker News Comments on
DEF CON 22 - Deviant Ollam & Howard Payne - Elevator Hacking - From the Pit to the Penthouse
DEFCONConference
·
Youtube
·
10
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.My favorite is this one from DEFCON about hacking elevators: https://www.youtube.com/watch?v=oHf1vD5_b5I&ab_channel=DEFCO...
⬐ mikewarotIf I ever end up doing security, you know I'm going to have them add all the optional contact outputs and log/alarm everything.
> You can break a window open or just find an unlocked door if you are looking to do some bad shit.> A higher security lock on your home isn’t going to make your flimsy door harder to kick down, or your window harder to break
From the keynote, that's why LPL puts a heavy focus on bike locks, gun safe locks, etc. The audiences for those locks have a more vested interest in physical security than mere "social conventions". A well-locked bike makes it more difficult for a thief to get all the / enough value from the target. A well-locked gun safe prevents accidents and saves lives.
Also, I live in an apartment on an upper floor. No accessible windows. The only viable way into my residence is through the front door. (There are like two RFID-gated doors before mine, but tailgating renders them pretty ineffectual, and let's not talk about elevator security. [0]) It's not worth it for me to put a better lock on my door, but I'm also not kidding myself about its effectiveness.
Deviant Ollam & Howard Payne did a great talk on Elevator Hacking at Def Con 22.You can catch it at:
https://archive.org/details/Defcon22_Talk29/DEF+CON+22+Hacki...
or
https://www.youtube.com/watch?v=oHf1vD5_b5I [01:00:15]
⬐ BigJonoThis is one of my favourite talks ever. I couldn't have given less of a shit about the topic and wasn't expecting to watch more than 5 minutes of it. Nek minnut the video is ending and I wanted another hour of it haha.⬐ dlgeek⬐ rozabLook for "This key is your key, this key is my key" by the same pair. It's basically that.Deviant Ollam's talks are always first class. I also love this one, about physical pentesting in general:
Deviant Ollam - The Hotel Room Gourmet https://youtu.be/qtFV73wpEAwAlso not 2018 but his elevator with Howard Payne talk: https://youtu.be/oHf1vD5_b5I (1h version) https://youtu.be/ZUvGfuLlZus (2h version)
And the search for the perfect door: https://youtu.be/4YYvBLAF4T8
⬐ unixheroDeviant Ollam seriously needs an award.
https://www.youtube.com/watch?v=oHf1vD5_b5I
⬐ unixheroYes. That's the shorter censored versoion.I recommend the full 2 hour version, with all the secrets: https://youtu.be/ZUvGfuLlZus
My second favourite talk: You spent all that money and your still got owned: https://youtu.be/tJsNu0VRKYY
I even watch these again and again.
I found it thanks to another by the same guy, on elevator hacking: https://www.youtube.com/watch?v=oHf1vD5_b5I
⬐ arkadesAwesome.It’s definitely a different perspective. He’s oriented to getting past security; normal thieves are risk-minimizing opportunists, so the approach isn’t “how do I get past security”, it’s “how do I get past the minimum security I can expect, and identify those targets that will have that minimum.”
Still, super interesting.
⬐ icebrainingYeah, targeted attacks like those are different from drive-bys - both in the physical world and in the digital.On the other hand, targeted attacks are not just for industrial espionage; for example, a friend of mine caught his landlady stealing from him. Family members and friends are also not that uncommon either, unfortunately.
They're at least useful for manual modes.Source: DEFCON - Elevator Hacking: https://www.youtube.com/watch?v=oHf1vD5_b5I
I realise the thread is phone phreaking related and that was kind of the point of your post; but in the spirit of the talk below to think more outside the box...There's a pretty good chance in many cases you can just open the external box with some easy to get (and relatively standard) key. And hit a button. Related: https://twitter.com/MalwareTechBlog/status/90382347816752742...
This is a good related talk - goes outside the box on all the ways you can often get into commercial buildings without picking (or even in many cases, interacting with) the lock "The Search for the Perfect Door" by Deviant Ollam https://www.youtube.com/watch?v=4YYvBLAF4T8
Also good: https://www.youtube.com/watch?v=a9b9IYqsb_U [Howard Payne & Deviant Ollam - This Key is Your Key, This Key is My Key] https://www.youtube.com/watch?v=oHf1vD5_b5I [DEF CON 22 - Deviant Ollam & Howard Payne - Elevator Hacking - From the Pit to the Penthouse]
Elevator hacking (seriously) https://youtu.be/oHf1vD5_b5I
yeah and deliver some badass mixes of The girl from Ipanema. :-)Though I wonder if he had time to look at the packets long or careful enough. Would have been interesting to inspect all these devices closer too. Were there also other sessions established maybe that could hint at controlling them? E.g. such as volume of the sound? I doubt that the actual elevator would be controlled could be controlled remotely:
⬐ gurkendoktorIf anyone else is scratching their head about the references to The Girl From Ipanema in this thread... :)> "Garota de Ipanema" ("The Girl from Ipanema") is a Brazilian bossa nova jazz song.
> Numerous recordings have been used in films, sometimes as an elevator music cliché.
⬐ DyslexicAtheistindeed :-) https://thequickword.wordpress.com/2014/08/25/your-code-is-l...