 The topic of this talk is opt-out or D-O-T-T-R-I-N. It's gonna be anti-tracking bots, radios, and keystroke injection. That's gonna be throwing off brick-and-mortar stores, the ways that they're tracking you. Everything from billboards down to the basic analytics and information that Google collects when you do searches and things of that nature. All the slides in one second here. Let me get this play in here. Awesome, now you guys have visuals to go along with it. So, as I said, my name is Weston Hecker. Feel free to follow me on Twitter. I do a lot of research during the year, and I love helping people with projects and just security research in general. I'm gonna go into a little bit of detail. We'll make it a little bit quick here. Yeah, myself, I'm 32. I work for NCR, I live in North Dakota. Any other North Dakotans? No? Okay. There's probably six of us. Yeah, okay. There's one or two of them. This is my fourth year in a row speaking at DEF CON. Spoke at Hope. Black Hat last year, lots of conferences. So I love getting out and meeting the community. That's the reason I do these talks is to meet people like you guys. And I've been doing a 12 years pen testing professionally and 13 years of research, programming, things along that. And I did a lot of ATM, car hacks, several IOT projects going on right now, reverse engineering malware, things like that. I'm gonna be doing a cool attack on vehicle. Anybody has a push button start car? You should definitely come down to the car hacking village. I'm gonna demo how to stop the relay attacks where basically people are using self-prodifined radios to actually steal vehicles. So I'm gonna go into how the actual attack works. Then I'm gonna go into some two-factor authentication that I added that's built on a $12 Arduino project. So it's very cool. And a little bit about this research and what led to it. So as you can see, Microsoft, Windows 7, End of Life was all announced. And I mainly use Linux, like a majority of the people here probably do, but I'm forced to use Windows for some applications. And I had a quick question I called one of my buddies and I'm sure everybody has that buddy that you call him for a simple question about some concerns or things like that. And they'll talk to you off about chemtrails for the next hour and a half. So he's a very, very paranoid guy. He's usually right though. He's added validity several times when I've talked to him. So, and he's helped me with tons of my research, especially my cell phone hacking one I did in DEF CON 22. So, but yeah, that's basically the end of this research is I started installing Windows 10 and most of my machines. And yeah, explains what systems I've used in the past, how they do in-store tracking, operating systems, switching to Windows 10 like I was saying, which is kind of a scary, scary thought. And searching, search engine, spying, Google, I know they track all your analytics. Bing probably does too, but nobody uses it. So, and I'm gonna go into actual billboards spying. There's a couple of prototype billboards and I'm pretty sure I fried the one in Minneapolis on 169, I was doing some research on it. I had permission at that time, so it's something that they want. They're actually tracking vehicle TPMS sensors, so tire pressure monitor sensors and they're profiling people off of vehicles and the actual advertisements. So, and yeah, yeah, that's pretty interesting stuff. So, just privacy is disappearing. So I thought I'd do a privacy talk and yeah. Explanation of the targeted personalized advertising. So I'm gonna go through a lot of the advertising personalized ads. They're getting really, really creepy. They got really creepy for a while there and then they realized that people were getting creeped out and they kind of backed them off a little bit. Behavior advertising cookies. I'm gonna go into, they track you on basically which are hobbies, automotive, electronics, travel, where you've been, things like that. Collection of non-identifiable information. So they tell you that it's a lot of it's metadata, but there's been plenty of talks in the past of how to reverse metadata. There was actually some medical ones where they had people that had diseases and things like that where they were actually able to reverse those two specific people once there was an actual breach. So yeah, and the real-time bid information which is one of the buzzwords that's out there. So basically people are buying us like a cattle and this is basically geared at jacking up every single analytic they use for it and making the data completely useless. And yeah, so they have software advertising displays, private marketing, PMP. Basically wasting advertisers money. And yeah, there's an explanation of technology of tracking online. So I'm gonna go through some of them. I'm gonna explain how deep and diving the operating systems are. And when you try to neuter Windows 10, how it fights back, because it is a very intrusive operating system. Yeah, it's what to be expected. They're pushing a lot of those updates and stuff like that. So how it impacts the users, how it impacts the business. I know that's something where I don't mind if, they know what my mother is doing on a day-to-day basis or I'm sure she doesn't either. But when it's your actual employees, if anybody's an assist admin or security admin role, and it makes a lot of these column services hard to track, especially when we're trying to see if things are calling out or Trojans or droppers or any kind of malware is calling out and stuff like that. It adds a lot of unnecessary traffic. And I'm gonna go into GPS tracking off of IP addresses. So on the whole, they'll track what an entire company is doing if they have one IP address. So wifi and beacon information, so how they actually go through cellular tracking and turn on wifi for accuracy. Obviously everybody has their wifi off here, but there's, you know, in the average world, when you're walking around the mall, it's amazing some of the information they collect. And yeah, arts entertainment, this is some of the actual breakdowns of how ads are personalized and sales of it. It's very, very boring stuff. I feel that I don't need to go into too much detail on this and I'm sure a lot of you guys have done a lot of research on actually running ad blockers or blackholing advertisements. I recommend that for everybody. Not only just for security purposes, but even legitimate webpages can have drive-by attacks. There's several exploit kits that have had drive-bys in the past on legitimate webpages, pages that I would visit without any hesitation normally. So, and yeah, so there are some good ways to stop tracking right now and I just wanted to give a plug to some of these, they're all open source, they're all free. So they have ad blocker apps, they have actual black holes, which basically the advertisers don't know that their ads aren't being showed, which is a little more stealthy. TrackMeNot is the actual hypervisor version that I wrote as a plugin for the actual program that this IO address. It's pretty amazing. It literally crawls the entire web page that you send it to and will click all the advertisements in a safe manner, obviously. But it basically jacks up a lot of it and I actually added a hypervisor version because they banned this plugin on Chrome. So I got it so it's working on Chrome again and it actually does lots of XML injection or a keystroke injection into the actual browsers themselves. So it's something where it happens at a layer where you're not gonna trigger a lot of the, I'm not a robot and a lot of security features. So that is something I'm also releasing open source and I'll have a working version for VMware that once it's out of the beta phase here, everybody will be able to download it and as long as you have VMware workstation or some of the open source ones will also work for it. So the OVA's, you'll be able to launch them and I'll go into a little bit of the other things that I'm actually blocking from Microsoft, so. And yeah, Privacy Badger is a really good one. EFF love supporting them. There's paid VPNs, $4 a month. You can get a decent VPN service. Some of the free ones, who knows what they did. It's probably worse than letting them know you're advertising is some of the stuff that those IP addresses were previously used for. So that's something that I would definitely recommend that you do your due diligence when you're checking into that stuff, so. And it's all a very good start tackling some of the call homes, doing a actual blocker on the host's files. So it blocks a lot of the Microsoft call home type stuff, turning off your peer-to-peer networking for updates and stuff like that, so. And what do I have against ads, Weston? That's what my wife asked me. And yeah, I know it's something, I don't mind it all, I hate having advertisements. Anytime they offer something like a YouTube red or something like that where it'll, they still collect a lot of information, but it's something where if I don't have to see an advertisement, I will gladly pay for it. I'm not trying to, that's the way that the internet is free, I understand that. It's all, I will gladly pay for a lot of the premium services. And anything that's ad-free, and even some of the Android stuff, it's amazing that you can't actually, turn off a lot of the tracking. And it's something that, as the more and more, they can snag you with the convenience and then they add some of the more intrusive stuff. And that's just been happening over the last few years. So yeah, and I'm gonna be able to, should go into some, yeah, disable some of the browsing tracking. They let you know there's cookies. They try to do all these things to let you know what they're doing or make them look like they're more of an accurate and good demonstration of what they're actually doing. But in a lot of cases, it needs a little more intervention. And that's why I love that there's tools like on these last page here that people can actually go out and do this kind of stuff. So, thank you. So basically, drive-by attacks, like I was saying, even legitimate web pages, there's a lot of them that even the New York Times is one of the bigger ones that comes to mind. That page, they literally send it on Twitter saying that their actual page is breached. Please don't visit it. And that was a drive-by, I believe that was a Java or Flash drive-by attack. So it was literally just by visiting the page, it would actually execute some of the code on there. So since the late 90s, it's been one form of another in tracking. And they're deep diving, they're getting their analytics more tight. And it's been used in stores, actually the brick and mortars. I'm sure everybody, you know, 2012, heard about these, you know, they're tracking everything. And the stores that were doing it got a lot of feedback, that was negative, so they quit doing it. Then they tried it again two years later, and they're right back up to the same old tricks. So that's something where in the in-store analytics, it's no problem at all. I have no problem at all if people opt into it. That's definitely something like if somebody wants to save 10% on their gas or something. By all means, if that's something they accept, I have no problem at all with that. But it's when they actually, you know, they're tracking cellular beacons of how many customers walk by, their retention rates, their dwell times in the store, and things like that. I'll actually go into some heat mapping analytics and things like that, so. But yeah, it's a, yeah, I have no problem at all with opt-in programs. That's one of the biggest things. So they track some of the Bluetooth, cellular beacons, wifi, infrared and motion sensors. Yeah, several years they, again, getting negative press, like I said. So there's been lots of resistance in all forms of tracking. Apple and a couple other supplement manufacturers are doing very, very randomized beacon information, which is awesome to see. And it's definitely been a long time coming for it. So UK and other areas in the world have been less resistant from what I've seen. I know a lot of the actual tracking that they have out there is pretty readily available. So, and told, it's been turned into metadata. And I've already explained about some of the weaknesses in metadata and reversing it. And this is the $45 device that every single one of you should bring and go to the mall with you every time. Because this actually, basically what it is, it's a huge wireless beacon generator. And it actually can generate up to 150 beacons. And they can be one of several things. They can either be, so they can either be cellular beacons, so they make it look like the customer's walking around. They can actually be rogue access points. They can be pretty much anything that you can generate cellular with a laptop. You can now generate with these. And I actually have a program called Groundhogs Day where it replays the exact same days or the traffic. So it looks like the same people are walking by and it is a pretty neat process. It actually jacks up their in-store analytics, their retention rates, all the heat mapping because with the more advanced version with the actual Raspberry Pi attached to it, you can actually change where people are dwelling in the store and stuff like that. So it's a really, really cool project. And that's all gonna be open source MIT license. I'll release how to actually build one of those. I highly recommend it. They're pretty fun. If you haven't played with wireless before. Oh, sorry about that. Yeah, thank you. And MetaDeath used to change the store layouts. So say for example, if everybody goes to the front panel, they're gonna start throwing the more high price items there, things like that. If they realize everybody's going back to electronics right away, they're gonna put a lot of stuff to try to sell people on the way there. And the more specific layouts increase sales and make us more along the lines of just consumers. And using regards programs, like I said, opt-ins, I have no problem with all of that. I did a little research on some of the coupons that are pushed and some of the actual Bluetooth tracking. Those things are literally built for like the year 2023. They're not impossible to break, but I did not have the free time this year to actually start dabbling with those. Last year, I actually did some ticket injection, but I did a responsible disclosure with it. So it's something where I wouldn't work anymore, so nobody would really care for the majority of it. So they increase how much they... Oh, sorry about that. Yeah, here we go. And yeah, so it basically increases how much they can charge for certain story areas if people have it in there, so. Sorry about that, guys. Yeah, thanks for the brave soul. Told me to bring it up a little closer, so. Yeah, so it changes the ad placement in the physical and the web because they're tracking cross-platforms, so. And yeah, a collection of all the cellular Bluetooth beacons. So they're collecting all of the ESN information. They have actual... They've weaned away from this one big time because it's very, very intrusive and some of them have pretty decent ranges on them. So they're not as acceptable for as far as if people are going through actual communication with them, so. And how do you harden the communication best practices? Yeah, that's something I'll be going through in here a little bit, so. And who knows what TPMS sensors are for vehicles? Yeah, there's been lots of really, really cool research. So they have smart billboards. They just throw it with smart in front of it and charge people for it. But it's something where they're gonna basically be tracking beacons that we have a profile that that guy driving that 2015 Jeep Cherokee or whatever, they'll be able to tell that that person's most likely a white 32-year-old male and they'll be able to get more of the advertisements or they'll be able to generalize how much they actually are able to charge for some of the information, be able to track people a lot more. And in the US, after 2007, they required a majority of the vehicles except for special purpose built vehicles. So basically it uses unencrypted RF, 314 majority of it, so depending on the actual vendor, any time you go over 19 miles per hour, it'll do a call home feature. And I'm gonna be actually demoing the, in the car hacking village, I have a TPMS sensor where you can actually add three sets of tires to your vehicle. So that's something that Ford owners have not been able to do without going to a dealership all the time. So it's something where you can have your snow tires, racing tires, but I add in your whatever other tires you want. So that's something that I actually made it so my wife's vehicle every time it starts up, it'll actually generate a new TPMS sensor and it'll flash it into her canvas. So it's pretty hard to actually track the vehicle and it's just one step further. Hopefully people will adopt those kind of things once they start tracking more of that beacon information. And yeah, right now that's one of the majorities of that they're actually testing and I'll be doing a demo of that on the actual car hacking village. So yeah, and everybody's, for the most part, I don't need to go into social media. That is literally just, that is pretty much nothing but data collection. There's been several jokes. I love one of the Onion ads where they had, Mark Zuckerberg is like an FBI agent and they got some pretty accurate stuff like that and it's abuse in the past. It's just, they're literally just tracking everything on it and it's something that they willingly accept to be able to send CAT memes and things like that to each other. And we're bursting the randomness. So when I went through the actual pages it was pretty simple. I would start with a dummy account on a BPS and I would start searching specific dialogues of things that I would think that people's personalities. I would think of a friend and then I would think of things that they would search and I would think of that age right now. I would think of like my niece, what she would search, what my cousin would search, my uncle would search, a lot of that stuff. So that's something where I was kind of looking at what they're reversing and what they were advertising with. So I built out a huge spreadsheet that is actually gonna be something else I'll be releasing with these tools. And it basically shows that what's your profile and how to build a profile? Because that's actually what the program that I made is you can set yourself to, say for example, the example I was giving was a 12 year old girl who likes horses and you'll be looking how to flash a firmware on a Uber tooth one and the next thing you know, you're searching does he like me? Where are the best horse ranches? Things like that. So you'll be able to throw in some pretty random details and it's actually a plug-in for that amazing program that I was talking about earlier. They do a very, very good job at random stuff but some of the random stuff gets thrown into unlogical bins where they don't even get advertised to or they get very, very low resale. So these actually keep you looking like a real person on the web because eventually when enough people start using blocking services like that, they're gonna start actually diving a little bit more into the actual details and the software of it. So and yeah, back in the old XP days, they really didn't store much information. And yeah, 1984 style moving into Windows. It's literally amazing the amount of information they collect. And I've been a huge fan of doing misinformation type talks like the one that I actually did was injecting fake credit card numbers for credit card skimming software. So like it's like, it's all about like, if I can't have my data, nobody can kind of situation. So it's like, if it becomes so useless, they won't actually want it anymore. And that's kind of the thought and the process behind it. And yeah, an explanation of attacks. So blocking the billboard spying. I'm gonna go through that with the TPMS sensor and explaining the actual main attack surface over the past of monitoring systems. So how brick and mortar stores are spying on people and how web and OS are spying on people. So that'll be the next phase of this. And so methods stopping billboard spying. So billboards, they're, oh, they're picking up, well this microphone, I apologize really here. So smart billboards, they capture the wireless sensor information. They capture all of it based on the model, year of the car, the age range, income range. If you're driving a brand new Lexus, you're most likely not a McDonald's employee. And they like to profile it like that. And that's just one of the more things where it dehumanizes a lot of the information. So, and passive and opt-in programs, once again, like I said, people will have a lot of applications for tracking through a lot of the actual molding public transit systems and stuff like that. So, and like I was saying, you can add a lot of the not necessity of having to go into a dealership, which is really, really nice, because Ford and Lincoln vehicles is the one that I have the tool working for now. And it's nice to be able to actually install like a Groundhogs Day type situation. So you cycle through the one that I have that would be more practical is adding a 10 tire TPMS sensors and cycling through them. So that's something where it's not randomly generating them because that is a little bit more of a lengthy process, especially about once a week, you have to actually do a hard flash to actually add some of your TPMS sensors. So, and yeah, so what's being collected and what allowed them to profile me online, that was one of the biggest things that was the collection of the information once I logged it all. It's something that, it was pretty interesting what slight changes would change in advertisements and things along those natures, especially when you would start again getting into higher profile travel. You can also see where people are spending a lot of the money for actual click to pay advertisements and stuff like that. So how do they use it? Who is it interested to? Who's buying it? How is the information held against people? They've done, there's actual FBI portals and things like that for a lot of this information. So they don't have to actually submit warrants or they have to do warrants and everything like that. They do the due process. It's just something that they actually have to, yeah, they have to keep it up. And how is the, yeah, all the information for portals for law enforcement. One of the biggest ones I've known is the ones for actual cellular communications. So, and yeah, so basically injecting the false data, changing your profile. How much information do you have to do to combat your years of profiling? One of the biggest things I did a couple of years ago was I started like three Google accounts that I switched in between them. I didn't even trick them because of a lot of the information that they picked up. They still profiled it as the same person. So I'm gonna go into a little bit of the profile changing and actually throwing off some of the lower level analytics. And who knows what typefisting is? Yeah, it's like a World War II, they used to have people that when they'd tap the actual Morse code and stuff like that, it was something where they would be able to tell where somebody was in Germany based on the actual way that they typed their information. And that's one of the actual analytics that Windows 10 is collecting. So that's part of that hypervisor that I built is it actually collects all out of your keystrokes and actually injects them out into the operating system or whatever your selected tab is for 38. You can select the gross words per minute depending on how fast you type, but it basically pops it out so there's no typefist. So they can't tell if it's you using your computer or your wife using your computer. And there's a couple other ways that you could do a lot of this stuff. It can be used for injection of typing. You can do working on mouse click emulation and simulation that is undetectable and things like that. So it'll be a pretty decent project once it's complete. So and then we're gonna go through the browser bot and how to not get detected by search engines and web browser programs. That was one of the biggest things. Right away it was, kept busting me and it just was a little disheartening at first. So, but yeah. So yeah, a lot of the, I'm not a robot. Who saw that? Eventually that, like how hard can that be to beat? Then they tried to beat it. Yeah, it's actually a pretty well thought out process. So a lot of the, it's not just about the clicking, it's about the naturalness of how it is clicked. So that's something where, if you're able to push mouse clicks from a hypervisor, it's a lot more accurate in detail and you can tune it a lot better. And it also makes it so that everybody can use it. You don't have low level details of actually how to program a lot of the stuff. So, and yeah. So yeah, you can basically go through the joys of watching your advertisements change firsthand. You can throw off your analytics a little bit and based on your actual advertisements, you can reverse that to what they profile you as. And it is actually pretty creepy. Based on the actual database information, you can actually see that they know that you're, you know, in your mid thirties and you love vehicles and computers or whatever your things are. So there's ways to actually go of the reversing process. It's a pretty decent process. If you guys haven't ever mapped in and hang out like this, search engines are really, really easy to do. And it's definitely something, if you're wanting to get in a data project with some of your friends, so. And yeah, basically, yeah, this malware could actually be used to do bad things. So you could actually, like a hypervisor like that, I was looking at that where somebody can actually use it as framework that can make people visit bad web pages, things like that. So that's one more reason that you're gonna wanna integrate something that will keep track of what your actual analytics are and what it's actually conveying. And you could actually frame somebody. It could basically damage somebody's life. Or even worse, it could like Nickelback on Facebook. So I just had to bash on Nickelback because they're the worst thing to come. So, but yeah. And there's basically, yeah, it's also used if you wanna do some testing for malware. A lot of the malware looks to see if the virtual machine is used. And it's something where you can get some actual real world case usage. I know it's something to, without paying $50,000 for their really expensive VMs that are specifically for reversing malware, it's something where you can make virtual machines look like they have daily usage in them. So if it's something where you wanna kick a payload off or it kicks off three weeks later or something, you'll be able to actually do a little bit more research on it. And yeah, basically it's the operating systems. And yeah. So how I tried to make Windows 10 go off the grid kind of was basically by originally doing some of the hosts, seeing what it's calling out to. Others have done that in the past. Others have failed. I failed the first few times I did it. There's actual very, very good tools out there for blocking a lot of these. They get turned right back on as soon as you run an update though. So that's something where I'll be posting some of that research and a little bit more about a deep dive into the operating systems because I'm sure a lot of you guys are adopting either for your actual users or for your actual self switching over to Windows 10 from Windows 7 and actually injecting from the hypervisor and how much information the actual OS detects before like a lot of the errors and issues and things like that, it'll actually submit those. And there's pretty much anything that is getting sent home to Microsoft. I have made a way to send them bullshit. So it is a pretty fun project and I love watching the actual responses of it. So, and yeah, IP version six, how it changes spying on us, some of the real-time communication. That is some of it for as far as breaking anonymity on the web, there's lots of actual information out there for it. So yeah, screen size and browser information. That was one of my bigger breakthroughs when I was going through how they were actually tracking a lot of the details from some of the posts and get requests and things like that. Typefisting is something that, yeah, it's basically something in Windows 10. They've been collecting. I don't see any reason that they would need to do that aside from per user basis. There's some pretty cool research on people like being able to lock machines if they feel that somebody else is typing at the machine or something like that. So I've seen a couple of programs like that and a typefisting app would be able to be a pen testing tool for something like that. But yeah, I know. So we do the XML HTML injection. Yeah, and it's basically a macro-based injection. So I add the most simple version of it as Ghostwriter. If you want it to literally inject things out of a text file, you can do that. You can use some of the plugins for some of the other applications that are out there. And yeah, there's, like I said, it interacts with other programs by if they're brought to the front or if they're the selected window. And you can change a lot of the functionality with that. There are some CV plugins that people have for desktop support applications that I'll also be posting and referencing to. So, and can windows stop this in the ease of use? So it's something that I have not seen Microsoft combat any of the actual anti-typefisting or any of the hypervisor intervention. That's something where it also does a lot of really, really cool stuff like blocking some of the hit attacks like human-based device attacks. It blocks like some of the bash-bunny attacks because it basically hijacks any input, quite literally any input unless if it's a pre-detected device. So, and you can also have it released. So it's a very, very cool concept. And yeah, I'm excited to see people's feedback on it and yeah, be able to grow it and see what other people do and maybe other people can clean up the code. There's a lot better programmers out there for me. So, and yeah, basically blocking outputs from your phone. There's a couple of programs out there that are pretty nice that you don't actually have to root your phone, which is amazing. Cause I know several years ago if you wanted to delete the foot, like I know there's some guys that are computer guys and football guys but I have no interest at all in the NFL or NASCAR or some of the other stuff they've loaded on my phones. And it's just nice to be able to have, yeah, basically free ways to get rid of a lot of that information. So, and yeah, so you can generate. Also, there's a lot of applications that'll read 50 SMS messages a day or they'll read 50 emails. And they have their anti-serial license agreement or ELA 50 where they have the, they basically read your emails so that they can better tailor either your typing or your auto-completion. They'll give you a lot of examples like that but it's most likely for other uses. So, yeah, an airplane mode. Working on making, I have an HTC one or HTC 10 now and I did a PRL hack so it actually doesn't attach to fake cell phone towers and also I'm having a DEF CON mode and I'm sure a couple other people have the switch on the side of their laptop that they used as DEF CON mode before but it basically turns off your radios, does not allow you to turn off your radios. It reminds you a week before to change all your one-time passwords, call on information, so. And yeah, I'm gonna go over the actual hardware that I'm gonna be demoing here in a second and this is actually, look at the in-store tracking systems. So, heat mapping, so they track how many people walk by the store and then they see how many people actually walk into the store. Where do the people actually dwell? So, this device actually, I just ordered as many radio 802.11 compliant things I could and started slapping them on an Arduino and it's a pretty fun project. I definitely recommend you build them. You can build them for around $35 to $45 and it basically, there's a collection mode where you can collect the beacons like I was saying for a Groundhogs Day type attack or you can actually edit your own text files and then you can pop in your own beacon information. So you can basically have it look like hundreds and if you built one bigger than this or you actually got a full-blown boards on these ones you could actually build it out to the point where you could have three to 400 access points. Or beacons, whatever your thing is. And heat mapping. So there's the actual threshold. So there's basically the track people. There's classic people tracking. Awesome, okay. Yes, there's classic people tracking and it's gonna go through actual infrared. It'll count a ticker. It's literally just as if somebody was tripping an I-beam. So I actually built an infrared blocker for that. Heat mapping, my actual application when you hook it up to Raspberry Pi you can make it look like people are walking in a circle in the store and it is really, really creepy. I couldn't use the actual software because I would most likely get sued or at least get a cease and desist letter. But yeah, it's pretty interesting stuff. There's some older software that's really, really fun to see the reactions of it. So, and yeah, I'm gonna be going to the actual device that's going through here. So you can basically look at the strange responses from the actual system and it'll do some of the beacon-ing and some other device reactions. So, and this is the actual radio that we're gonna be demoing here. And yeah, this is a CB-based, so yeah, they basically, if you kill the threshold with a really, really high-powered infrared laser, you can basically, yeah, it basically makes all the actual analytics actually shut down. So after about an hour of this, it had useless data. After three hours, it literally made the entire store black like that. And it, yeah, it was pretty decent. So, but yeah, I'm gonna go into the actual demo here. Yeah, I'm gonna actually let it lay waste to the actual software-defined radio or I got a actual capture of the wireless packets. So I'm gonna go through that here in a second. So I'm gonna go into the actual demonstration and then, yeah, I'm gonna do the Groundhogs Day attack and then I'm gonna do the dwelling time attack. So it's gonna jack up all the dwelling time. And on this computer here, I will show while I'm getting this demo set up, I will actually show you, which was not that interesting about demo, but I'll do that while I actually set up the software-defined radio demo. So, and yeah, I would just like to give thanks to my work. My kids, my wife is very, very patient with me. Jesus, my uncle Stacy, for giving me my first Zenith Easy PC, DevCon for having me speak for the fourth year in a row. It's an honor and an audience for listening to me and especially when I have to bobble a microphone in front of me. I apologize for that and I can't wait to hear the trolls on YouTube on that one. So, they already said I sound like Beebe's and Butthead on my last talk because I have nervous stuff that comes out. So, but yeah, follow me on Twitter guys and definitely, yeah, thanks again audience. It's you guys are what make DevCon and I really do mean that. So, and yeah, I'm gonna kick off the demo here. So, yeah, so this one basically is a, one of the text implementations of the actual word profile. So this one is a plugin for this application here, which basically it'll go through and literally crawl all the pages. I did not write this program. It's something that I am a huge fan of supporting and I definitely want to plug it and it's something where it literally goes through and clicks all the advertisements. They used a randomness. That was something that I saw as a eventual weakness but it's something where you can now actually load your own profile in there and you can build search analytics off of actual, yeah. So, basically gonna go through here what it actually will track here. Let's see. Yeah, so you can go through a lot of the settings. It's an amazing tool and it's very, very easy to actually modify if you guys wanted to start injecting your own profile information, I'm gonna be releasing the actual app for that here soon. So, let's see. Okay, I'm gonna be powering up my radio here and yeah, I'm gonna get my Kali machine going. So, one second. So I'm just gonna get Arom on running here in a second. Here's what an idle defcon looks like. Questions too, so I'm ready to approach the microphone. Of course my screen jack's up. I can actually see it here. Yeah, we should have SSIDs start popping up and there's gonna be tons of actual beacon information going on right now. So, basically this is making, like I was saying, there's the Groundhogs Day scenario where it basically replays the same day. So you can actually capture information. That's why it actually has two radios on there that are full-blown dev boards for radios. And then the actual other smaller antennas get passed off to a delay where they will pop the beacon information that was passed off from the initial radio. And like I said, I'll be releasing the actual code for this. So, and I'm glad my demo didn't blow up and you should see a couple fake access points popping up here. And there's tons of beacon information if any of you guys have a scanner on hand. So, what's up? Oh, awesome. Sweet. I knew as soon as I booted, I hope they keep it appropriate. But now as soon as I booted up that I should have known people were gonna mess with it, but. Anyways. It works really good in stores because when you walk into a retail store, there's not usually a hacker waiting with a laptop booted up with Cali on it. So, but yeah, I appreciate you guys coming and listening to me talk. And yeah, I'm glad the demo worked this year. And yeah, thanks guys.