 So, hello, Open Source Summit. Good morning. How are you doing today? Good. So, I'm going to start my talk, and my talk is called, Hacking is Child's Play, Literally. So, I'm going to start by introducing myself. Then I'm going to talk about how hacking is child's play, and how the IoT, the Internet of Things can very easily become the Internet of threats when not secured. After that, I will do a demo and show you how to hack a smart toy car, and then I will end with some closing thoughts. So, who am I? My name is Ruben Abishai Paul, but my friends call me Rapstar. My Twitter handle is at Rapstar that you can use to tweet about this talk. I'm 11 years old, and I attend the Kelly Lane Middle School. So, all in all, God has blessed me to speak since I was eight. I've spoken in 14 security conferences. Five of them were international. I have done 12 keynotes, and I have received five standing auditions and several press and media mentions. While the media refers to me as a child hacker, I'm also known for my kung fu skills. When I was seven, I had the honor of receiving the title of being the youngest shallow-nosed kung fu black belt in America. So, as you heard Mr. Zemlin say, it all began when my first great teacher asked me, what do you want to be when you grow up, and this is what I drew is my future job. This is me laying back on my couch. This is me, this is my hack going through the cloud. This is the other computer's firewall with holes in it, and this is the other computer getting ponded. So, I'm also being made into a comic, which I think is really cool, and it's called a Cyber Ninja by the Hackers Group, and as you can see, even Tux is featured in it, so that's really cool. And here is a scene from my comic for you, Mr. Torvalds, and it says, I love Linux. So, now to the main topic, how hacking is child's play? So, what is hacking? Hacking is what hackers do, but then who is a hacker? What is the first image that comes to your mind when you think of a hacker? Is it anonymous? Mr. Robot? Crash and burn? Their crime was curiosity? A programmer? But how many of you thought of your kids? In fact, by the way, this is a picture of my little brother, super cute. He is already starting to show signs of technology and interest and cybersecurity. Here are two quotes that I think really capture the essence of who a hacker is. The first is, the hacker way is an approach to building that involves continuous improvement and iteration. Hackers believe that something can always be better and that nothing is ever complete. Can you guess who said this? Anyone? Nobody wants to guess? Come on. Okay, the founder of Facebook, yes, Mr. Mark Zuckerberg. The second one is, a hacker to me is someone creative who does wonderful things. The person who said this is the inventor of the worldwide web, Mr. Tim Berners-Lee. So, by definition, child's play is an extremely simple task or act. And by the security breaches we hear on a daily basis, we can know that this is true. And so, how is hacking child's play? Hacking is child's play because of the changing landscape of technology. Technology that makes our world connected. Here's a drawing I drew to illustrate how connected we are. We are highly connected within and going to the outside world. The IoT, the Internet of Things. The IoT is now a very big thing and the IoT, by definition, is a connected network of physical devices that use an Internet protocol for communication and exchange of information. In short, the IoT is an Internet network of physical devices. And as you can see in this picture, from airplanes to automobiles, smart phones to smart homes, spanning several different industries, including retail, energy, entertainment, healthcare, transportation, and even the military. Speaking of the military, I read in a computer world that autonomous killing machines were being developed for military advantage. And that same article also expressed that a big threat to this is hackers. So while the era of the terminators is not far from reality, we must also recognize that the possibility of a digital world war isn't either. I wonder if World War III will be fought with bits and bytes instead of missile heads, and I sincerely hope that day will never come. Recently, in the past May, I spoke at the International One Conference where I keynoted and did a demo on how to hack a smart toy teddy bear and where I turned it into a remote spying device and could basically record secretive conversations. I did that later in August this year with the CIO of the DIA and I co-keynoted with her, showing the same attack and at the Department of Defense Intelligence Information Systems Worldwide Conference. I certainly, I've never done a TED talk, but I certainly have done a TED eTalk. So now to get to my demo, how hacking is really child's play? So meet Rev. What I have with me are three smart toy cars. Yes, I can count. I'm only holding up two, but basically this is how it looks, and I'm going to leave this down. These smart toy cars, the way they work is they connect to an app on your phone, and you can connect to it and you can race around or you can fight. Now, for time purposes, I can't, but I would have called my little brother up to help demonstrate how he can fight. But for those of you who don't have a cute sibling at home to play with, there is an autonomous feature in these cars where one car tracks down and chases the other car. So here's how we hacked it. And while the AI has a very distinctive advantage against the other car, so it's extremely hard to win against it. So you either have to become an expert at playing the game or you can do what we did. We hacked it. And here's how we did it. We put a sniffer in between the app and the car. And by the way, I drew this picture yesterday. So we put a sniffer in between the app and the car. And we basically sniffed a bunch of Bluetooth low energy packets. And we analyzed each packet to understand what was going on. Here's an example of a packet that we saw. When the car was connected to the app, we basically had to, there was a series of values that made the car come online. And here's a very important value. So pay attention to that one. The next thing that we did is we used a rogue device, a Raspberry Pi, to become a man in the middle. So RPITM, Raspberry Pi in the middle. And we basically connected to the hacker car and finally made that. We brought that into battle and showed how that had the advantage. Let me get a visual. So what I'm going to do now is I am going to, what I have with me is my phone. And I'm basically mirroring it on my screen, on the right. And going to go to the rev app. And on my left, I have a Raspberry Pi, can you see that all right? I have a Raspberry Pi terminal and I just SSH'd into it. And on the right, I'll be using that for something else. But basically right now, I'm going to take two cars. As you can remember this, the black car is going to be in manual mode, so I control that. And the white car will be in autonomous. The manual will turn blue and the white will turn green. So I'm going to turn this one on and connect to it. As you see, it has just connected. And I'm going to put the other one in AI mode. And now I can drive around and fight. As you can see in the middle is the red health of the enemy and on my side, the green is getting, is my health. As you can see, it slowly will decrease if it shoots me. There you go. It's decreasing now. So I'm going to pause that and show you how we hacked our third rev car. This gray, the gray hacker car. So what I'm going to do first is I'm going to scan for Bluetooth low energy devices in the network to try and find my car. So I'm just going to do a HCI tool, LE scan. And that's a lot of devices. So if you're trying to turn off your Bluetooth, it's too late. I think I see a Fitbit and Apple Watch. So I'm basically going to connect using the Mac address and interactively connect. So I successfully just connected to the car. And what I'm going to do now is I'm going to scan for the main services. Now, these first three, we looked up on Bluetooth specs, and we found that they are specific to the manufacturer. Or no, the actual general access and general attribute. It's for communicating between the car and the app. The rest actually is specific to the manufacturer. So we'll have to dig deeper. So to dig deeper, you can see the characteristics, which is basically you can think of properties for the services like read, write, notify. So basically I'm going to see those. And we get a bit more, and we can actually go and see the descriptors of those characteristics. And we get a lot more. So when we came online and you heard the beat bopping when the car connected, it actually gave a series of values. And one of the things that was being checked was this handle 21. So I'm going to just read that handle. And we get this long string of hex values. Now, what I'm going to do is I'm going to get everything that's not a zero, because we know that if it's zero, then it means nothing. And I am going to just copy all that and actually use Python to decode it. We're just doing byte array.fromHex.Decode. And we get rev10804. So that is the same car that we connected to in the beginning when we searched for the MAC address, rev1084. So that is it. The next thing that I'm going to do is when it was connecting up, we found another value that was being written to command 0x17. And as you can see now, can I get a visual? As you can see now, the hacker car is the cyan blue color. As you can see, this car is a cyan blue color. And I'm going to change it to make it a pink color. So I successfully just changed the color. And basically, 8-4 is for color changing, and 0-5 is for a specific color. There's an enumeration. The next thing that I'm going to do is I'm not just going to change the color, I'm going to drive this car. So I'm going to do 7-8-1-f-0-0. Now, this is for actually driving. 1-f is for driving forward, and 0-0 is for the angle. So if I put that down and drive it, nothing happens. This is because the car hasn't been fully turned online. And what we have to do is we have to do 9-1-0-1 to bring it online. Now, I think it's really cool because if you hear it, it silently comes online. And I can just run that command again to check. And as you see, we have successfully just hacked this car. We can now actually drive backwards, and I'm going to drive forward or just push it up, and show you how this would work in battle. So I'm going to resume the battle and show you how this would work. Now, I'm going to run the missile command. This actually has a shoot command where I can shoot it. So I'm going to do 9-5. There you go. I'm going to do 9-5-0-0-0-4-0-1. And I can actually, oh, it is disconnected. Yeah. I'll just move all them closer. So now the white one is in manual mode, and the black one will be. So I'm going to run and pausing it. And then I'm just going to connect through this. There you go. And I am going to go and send the missile command. And after that happens, I'm going to enter. And as you can see, we just successfully shot the other cars. And one thing that I want to show you is I'm going to turn off the autonomous car and just have the manual lined up against this. And if we try and shoot this car, the manual against the hacker car, it won't work. So the hacker car kind of has an invisible force field. Because not all the parameters have been set to have been set and fully brought it online. So what I can do now is I can actually shoot, change color, and drive without being able to get shot. So one of the things that I could do is I could change this to make it the same color as that. To make it, I don't know if you can see that, but it is both now. Wait, it's both now blue. It is both now blue, so it looks like an ally. I can also change it to make it look like it is fully turned off. But it is still, it can still drive forward and shoot. And basically, I can also send a silent missile command so it's full on stealth. And you don't hear it just you hear the manual car receiving it. And basically now I would write a Python script to just keep running this over and over again. But now it is game over. Back to my presentation. So that's the live demonstration. And meet Robotic Exploded Vehicles. So now in closing, remember how I told you I was known for my cybersecurity skills and my kung fu skills. There's a reason I said that when kids all over the world started to write to me and ask me with the help of my parents, I created Cyber Shall Lin, a nonprofit organization that strives to educate, equip, and empower kids and adults with the knowledge of cybersecurity dangers and defenses. I create short, little educated simplified videos for kids to make it easier to understand cybersecurity. And I'm planning to make more technically advanced videos as I get break from my sixth grade homework. And but basically we need your help. We need you to get involved, volunteer and or donate. So if you can, please talk to me after this conference or after this talk if you want, if you want to help. So now let's get real impersonal. While you may have thought that that's just hacking a toy. This is something insignificant. It really isn't because these same technologies are going into real world applications, such as industrial control systems, autonomous vehicles, drones, and droids. So it's very important. And if we don't secure it now, then your kids, your sons, your daughters, your nephews and your nieces will grow up with this insecure infrastructure of security. In closing, let the IoT not become the internet of threats. And hacking should not be child's play literally. So thank you. And my contact information is proven at cyberchallenge.org. I want to thank my God, Jesus Christ for the gifts he has given me. He has blessed me to be here. And without him, I would be nowhere here. In Proverbs 622, it says train up a child in the way you should go. And when he is old, he will not depart from it. I want to thank Miss Angela Brown, Mr. Jim Zemlin. I want to thank Miss Jillian Hall and Miss Cara Foil. And you have just heard about hacking as child's play literally, which it should not be. And thank you. All right. Here. Oh, hold on. Stay up here for a second. I want to talk to you. This is why I didn't do a keynote this morning, because I didn't want to be shown up by this amazing speaker here. You know, Ruben, first of all, that was really amazing. I mean, imagine if those were real cars on a real road. I think that is your point. But I want to make a deal with you. So a couple years ago, Lena Storvalds and I were talking on stage about cybersecurity. And about a program that we have at the Linux Foundation called our Core Infrastructure Initiative, where we're trying to work with open source projects to create a culture of secure coding, right? So less of that shoddy code that you mentioned. And one of the things that Lena said was sometimes when you're a developer, it's hard to think like a hacker, somebody who's outside trying to get in. And we would love to have you work, you know, not only with Lena's, but with our Core Infrastructure Initiative to help us think differently and see the world from your eyes. So if you would like, we'd love to have you involved. Thank you. All right.