Hardwear.io Netherlands 2019 Archive Links

Hardware Hacking #HackFearlessly

The third edition of the hardpwn will be held during hardwear.io training & conference at The Hague, Netherlands. At hardpwn, you will be able to hack fearlessly (vendor is asking you to) and get rewarded.

**Irrespective of whether you registered for conference or training at the hardwear.io Netherlands 2019, sign up is mandatory to participate in hardpwn Workshop/Contest.**

**You can participate in Hardware Teardown Workshop or Hardware Hacking Contest, only if you have purchased a pass for training or conference at hardwear.io Netherlands 2019.**

IMPORTANT DATES

Hardware Teardown Workshop -
23rd Sep to 25th Sep 2019 | 10:00 am to 11:30 am
Workshop Sessions -
(1) Monday 23rd September - 10:00-11:30
"Firmware Dumping & Reverse Engineering" by Grzegorz Wypych
(2) Tuesday 24th September - 10:00-11:30
"Wireless Security - RFID/NFC/Bluetooth/Radio" by Adam Laurie
"How to use EXPLIoT framework for security testing" by Aseem Jakhar
(3) Wednesday 25th September - 10:00-11:30
"Side-channel Attacks using ChipWhisperer" by Colin O'Flynn
(4) Catherine Norcom: Soldering & how to not burn yourself
Hardware Hacking Contest -
23rd Sep to 27th Sep 2019 | 11:30 am to 05:00 pm

Hardware Teardown Workshop

Are you a software security researcher, interested in hardware hacking? or Someone who is starting into hardware hacking or want to learn how to hack real-life hardware devices? Then this workshop is for you. We will provide you hardware hacking tools, test devices to start into hardware hacking.

During the workshop:

Researchers will learn the basic skills needed for using various hardware tools for bug finding.
Understand the hardware hacking process and mindset.
Apply techniques to defeat the security of real-life products available at the workshop.
Vendors will talk about the underlying architecture of the devices & key areas of the hardware. They would also talk about the scope of the contest.
Use skills learned during the workshop to hack devices at the hardpwn contest to earn rewards & recognition.

Hardware Hacking Contest

The 3rd edition of hardpwn - Hardware Hacking Contest will be 5-days long event. So that security researchers get more time to hack devices. So hackers, bring your hacking machines to hardwear.io and #HackFearlessly.

What is the contest?

The organizer will provide target devices to the security researchers who have interest/expertise in Hardware Hacking.
If a researcher finds a vulnerability, it will be reported to a vendor in a controlled manner.
In return, for accepted submissions, the vendor will reward the researcher depending on the severity of the finding.
NDA is signed with the researcher, and the disclosure isn’t made public until the vendor fixes the issue.

Participating Devices:

Noke HD Bluetooth Smart Padlock
Nest Cam IQ
Google Nest Hub
Nest Hello
Nest Secure
Nest Protect
Google Home
Chromecast
Google WiFi
MINiBREW Craft System
Byos Portable Secure Gateway

Contest Rewards:

For Noke devices, bounty starting from $500 up to $1250 for accepted submissions depending upon the severity of vulnerability findings

For Google & Nest devices, as per Google Vulnerability Reward Program (VRP) Rules

For MINiBREW Craft System:

First Prize: MINiBREW Craft System

Second Prize: 5x T-Shirt plus 20% discount voucher on MINiBREW Craft System

Third Prize: 5x T-Shirt

For BYOS devices, bounty starting from $500 up to $700 for accepted submissions depending upon the severity of vulnerability findings

For Vendors:

We are open for a Vendors/OEMs willing to test their devices at HardPwn challenge. Your devices will be tested by top security reseachers attending hardwear.io! Interested? Then shoot us an email on info [at] hardwear [dot] io.

Note:

To make your hacking experience smoother, we have following hardware hacking tools available at the hardpwn booth (but in limited quantities): JTAGulator, Chipwisperer, Expliot NANO, Hydra Bus, USB Microscope, Rework Station, USB- TTL, Proxmark3, Ubertooth, TNM5000, Jlink, Saleae logic, etc.

Instructions for HardPwn:

Step 0: Sign up for HardPwn.
Step 1: Check-in at the HardPwn desk.
Step 2: Check all the devices available and pick one or few that you are interested in.
Step 3: #HackFearlessly
Step 4: Report found vulnerability:

Google and Nest devices: https://www.google.com/about/appsecurity/reward-program/

The rest of the devices:

Submit report about Noke HD Bluetooth Smart Padlock: https://0copter.com/NokeHD
Submit report about MINIBREW Craft System: https://0copter.com/MiniBrew
Submit report about Byos Portable Secure Gateway: https://0copter.com/Byos

Step 5: Return the device to a volunteer at the HardPwn desk.
Step 6: For accepted submissions, get your prizes after day 2 of the conference.