David Bryan - Hacking with GNU Radio - LayerOne 2009

Why they are expensive: its an 8 layer board. The chips on the board are around $40/ea. (Couple hundred dollars in chips alone.) Of course costs come down with mass production... (ie: More demand for it.)

@ZacMan1987 I couldn't watch the whole thing...I now have nightmare's about that 'guy' and his nails, listening to all my calls.

If you want to see somebody who actually knows what they're doing with GNU Radio and is capable of significant security intrusions, search for GSM Cell Phone Interception and watch away.

The USRP's peak output is 200 mW. That's all you get. You want to focus it? Go ahead. Learn something about your terminology though.

NONE of the examples he ran were anything special. All preconfigured in Gnu Radio. He did basically no programming at all here.

When running the PTT script, you would really look a little more clever if you weren't CONSTANTLY underrunning, something which is clearly visible in the terminal window.

If there had been ANYBODY at this conference who knew ANYTHING about the USRP or Antenna Theory, he would have been laughed off the stage.

First off, the whole point of GNU radio being open source is unrestricted status to the spectrum.

If he had bothered to study his documentation on his RFX900 daughterboard, he would know that it is filtered to the ISM band of 902-925 MHz.

Second, what was that about transmitting 2 watts because he had a bigger antenna??? Really???

Seriously this guy knows almost nothing about wireless and shouldn't be let within a country yard of security work in that field. gnuradio is great though and the fact this guy just kind of tripped up over himself and was able to jam SCADA with NBFM says volume's about USRP/gnuradio's power.

"Even the cell stuff isn't blocked which I thought was kinda surprising" .. who is this lamer? Where did he get his credentials? I have no formal education in any of this but I can reckognize his BS for what it is. Silly to go public like this, I feel like reporting him to FCC and his employers.

The replay attack would even defeat encrypted signals if it was done correctly, to expand on that you could intercept the signal of the individual stations e.g at a set time say in the morning, where the water tower is full, and then replay that signal back to the base when you want to prevent the control system from starting the pumps, etc.. All in all I have lots of ideas just from watching this demo and I'm surprised Dave didn't think of any of this .. tbh, I wouldn't hire him to test my net!

A bit lame because there was no real technical depth in this presentation/demo. No talk about replay attacks (an obvious thing to do on that unsecured wireless repeater) - record the maintenance mode command stream from the transmitter and replay it at will, for example. No explanation about what the FFT display really shows, ie. a range of frequencies and the signal level for the entire range, as opposed to an old fashioned radio that is tuned to a very narrow band, etc. Could have been better!