[ Laughter ] Good morning. I'm
weaponizing your pets. Let's get
started. I'm Gene Bransfield and a principle engineer. If you
spend enough time at me, I love
my job. It is a fantastic thing to awake in the morning and go
to work and get paid to do cool
stuff. People want my job. The joke is on them. They cannot
have my job. I'm going to be the
guy who dies on a Friday of a long weekend. I'm in the corner.
And they clean me up, don't step
on the stain, that is the Gene Bransfield stain in the carpet.
This is a story about triumphs
and woes and lessons learns. So weaponize ‑ ‑ weapons your
pets. 15% of the world's
Internet traffic is dedicated to cats. We have the whole world at
our fingertips and watch cats ‑
‑ on‑ line, I find most of these things boring. So I started
including pictures of cats and
stories around pets. In fact, this is the picture that started
it all. Oh, that is awesome and
you know it. So I just finished one such presentation, somebody
came up to me and said I'm going
to give you my cat collar, a GPS chip in it, and it would
tell you where the cat was and
send you back GPS coordinates. Now, I need a Wi‑ Fi sniffer
and have a war. And a service
dog. A lady walked in with a saddlebags and said, denying of
service dog. I said, cool, is
there a pineapple. No. He jumps in your lap and you can't to it.
The pineapple is a great idea.
Working animals are nothing do. Military and dogs and bad ass
dogs that jump out of military
aircrafts into the water. And then gas mask dogs, the guy is
wearing a gas mask, the dog is,
too. This guy jumped of the aircraft at 30,000 feet. That
is a bad ass dog. And then we
have a real seal. This is the truth. The navy uses marine
animals for defense, and finding
mines. If you think you are stealthy and you're going to
blow up the harbor and flipper
sniffs out the gopher hole. Back in the '60's there was a lot of
pot going around the CIA.
Imagine sitting around the table saying we're going to take a
cat, and put a transmitter in
its chest, and a microphone in his ear and called it acoustic
kitty. This actually got funded.
I'm not kidding here. Science and experiment, they brought it
out for the test, put the cat
down, and listened to those guys and the cat ran out in traffic.
That was the end of the acoustic
kitty. At that point they defunded this, not because it
was a bad idea. All of the
scientists quit. Screw this, cats are hard to work with. This
is interesting. So put a collar
or harness on a cat, rule number one I don't want to harm
a cat, I don't like cats. Rule
number one, the cat should be able to wear stuff comfortably
and not any harmed. Form, fi,
and function, we don't want blinking lights, and then, blue
light and it is a cat. Wave
point and the Wi‑ Fi sniffer will bring back the stuff and
other products out here to deal
with your stuff. This camera that hangs on the collar, none
of the solutions do Wi‑ Fi
sniffing. I'm good there. I thought about ways to do this.
This is a computer on a stick
by kind of expensive. Cotton candy, computing a stick. Cool
solution. The rock chip 3066.
You can attack to the back of your television, and there is an
image you can put on this thing.
I was having trouble doing that. I sat sown and had a beer and
thought about it, it is small,
GPS, Wi‑ Fi and cellular. Any can idea what that can possibly
be? How about a phone? It was
in my pocket the entire time. Good. I can make it. No, they
thought of that. You can
download this is from the android store and you can do
volunteer war touching anywhere.
Now, we need a volunteer cat, this is Skitzy. This belongs to
my friend Reeves. It's 22 inches
from base of neck to tip of tail, 20 inches around the chest
and 12 inches around the neck.
This is a big damn cat. So I'm not worried about putting crazy
things on him and his friends
making fun of him, he'll just smack them around a little bit.
So now we need a cat coat to
hold it, and if you Google cat coat on the Internet, you get
pictures of girls wearing coats
with cats on it. And if you Google kitty coat you get other
things. So I got a cat with a
dog coat in a small enough form factor. So that's what I did. So
now the plan is tech in the cat,
coat on the cat, send the cat on a walkabout and recover data
when the cat returns. And then
profit. So step one, put the chip in the coat. Step two, put
the coat on the cat. You can see
he's thrilled. Send the cat on the walk about and profit,
right? No. That's the backyard.
[ Laughter ] So what could have possibly gone wrong here. It is
obvious we didn't put it on
tight enough. So the chip in the coat, and the coat on the cat,
and send him on a walk about and
we wait. It is 18 hours later people are freaking out. We are
at the backdoor and hear a meow,
this is the cat. And the form factor of the cat going out the
door and coming back in. So we
failed on that, the last known GPS location of it is right
here. We went there and it is
not there. So, so far we learned that cats are really hard to
work with. You should always
test your expensive stuff out before sending it out on a cat
someplace. I'm again to need an
Amazon prime account. They were worried about the cat, no more
coat. I was talking to my
friend, Bill, about this, he laughed and said why don't you
try a small power and
consumption, and there are chips and solutions out there. My
first question is what is
Arduino? A project with a researcher in Italy, like his
master's thesis. There is open
source software out there, and why not open source hardware. It
is cool. Comes in a chip set,
you can stack them on it, and make robot, and remote control
car. This guy used it to check
the food in his freezer. This guy used it to make the robot's
hand move, and this guy used to
cheat on his video games. Relatively small form factor.
The good news with Arduino is
Open Source and inexpensive, until the cat starts loosing
them and you have to buy nine of
them. Bad news, poorly documented it can take forever
to get to you, an expansion
shield, sometimes okay. Cool, that's great. But I have never
done doing, and worked with
small chips. I'm not a professional coder and I have
never soldered before. It is
solder. Like what. He said, don't worry, it's easy. The plan
is to get some Arduino the
stuff, sign on the form factor, put it together on a collar and
figure out something for the
denial service dog. So I went out and bought the how to book.
There was guides and learning
and reading up on it with electronics stuff. So I get the
flashy stuff flashing and the
non flashy things flashing when they're not suppose to flash. So
I said I'm ready to go, need the
more advance stuff. Libraries for Wi‑ Fi, they got it, GPS,
they got it. SD card stuff, they
got it. So, Jeremyblum.com, this has a lot of videos on making
these things work. I used him
religiously. Thank God. I did all of my research and
background investigation, I'm
now an expert. I went out and got a Wi‑ Fi and a GPS child.
So my plan is to get the Wi‑ Fi
stuff and writing to an SD card and GPS writing to an SD card,
combine the two and then profit.
The Wi‑ Fi shield was cool. Setup, the drivers worked away.
And hooked it up and was even
mentioned on the Arduino website, the parameters and
variables. Got my solution. That
was easy. GPS not so much easy. A little bit about GPS, the NMEA
string is what the satellites
are broadcasting up there, national maritime electronic
association. This comma
separated value there is what the satellite is actually
sending out and the job of the
receive take it in and transmit to (?) So the GPS boot process
is starts up and it doesn't know
where it is on the planet. Could be in your back pocket on
Timbuktu. It has to listen to
space. So the GPS process was fairly poorly documented. Get at
least satellites to listen to
and figure out where it is, this process can take two to 15
minutes. And if someone is
looking over your shoulder it is going to take 15 minutes. The
GPS shield was rather poorly
documented. There was no docs in the kit. It took my several
weeks of what is wrong with
this, why is it not working. Finally at the long end of the
research effort the baud rate is
supposed to be 34,800. I wanted to give demonstration is how it
is poorly documented. Now I go
on line and cannot find the it is 34800. The GPS shield is off
to the side. Because I was going
to use the pins. I put this together and combined the code
and got this weird error about
80% memory utilization. I see that on windows blow it off and
go for it. They were telling me
the truth. 80%, the chip cannot work. 32K on the memory. The
Arduino mega, however, has 256K.
And I purchased the mega. Put that together, messed around
with variables, messed around
with some stuff and Woo Hoo it works. A working prototype. So
the Arduino 2550, more better mo
betta, mo ports. But the size is not mo better. So I searched all
over the internet tried to find
something that is ting 2560 from JK Devices.com. It is a ripoff,
I was going to mention it during
my talk. Defcon knows about that. I didn't know about that
at a time, I need a Wi‑ Fi
chip, you can see the breakout board chip there, this is the
spark cord, I call it the
mullet, because Wi‑ Fi in the front and, Arduino in the back.
And of course a GPS chip, and
a SD card breakout board. So the mega worked but the mega
mini was four weeks to ship and
another solutions are too big in size and too small in memory. So
I went with the spark core that
had troubled shipping. So I borrowed one from Bill, who got
me started on this. It is a 32
bit, 128K of memory, SPI, and 12D those are like the protocol
chips kind of like the Internet
and had that, a TICC3 Wi‑ Fi chip. It is it compatible? No.
People that are a chip head
will say yes. If you say it is Ardiomo compatible , it mean it
will work with my external
component an I can just cut and past the code, from one to
another and and that's how it
works. So this is one thing, the spark cord is another. I will
have to start over again from
scratch. That made me not happy. Despite this problem, the spark
was very, very cool. A
dedicated core group of developers I would looking at
the code, and one developer
would say I would like to do blah, and then they would stay
up all night and blah, I figured
this stuff is getting updated. A shout out to peekay123 who
helped me a lot on my project! I
figured all this stuff is getting updated so let's see
what happens. Libraries, someone
posted SD libraries at the forums they compiled. Good
morning, libraries, they
combined and worked with my GPS shield. Wi‑ Fi libraries not so
much. The spark cord bills
itself as an Internet of things device. I'm going to say that a
couple of times because it
screwed me a couple of times. So the Wi‑ Fi is in the
background as a service, you are
coding up front and just connect you to the Internet. Not there
to mess with, but I want to mess
with it. The Adafruit board that I bought the exact same chip. It
and it is available library for
download. And I messed with it before. Thomas Edison said I
found 100 ways not to make the
lightbulb, before making the lightbulb. I found a lot of ways
to make a kitty collar. I
messed with these things and had some SSID scanning stuff and
copied and pasted it and put it
in there, bam, it worked. Yes. Now, I have the good morning,
working on the spark. The SD
compiled on the spark. SSID is working. Now working with the
tiny components that I bout and
that means soldering. Who looks to solder and likes it?
Soldering is my new least
favorite activity. So for those getting ready to learn how to
solder have rules. Rule number
one, don't touch the pointy end. That's where the hotness is.
Rule number two is remembering
where you put the soldering iron down. If you violate rule number
two, you're going to violate
rule number one. Rule number three is everything looks so
easy on the Internet and it's
not. So that not withstanding my first attempt went well. I put
the SD breakout board here, this
is my breadboard stuff, the chip on the left side. There's a
core, breakout board, had to
solder ends onto the end for and the GPS antenna. That went
pretty good. I'm home testing
everything went great. And getting sniffing, doing stuff, I
put it in my yard, the
neighbor's Wi‑ Fi, and I took it on a car ride, and there was
massive failure, nothing. Why
not? Well, again, the spark is an Internet of things device, it
is never meant not to be
connected the Internet. So I was talking to the guys on the
forums and they said turn the
chip on and off because it will suck power. But when you turn it
on put the code put it in the
status equals Wi‑ Fi on. It is true if there is a known access
point. If I'm a half mile down
the road that will not happen. I could turn on the chip and do my
scan before it made a
connection. That worked perfectly. I removed the code
from the stuff. That is all that
I needed. I'm back on track. So I took it for a drive and got
data back. And so I was popping
the into Google Earth. I was driving on the highway, they had
me off in a lake and I was
sitting in my house was I halfway down the block. So I was
wondering what was going on. So
who posted the GPS library, they did the NMEA conversion
incorrectly. So now I have no
GPS libraries. So when I was working on the Aduino stuff, I
had the GPS plus‑ plus ‑ ‑
stuff that I loved to use, so easy to interact with. And it
had everything that I needed. So
I needed to find someone to put the GPS plus plus into the spark
and I talked to Bill and said he
port libraries. I said how do you port libraries. He explained
it to me like my rocket science
story, having drinks in a bar and somebody and he is a cool
guy. What do you do for a
living? I'm a rocket scientist. Seriously. No, seriously, I'm a
rocket scientist. That is cool,
what do you think about the phrase, it's not rocket science.
I laugh at that, there are
science and engineering to building the rocket and fuel in
them, but you put the rocket on
the launch pad and hit the red button and hope for the best.
Sometimes it blows up. Sometimes
it tips over and blows up. Sometimes it gets to space and
blows up. The hard part is not
getting new rockets, the hard part is getting more monkeys to
put in the rocket. That is a
rocket science joke. That's how you port libraries. We changed
our Arduino stuff out with the
spark stuff, hit compile, listen to it scream at you and fix what
it is screaming about. You keep
doing that until it doesn't scream anymore. If you compiling
is screening at you, and you
scream back, you succeed at scaring your wife. I did that
for a couple of hours and BAM,
it works. I ported libraries. I was so proud of myself I posted
them to github. The next problem
is then power consumption, my buddy Ricky Hill hooked me up
with the batteries for model
airline stuff. 3.7‑ volts, 500mAh batteries - enough to get
a kiddy thing going. So now I'm
testing for the optimal power consumption. The first thing you
think of is I will turn
everything on, get the stuff, and turn everything off.
Remember, before I told you it
can take 2 to 15 minutes to get the GPS lock. If you turn it off
the GPS, you lose the satellite,
and you the cat runs into bush you burn through without getting
any data. So the best thing for
me, you turn the main micro controller on and keep the GPS
powered and that worked much,
much better. Much better, collections every 30 seconds
lasted 4 hours, collections
every 10 minutes lasted 8 hours. So now I have to make a collar.
If you thought soldering is fun.
Desoldering is twice as much fun as soldering. Oh, may God, I
destroyed so much crap trying to
desolder things. The Internet was not helpful. YouTube looked
to easy. I talked to my friend,
Joey. Head to your lab and they will help out. Shout out to the
labs in Virginia. Ted, mad
scientist, and evil genius helped me to do this. Did not
end up in the final one. And
Brian my solder tutor. Taught me the right iron and the right
solder make life a whole hell of
a lot easier. So now I can to make the collar itself. And hard
stuff. Man, I don't know how to
make a collar. The code thing, I just learned to solder, but
this is like ribbons. So talking
to my friend Joe, he said get a couple of ribbons and sew it
together and put your stuff
inside of it. So I went down to Michaels and got myself a
ribbon, leopard print is just so
in this year for the cats. Now, I need to sew it together. Who
knows to sew, it is 2014. We
don't sew, we buy new stuff. It is a grandmother skill, right?
So what do you do? You get a
grandmother. So my wife's grandmother, her name is Nancy.
She is very nice to meet you.
She was very happy to help me and there is a dollar bill
followed by the battery, the
actual collar and the components all wrapped up to protect
things. The spark had flashy
bits. Now, back to our volunteer cat. This bastard still owes me
a cell phone. So we're going to
send him out with some practice stuff first and see if he comes
back with it. Then I might let
him play with the tech. So we put the collar on him to see if
he tolerated it, he tolerate it,
and he tolerated marvelously. This is what it looked like
before and what it looks like
now. It is all cool, put you can see the bit behind his head.
That is the name collar it is to
go on the bottom because the GPS chip is directly opposite. We
have to put a weight on it.
Went down to ranger supply. It is war kit. A bullet. So the
cat goes on the collar, and the
collar goes on the cat. And the cat goes for a walk and profit.
And the deployments were,
nothing. No, no. No. I knew it works. I grabbed my stuff and
went to my buddy's Reeve's
house. All of the diagnostics work working fine. We put the
collar on the cat, and the cat,
we had a couple beers, the cat went under a bush and hung out
there and licked himself for 20
minutes. He is licking himself. I said, Reeves is that the cat
under the bush. No, walked up.
Yes and he grabs the bush and shakes it. The cat was running.
A better deployment process was
let the collar set outside 5 to 10 minutes. Bring the cat to the
collar, put on the cat and let
the cat go for a walk about. So does this work? Success,
bitches. Here is the initial
results for obvious reasons. Somebody contacted me off of the
Internet and said I can help you
out with visualizing this. Check this out. Somebody did this for
me. It is awesome. I would like
to point out I have been working on this for a good number of
months and the damn cat never
left the front yard. Yeah. Furthest he went was the car. My
grandmother was saying I would
love to know I Coco goes, so we strapped it up to Coco and got
results. I'd like to printout,
But we still have WEP and open Wi‑ Fi hotspots in 2014. Oh, my
God. So but cocoa went a lot
further as you will see. He wondered all over the
neighborhood. He's going to take
a while. He actually caught a mouse during this deployment
that was very, very cool. Really
cool results. The cats tolerated it brilliantly, and it was the
fruition of a long bunch of
work. I cannot tell you how happy I was. So that is the war
kitty, ladies and gentlemen. [
Applause ] So now we move onto the Denial of Service Dog
admittedly is just trolling.
Nothing socially redeeming about it at all. I have a pineapple I
bought at Shmoo, a TV B Gone at
Radio Shack, doggie backpack with the service dog patches on
it. There is the pineapple, you
know what it is. I had Karma answering probes and DNS spoof
to redirect to the pineapple.
And there is a package you can download that has five or six
things that it cycles through as
people connect to it. It is awesome. So he's the TV B Gone.,
as it comes with my new found
soldering skills I turned it, what was supposed to be this,
into this. And the idea being I
was going puts saddlebags and the T.V. in the saddlebag and
connect the wires to the outside
so the LEDs were on the outside of the saddlebag. Now I need
patches. Holy crap, how hard is
it to get somebody to make your patches. Except on the Internet,
500 of them, $5 a piece. So I
beat the streets for quite a while, and I found a JoAnnes in
Sterling,Virginia and they made
me a denial of service dog patch. The Wi‑ Fi thing right
there. I have a video
demonstration to proof it works there. There is the denial of
service dog stuff. And the LED
sticking outside of the saddlebag. I ran a wire up the
leash and have a button in my
hand right there. Taped the wire to the leash. You hit the button
right there, you see the little
green light, and then they start flashing on the fruit and then
the T.V. will then just turn on.
And here's the demonstration video of it working. You've got,
I'm outside somewhere. You will
see that the denial of service dog has this ssid is up. Another
thing I did. I'm going to add a
Wi‑ Fi hotspot, it is going to be called Defcon. And I'm
filming with one hand and doing
the other, forgive me, it took me a long time. I'm trying to
connect. That is me over here,
pop up and connect. And go out to the Internet, excuse us. >> I
said welcome to Def Con earlier.
We have a tradition here ‑ ‑ and if you've never seen this
tradition, it is a wonderful
tradition where new speakers get welcomed to Def Con with an
appropriate beverage of choice.
[ Applause ] So ‑ ‑ since Gene has never spoken at Def Con
before, we decided to welcome
him, even to the extent of interrupting his presentation.
We would like to welcome him to
Def Con for the first time speaker. [ Applause ] >> Good
morning. >> Thank you. >> Wow.
>> Here is the denial of service dog. Awesome. So the long story
‑ ‑ let's see, where I was? Yes.
I'm playing with this, I wish there was a way to speed it up.
Are we going to go through it
all again? That is good stuff. So I added Def Con to the whole
thing. And camera is going to
see the probe go out, it is me, and pull it back into the Wi‑ Fi
pineapple. That's how it all
works and it works brilliantly. So it will pop up, bam, I'm Def
Con. The funny part I tried to
do this later and there is the Def Con AP. See, I go up, it is
like. ¶ [ Music ] ¶ Circus ‑ ‑
dot dot Afro. So I'm going to go to CNN and it is come to come
up, polk‑ a‑ dot polk‑ a‑ dot
Afro. That's how that things works. Now, we need a volunteer
dog, to be our denial of service
dog. If you ever seen a Doberman pinscher service dog.
Well you have. The denial of
service dog. He was so happy, he ran the yard. I'm so happy, new
people, new people. So we dug
him inside of the house and put the backpack on him, he stood
like this for 10 minutes. And
that's good. Because it allowed me to take pictures. There is
the service dogs in there. And
that is going on there. The first thing the V dog did when
he stopped being comatose. What
we discovered two things. One there is now two ways to deploy
the TVB Gone, one is the button
and the other is the dog shakes. The other things I discovered
and failed to properly secure it
into the pouch. Every time he did that, it well flying all
over the place. In the process
of doing so completely destroyed my TVB Gone to the point even
with my new soldering abilities
I was not able to bring it back. So next. So the funny thing is
‑ ‑ if it says service dog on
your dog's backpack, they will let you in. [ Laughter ] Mine
very clearly said denial of
service. But service dog. Yeah. Sure. Here is the part I tell
you one man's video proof to
Defcon, is another man's evidence to court. The truth of
the matter is I, was so focused
on denial of service dog. I hit the wrong button on go pro. It
has 2 buttons, I hit the wrong
one, so I need to go ex KC on you here. I love to play. Do you
mind if we come in. Sure. Do you
want something to drink. And then off here. Peanut jelly
time. Peanut butter jelly time.
[ Laughter ] I'm taking artistic license here. Still. So the
third our four ‑ ‑ or fourth
time the guy came to our table and said why does it say denial
of service dog. Props to this
guy, because he was the only one all day long that asked. We
didn't answer him, and he went
away. So you go to the sports bar and hit the bottom. Ball
play, and it was the world cup
game, just happens to be the Argentina and you hit the button
and it goes away. Never going to
give you up. [ Laughter ] So if you go into a restaurant that
has 15 TVs on wall, they are
controlled by the back. But one or two TVs on the wall. They are
not. Just saying. So then ‑ ‑
yeah. He is happy. Then we go into a J random box store
someone. And the V dog is like I
love you. We're walking around the owner has his leash in one
hand and his hand on the
backpack. This is not a service dog. But nobody ‑ ‑ and the guy
is like do you mind if we come
in. Sure. Make sure that he doesn't poop on anything. This
actually happened. And then we
go back to the TV section, and, of course, the V dog was like
squirrel, we hit the button and
the thing goes up and the television goes away, yeah! We
did wonderful things. Circus,
afro circus, Afro. So according to the results several victims
connected the denial of service
dog. I cannot definitively proof anyone connected why we are out
I took artistic license, however
when giving this presentation to my company, people were hacked
right and left. It's Gene. Only
one person asked about the denial of service dog. Most
people just said nice doggie.
What have we learned? A tech hobbyist with no experience can
create a war collar in
relatively short time. You can do this, too. I didn't go a
damn thing about this stuff when
I was started. But I kept at it and in 2014 there are unsecured
hotspots. And lot of devices
still probed for stuff. There is no patch for human stupidity and
cats and dogs really hard to
work with. I have to give a shout out to all of these
devices. JK devices they are
terrible. Don't go there. Reeves, still, Joe, Joey, Nancy,
Bill, the spark.io guys, the app
guys, V-dog, Skitzy CoCo, Tenacity, and, of course,
Defcon, I'm so proud to be here.
[ Applause ]
