DEF CON 25 took place this past weekend and featured hackers from around the world exploring and discussing the latest advances in cybersecurity.
The conference – in Las Vegas from 27-30 July – was host to numerous events, including hacking demos, workshops, and entertainment.
Demonstrations at DEF CON often consist of hacking real-world products or networks and these experiments generally receive a lot of media coverage, due to their implications for the companies involved.
We’ve listed several of the coolest hacks from DEF CON 2017 below.
The SparkFun Electronics team was able to open a locked SentrySafe safe in around 30 minutes during its presentation.
The hackers used a custom-built robot which cost $200 to construct and consisted of 3D-printed parts.
The robot assessed one of the three dials in the analogue combination safe and detected its size and indents.
As the correct indent was slightly larger than the rest, the robot was able to identify the correct third number in the combination in 20 seconds.
Determining the remaining numbers was then a case of the robot trying different combinations.
Voting machines compromised
DEF CON 25 held a specialised event targeting vulnerabilities in voting machines used in the US.
According to a report by CNET, the devices featured a host of flaws, including unsecure passwords and out-of-date operating systems.
Voting machines from a number of manufacturers were hacked, with participants able to compromise the devices wirelessly by exploiting an issue with their Wi-Fi security.
The devices can also reportedly be hacked in about five seconds by connecting a USB drive to the machine.
Security card cloning
Houston Are Hackers Anonymous founder Dennis Maldonado gave a presentation about real-time RFID card cloning at DEF CON 25, reported Mashable.
The attack required a rig which allows an attacker to scan an RFID card wirelessly while standing close to the target.
The scanner then sends the data to a cloning machine up to 10 metres away and a copy of the card is created.
The setup is easy to use, and includes an Android app which notifies the scanner if the target card was successfully scanned.
This attack allows hackers to create a copy of an RFID card without the holder’s knowledge, and can then use it to circumvent security checkpoints.
Apple Watch jailbreak
The event was also home to the first Apple Watch jailbreak.
According to WCCFTech, a hacker named Max Bazaliy demonstrated the jailbreak on an Apple Watch running watchOS 3.
A jailbroken Apple Watch can reportedly provide users with access to call records, health data, messages, emails, GPS location, and more.
Jailbreaking devices also allows users to modify their software without being limited by built-in restrictions.
The jailbreak was private and has not been released to the public.