 Pembuah. Okey. Okey, jadi terima kasih, semua. Jadi nama saya, Kay Meng, dan saya bekerja dengan kekuatan yang lebih kecil di sini. Okey, jadi kita akan mulai dengan masalah yang saya dan kawan-kawan saya akan bekerja di sini. Jadi di dalam pejabat ini, kita ada sebuah orang yang mempunyai diri. Mereka menghubungi diri sendiri. Okey, jadi apa yang mereka buat? Okey, jadi orang yang mempunyai diri ini, mereka suka berjalan di sekitar pejabat ini. Dan mereka melihat komputer yang telah dibuat. Dan jika mereka menemukan salah satu masyarakat ini, ini adalah apa yang mereka akan lakukan. Mereka membuka slag. Slag adalah aplikasi instan yang kita gunakan secara internasinya. Dan mereka akan menghubungi diri sendiri. Mereka akan menghubungi diri sendiri. Mereka akan menghubungi diri sendiri. Dan ini adalah sebuah perkara yang mereka suka gunakan. Jadi kita menyebabkan kekuatan ini sebagai orang yang membunuh di pejabat ini. Okey, jadi sebuah pejabat ini, itu sebenarnya adalah pemimpinan ini. Dan ini adalah profil slag dari pemimpin ini. Kamu boleh lihat di sini. I burned people and hunting for free. Ya, dan ini adalah t-shirt yang berharga. Tak menyebabkan. Okey, jadi mari kita lihat di atas perintah ini. Sebelum orang ini yang tinggal. Okey, jadi ini adalah sesuatu yang mereka menyebabkan. Fire, fire, pens on fire. The free stuff and my desk. Lunch on me tomorrow, I'll be catering. The fire burns bright this morning and Laivina here. She had this type inside like I'll buy fried chicken tomorrow. Ya, so quite a bad thing happening in our office here. Okey, so of course I didn't, I couldn't take this lying down so I decided why not. I should defend against this trap. Okey, so my solution here. So I have actually a distance measuring system. It's a both hardware and software solution. The hardware is here. I'll pass it down later. Then also a software side of things so that it will lock the machine. So I walk away from my desk. Okey, so click devil. Okey, so now assuming I'm sitting here right? Ya am I desk? Okey, so now let me walk away from this computer. Like this. Okey, so my computer is locked. Okey, so now I go back in. Okey, so just another one more try. So now I walk away again. Lock. Okey. So this is roughly how it works. Okey. So just a high level overview first. So in this hardware device I actually have a distance sensor. An Arduino. And a Swift desktop app. In this whole thing. Okey, so the agenda I have. So I'll first talk a bit about hardware device. The Swift app. And some of the defensive strategies I employed. Followed by little Vina will continue on with the improvement that she has made to my setup lah. Okey, so first the hardware. So now I'll pass down. Okey lah. Okey. I'll pass down one sample. Okey, so what's inside this piece of hardware? So let's first start with the sensor portion. The sensor, this is actually an active IR distance sensor. IR sensor for infrared. So how this sensor works is that there's actually both an emitter and a receiver. So this emitter, what it does is it emits an IR light. So in front of the sensor. So let's say there's an object in front of the sensor right. Some of this IR light will be reflected back to the receiver. So depending on the intensity of this reflected light. This sensor is able to tell how far I am away from the desk lah. Okey, so it has a range of 10 to 80 cm. Which is actually good enough for this application. So I also explored other types of sensors lah. For example, this passive IR. So passive IR, the difference between this and the previous one is that this just receives signals from the environment. It does not output any IR light. So the problem with this is that this has a very high average. So I didn't choose this. Another sensor that I considered was an ultrasonic one. So this one just basically output sound waves and then see how long it takes for the sound wave to come back to the sensor. So the problem with this sensor again is that I tried and realised it's too noisy. So the values I get fluctuates a lot to be useful. So I settled with the active IR sensor. Okey, so putting them all together. So I use an Arduino as the controller inside. So the case that I use for the Arduino right. It's actually meant for a larger person. Okey, so I'll pass down these two. The Arduino that I use for this application is a smaller one called the Arduino Uno. But the case is meant for the larger one. It's called the Arduino Mega. So the reason why I set up in this way is because when I put the smaller Arduino in the case meant for the bigger Arduino I have extra space. And this extra space is the one that I use. It's where I put the distance sensor. Okey, so this case is actually compatible with both of them because the mounting holes are in a similar position. Okey, so programming this. So I just use an Arduino IDE, something like this. Arduino IDE, it's just basically I write my code inside. What it does is that it will gather data from the distance sensor and then output it via the USB C report. The USB cable to one computer and my SWIFT app will receive it. Okey, so this is where the SWIFT app is over here. So this is actually called a menu bar app. You basically just get data from the USB C report and then it acts on the data. Okey, so it locks on threshold reach. So in my SWIFT app, I actually have some settings here. So depending on the user preferences how far they want themselves to go away from the computer before they want app to lock the machine. So it's customisable here. Okey, so about this menu bar application. Okey, let me go to Xcode. Okey, let me come here. So by actually it can be called a desktop application. But to be more precise, this is actually called a menu bar app. Because it does not have a main window, it does not have a dock icon also. It only just lives in the menu bar. So as for the user interface, I just use a zip file here. XIB with a view controller. So it's quite similar to iOS programming also. Then there's no sorry bot. And for the serial port communication. So my app actually needs to use the USB serial port to communicate with the device. So actually I wrote a Swift serial library some time back last year in fact at the iOS conference. So this is actually the library I wrote. So the reason why I wrote the library then is because I couldn't find a Swift library that enables an app to access a serial port. So now I use this same library again in my app. So if you have one more details, you can just go to my GitHub page here. Okey, then for the locking portion. Okey, so I actually issue a native API call through the IO registry entry here. Okey, so this actually I got it from Stackflowflow. So I just Google. Then I found someone asking a similar question. Then this is the API I use. But the API here is actually in Objective-C. So I just translated it to Swift. And it works. So IO registry is basically an API to let you access device drivers in Mac. So this device driver I call is actually the Displace Wrangler. Ya. And then I just call it the Request IDLE. Then it will lock the screen already. Okey, then also initially when I Googled I found out that most people suggested this particular app, Commonline program to run. So I realized that when I run this program, it hides any notification. So the notification but is something that I will use later in my app So now let's try to run this. Ya, so you see. It works as expected. Ya, but just that there's no notification later. So now let me come to the potential hacking and defensive strategies. Let's say if you are the red team personnel and you see me using such a device. Maybe I would like to put the question to you, the audience. What will you do to me and all my device here? Anyone such as? Any ideas? Sorry? Okay, sticker already? Number 1? Okay, never mind. So let me continue. So the first way that I thought of so I try to put myself in the shoes of these red team people. What will I do to hack myself? So the first way is simple, I just disconnect the device. Maybe when I walk away from my desk then they just come over to my desk and just pull out my device. So I will lose the protection. Okey, so I did think of that. Okey, so now let's see what happens. Let me enable back. So let's say if they plug the device right now. Okey, let me do it. So let's say the computer is unlocked at that point, it will lock immediately. Okey, so let me lock back in. And notice that my app has actually issued a notification here. So yes, I cannot stop the red team person from talking out but at least I will be notified that something bad has happened over there. That is why I raised the importance that why I need my app to be able to issue a notification. And the previous one, the CGSusband will not show this. Okey, so let me lock back in. So to detect this particular device, disconnect, I use Okey, let me So actually I copied this code from Stack Overflow. So let's see. Okey, so again I found, sell someone had this problem. Is there a delegate in suite to let my class know when device are plugged in via the computer USB? So the reverse is also true. This API that answer is given can also detect that device has been plugged out. Okey, so let's go do it. So this is the answer that I settled on. So the answer here, they say that they have actually a USB watcher class. Then you just need to use the code. And what it basically does is it hooks onto the operating system API. So whenever you plug out or plug in the USB cable, so the operating system will inform the app. Then all I had to do was to in my view controller implement this USB watcher delegate. And then my controller will know that my device has been plugged out. And from there, I just act according to it. Okey, so yeah, auto reconnection. So once I plug out, let's say if I plug it back in. Ya, so my app is able to detect that my device has been plugged in and then connect back to it again. So you save the trouble. In my earlier iteration of the app, I didn't have this feature. So I had to actually come here then I connect myself. So I realized that I actually need this auto reconnect back. It saves me a lot of trouble. And also in fact, sometimes when I leave my desk I need to take my laptop out of my desk to go meet someone. Then I bring it back auto connect device, auto connect back. So it saves me a lot of trouble. So maybe the hack number 2. Ya, so this is The auto connect gets 90 for that specific Okay, so Whenever a USB device connected back Yes, any USB device connected back, this API will tell my app that. So I actually had to filter I want to look for only USB serial devices. Okey? So that's number 1. But the thing is sometimes a user can multiple USB serial devices. So the second filter is actually by the path. Okey, so the path is here. C, U, USB, B, N, 1, 4, 1, 1. So actually this path is actually constant throughout the time that the computer is booted up. Because the moment you reboot your machine this ID can change. Ya, so, but even if you don't shut down your computer it's fine. So if I connect back, normal I see that this particular path exists again, then I connect to that path. Okey, so ya, so he suggested that maybe someone can tamper with device like putting a sticker there. Okey, so I don't have a defense against that. So I actually require the user to be vigilant. So you notice at the here right, actually I show a live display of the what's the reading of my device. So let's say now I move this device slightly further away, right? Okey, sorry, let me disable locking mode. Okey, let me increase it first. Okey, so now say I move it further away. You can see the distance increases. Then when I move it closer to me shorter. Ya. So if that say if you are a user right, you're using this app right. And then I mean when you're using this app, when you're at a desk you probably have an idea of how far you are away from the desk. So one day somebody decide to put a sticker there. Immediately the distance here will show a very small value. You immediately realise that something is wrong already. Ya, then you of course go and check the device. It's somebody tamper with it. Okey, so that's for hack number 2. Okey, so I did talk of another one more hack. Which is the malicious person can actually reprogram my Arduino to give false values. Okey, so my defense against it is that I will always reprogram this hardware before using it. Okey, so this is how it works. So this is my Mac app. It actually contains the firmware binary of this Arduino. So now I go to my Xcode. You see this file here? Ya, this is this binary file. So actually I store this firmware binary inside. So what happens is that whenever I want to use this device, my Swift app will program the Arduino with this firmware binary. And the way I do it is through the Arduino app. So I didn't use the Arduino app directly because the Arduino app itself is actually a GUI program. But inside this Arduino app, there's actually a programmer binary called AVRDude. So what my app does is you call this binary directly with this firmware file name as a command line argument. And then this AVRDude will then reprogram Arduino. So even if there's any malicious firmware inside it will be swept away. Every program fresh one every time. So let's see here. So this is actually you can see I actually call this command here. AVRDude inside with this following command line parameter. Ya, so that's why let me now disconnect and then reconnect again. Let me show you. So disconnected. So you notice here my app will flash the Arduino first. Then after that come on. Second notification went out. Ya. So after that you connect to it and then you use its values. Ya. Ok, so there's actually a possible way to hack my system without me knowing about it and that is actually to override the Arduino bootloader. So this is actually quite a technical portion. So if you're not sure, because I know most of you here are not hardware people, so if you're not sure feel free to ask me the questions. Ok, so in typical Arduino programming, it's actually very simple. All you need to do is you just start up your Arduino IDE something like that write a code inside it and just click upload. Then let's say if your Arduino is connected via USB cable, then the Arduino IDE will straight away push this firmware inside here. Very simple. But this simplicity of programming is actually very rare lah. Actually most of the time if you program commercial microcontrollers you need dedicated system programmers. So something like this. So this is called an in-circuit system programmer. So if for Arduino actually there exist some pins for you to do that lah. It's that basically you push your firmware through this programmer inside directly. Ok. So this simplicity actually comes at the price. Because we need to see how this thing works right. So in Arduino right, in Arduino board at the factory what they do is they program a bootloader inside before they ship it out to you. So what this bootloader does lah is that it will listen or initial start up for one second, it will listen to instructions from your computer. Then let's say if at the point you upload that firmware inside then you take that firmware and then basically burn it to itself. So this is how it's done quite simply. So the problem is if you can find some way to override that bootloader right the Arduino can pretend to be flash but in reality it is not. So it can basically have a malicious firmware inside all the way. And this can be done if we use the ICSP, this one here. It can actually flash the malicious bootloader inside. So I hope that my evil colleagues will not resort to this lah. Because I don't defense against this. Okay, so now before I pass the time to Vina right actually Vina is actually my colleague and also one of the users of my setup. So while using that setup she actually found certain flaws in my setup here, in my app so she suggested to me or maybe I can change things in a certain way. So as she's a Swift iOS developer I issue a channel to her and then issue the pull request to me. And that was what she did. So for that, so now I pass the time to her for her to talk about the improvement that she made to my app. Alright, thanks King Ming. Actually when King Ming offered me to try on this device in my thinking was like oh, this must be a perfect device right, he's smart. But after some time after some time when I use it as you see here this is the first fashion one right, fashion one that he gave me to me. When I look at the look locking distance I find such a long options of centimeters that's the first impression after some time of using it. So I find that oh maybe if the distance options can be shorter because this one is like 10 to 80. That will be better. And then the second time is that I move frequently for example because our table is like like this right, whenever I move is for example like that then the device immediately lock and I feel like a little bit annoyed because hey just leave the desk for probably 3 second and then it already suddenly lock it, that's why I keep entering my password again and again and again to me is like what's wrong with this one right I don't like keying password you know. So after that, after he issue the challenge alright, I will take look at the code actually the way you take a look at the code is that you click here and then he put like a fingerprint here called source URL and then it will open his source code. So actually if you want to learn how keming make the menu bar app you can actually clone this one or forget actually. It's pretty straightforward right, so I have 2 challenges or 2 homeworks from keming that day, it's actually not a flaw keming you cannot call it a flaw just a little improvement so the first challenge is how to shorten the locking distance I wanted to say maybe not 1 cm, can I make it every 5 cm instead of 1 cm so I take a look at his code Swift code obviously and he does it by this code it's like the normal way for distance in the minimum to the maximum and add it as the menu and therefore he has this kind of like 10, 11, 12 so the usual way of me wanting to make it every 5 cm the difference is this way I make a far option 5 cm and then there is his distance minimum constant, maximum and then I do this kind of for loop iteration and then if you put it in the playground it will print out the correct sequence from 10 to 80 but because like this is my first contribution to open source I want to do it more elegantly I'm an iOS developer so I was thinking is there any better way to rewrite that for loop into a better way and then I find this function called stride in the Swift API reference basically as it say stride will allow you to generate a series of value whereby you can add it with constant step so after trying then I get to replace his one liner with my one liner called for distance in stride from the minimum through the maximum by 5 cm and just by changing that one liner actually I managed to issue my first pull request simplifying this menu from this to this one which is nicer, right? so I was like wow so happy even Kingwing was so happy it's like wow I got pull request so we continue with the second challenge the second challenge I know it's a little bit tricky because the second challenge I don't want this thing to lock it immediately but how to prevent that maybe we should have a locking delay like how our iPhone has the display auto lock and then I wanted to have 2 minit atau 5 minit then Kingwing say you crazy eye but within the 2 minit and 5 minit you can get born again okay fine fine what do you want so he suggest okay let's have 0 1, 3, 5 okay fine whatever you want but then the trick is how do I do it this is just to simulate to you for example 3 seconds delay each dot here is mark by 1 second whenever you go out of the distance I mark it as a T1 and then it will count 1 sorry 1, 2, 3 and when I get back within a distance it's not going to lock the second scenario is that when I go out of distance I count to whatever okay example is 3 seconds and if I never go within distance I will calculate the current time minus the T1 if it is greater than the 3 seconds go to lock now let me show you the code which confuse me oh I have to quit first oh yeah so the locking distance is here and the locking delay is here right now the delay is 0 and then say I put this one oh yeah so we get the T then within 0 second it's locked right away right and then now I set it to 3 then when I do that there's a notification saying that locking in 3 seconds we count 1, 2, 3 and then lock sounds cool but when I look at his code I was like wah so upset the reason why is that although I know he start everything in this the logic is in this one menu controller I will show you what confuse me I quit this one first by the way if you clone it maybe you are like me I don't know how to test it because when you have an iPhone app you always have a simulator by right you don't need a simulator just click build here and then you will install it in your menu bar right away okay like this easy flashing oh okay so as you see right this current distance is called from this function called distance receive where I have a print so the sensor actually take note of the distance is like every 2 times every second see the moment okay I have to lock it when I put this away right it straight away taking note of the new distance but it keeps shooting the current distance and my confusion is like okay so how do I how do I take note of my T1 I was totally confused how do I take note of the T1 and after the T1 how do I know this difference the current time minus T1 so there goes my hypothesis about what switch function should I use but the cut story short right I actually find a way that is to use this thing called CF absolute time get current right this is the code the logic is that if you are in the locking mode and your distance is greater than the current locking distance with the current locking distance is this one it will start to count it will start to count like like this one when you are out of this distance start counting and then this one will determine whether you are starting or you are not starting when you are not starting I will get the time difference and when the time difference is greater than the time out do the actual locking machine yep I guess that's as simple as that right and if you want to look at the code you can actually go to his GitHub here and then there should be a poor request here and then you will know what are the codes that I propose to King Ming and how did I add the menu and stuff like that so to my surprise that actually Mac app Mac menu bar app is relatively easier than the iOS app so after that I find this way if King Ming doesn't 0135 I can always extend it myself I can always change the code myself to my requirement so I mean in conclusion it teaches me how do I contribute to the open source as well okay, I return it to you so this is actually a final signal for me that hackers always win so why did I say that is because I don't actually have physical security on my device here so basically if anyone can come to my desk basically my colleagues working here they have access to my desk and I don't know so actually I don't have any security at all but the thing is what I can do is basically raise the bar of burning so hard that they would rather not come and burn me instead I basically shift the risk to other unprotected colleagues okay so that's all from so any burning questions anyone no questions okay how difficult is it to access to the webcam okay so that's actually a very good question so not that hard so what actually my other colleagues did I'm not the only one who came out with the defense one of my colleagues from the data team what they did was actually they basically access the webcam so what they do is when they access the webcam they get a live feed of the video from the webcam and they'll compare it to image so for example, one of the strategies is if they detect the leader of the red team then they will lock the machine one is if they detect that there's no faces in front of the machine they lock the machine or if they detect that their face is in front of the machine then they unlock the machine so someone actually did something similar but then again the thing is about webcam when you use the webcam, the LED turns on the green LED turns on so some people will actually find it quite irritating then who's to say that it's not your app not your own app is using the webcam maybe some other malicious app is using the webcam and also there are some false positive cases so someone take a picture of you then they go in front of the machine that kind of thing any more questions? i don't want it back so that's all