 All right, my name is Tom Wilhelm. I'm going to be talking about hacking with the iPod touch. This is going to be a little bit different than what you guys have seen already today. Some of the objectives for this is I'm going to talk about my personal experience so you have an idea whether or not this talk actually makes sense or totally blows. But we're going to also be talking about jailbreaking the iPod touch. We're going to touch on it very quickly, because most of you guys have probably already done this. We're going to talk about using the iPod touch as a pentest platform. When we get to that section, we're going to talk about it as a computer, not necessarily as a hacking tool. That's the next one, the hacking with the iPod touch. We'll talk about that, and we'll talk about the different steps that occur during a penetration test and how the iPod touch actually responds to that. And then we're going to talk about the iPod touch as an attack vector. It's got some benefits that you guys are going to probably already be aware of, but we'll go over those as well. And then there's going to be the conclusion where I'll just wrap everything up. Personal experience, I'm actually a paid professional penetration tester. I work for a Fortune 20 company where we do internal and external penetration tests. We do system attacks. We do code reviews. We do architecture reviews and attacks. So basically, we cover everything that is available under the sun, really cool stuff. I get to work from home. So yes, I hack in my underwear, which is awesome. So I've got some certifications. Thank you. I got some certifications. Now we all know that that's primarily fodder for HR, but I put them up anyway. So if anybody has any questions about that, I do get a lot of questions about how things are going to progress as far as the industry. And that's the topic I can talk for hours on. I'm also an associate professor. I teach at a local community college, a technical college, where I do information system security, both at the undergrad and the grad level. Excuse me. Anyway, now that you guys know that, I will let you know that anybody who leaves early will be deducting karma points on your life. So if you don't reach Nirvana, then you'll know why. There'll also be a participation in this a little bit, so make sure you get your points for that too. I've got a couple degrees. This is the academic side of me. One in computer science and one in management. It's actually primarily project management, which helps my current role as well. I'm a doctoral student. I'm working on a PhD, I'm a year in so far, working on a PhD in IT, with the emphasis on the information, assurance, and security. I'm also an author. And that pretty much consumes the rest of my time, other than what my wife can eke out of me once in a while. But these are the books that I've written for, the one that's on top there, that's coming out in a few weeks, professional penetration testing. I'd appreciate you guys if you could just take a gander at that and see if you're interested in buying it, because I've got a brand new hobby, it's home brewing. So any money that you guys spend towards the book will definitely be going to a very good cause, drinking and making beer. All right, let's talk about jailbreaking. There's some legal issues that we're going to have to talk about in this class. And then we're going to talk about what class, see? Sorry. All right, jailbreaking tools also we'll talk about. But I want a quick show of hands. How many people here have an iPod touch or phone that they've actually jailbroken? I would say 10 to 20%, probably closer to 10%. All right, how many people have an iPhone or an iPod touch that they have not jailbroken? Wow, that's a lot more. What's some of the reasons for not doing that? Just out of curiosity. Lazy's one, I heard illegal. Who said illegal? What's that? Stability. That's one issue that, what's that? Codesigning. I can talk a little bit about that. I did hear somebody said, what's that? I'm sorry? OK, it sounds like primarily stability is the biggest issue that most everybody has. I know that somebody said, legality. I know it. Nobody's going to fess up? Well, obviously we got somebody from Apple here, so. We'll find you guys later. All right, some of the legal issues. The EFF proposed an exception last year. And the talk has already been done. And I unfortunately missed it. But I'm sure it was outstanding, because lawyers are really great speakers. Anyway, they proposed that there was a class, or a pros and exception, to the copyright law. Basically, they were asking the copyright office to allow circumvention of an application on a phone. When it's accomplished for the sole purpose of enabling interoperability, basically you get an application. You want it to run on your system. You should have that right to be able to do that. That's just from what I understand. Of course, I'm not a lawyer, so thank God. All right, what Apple came back with, and they said that they were opposed to this. And this is when they actually took a stand on jailbreaking. And they said that it would actually result in copyright infringement. I'm not sure I understand the logic behind that. But they also said that there's potential damage to the device, potential harmful physical effects, adverse effects of the functioning of the device, a lot of people have already talked about. And then there's the breach of contract. Now, what's going to happen? That's a very good question. In October, the copyright office is going to make a decision based on the proposition that the EFF put out there. Now, even if, from what I understand, even if the copyright office comes back and says, you know, the exception is appropriate and acts it, or whatever they do, there's still some license agreement issues as well. Now, I put up here on the link. If anybody does the same thing I do, as soon as you get that little big, actually, it's a big wad of paper that's got your license agreement, you pitch it. That's what I do. I'm sure that's what most people here do. For those that have done that, there are PDFs online for you guys to go to and actually read this. If anybody does, let me know. Actually, you know what? Don't even let me know. If you got that much OCD that you really want to see it on PDF form, that's one thing. Now, basically, the biggest problem I typically have with the license agreements is that they're extremely boring and bereft of a soul. And speaking of that, I'd like to just kind of go off on a tangent real quick and talk about lawyers. We were at the EFF fundraiser the other day, me and my wife. And it really kind of hit home. It was interesting. I don't think we give, as hackers, we give the lawyers a lot of credit. If you think about it, what we're doing in this room is we're talking about hacking a single device or attacking other systems. These guys hack society. So I mean, they're talking about doing something here that could impact us in the long run. And so I really think this is in a plug for them. But I think that we need to start really pushing and basically emphasizing our viewpoints on a lot of these laws that are being made. I think the EFF is obviously one of the better organizations. So anyway, I just wanted to say that. I will go off on tangents a lot. My students, there's a few of them actually in here. They know that. And I'll eventually get all the slides in whether or not we accelerate real quick. But if I go off on tangent, I'll try to get back on it. Now, because things have still haven't solidified in the laws, we still are having some problems dealing with some bad laws. In the, if we jailbreak the iPhone and we actually use it for hacking, we encounter some additional problems, legal issues. Just the iPhone and iPod touch as it stands right now if you don't jailbreak it, there's not a whole lot you can do as far as network sniffing or attacks or anything like that. It's pretty well neutered. It's very tight. Once you jailbreak it, then you open yourself up to a lot of other hostile laws. And some of them are actually pretty bad. I like to put this guy back up here on occasion, because all he did, this is the Sierra Corporate Design Incorporated versus David Ritz. All he did, he's basically, he looks for spanners and tries to get some information on him and get him shut down. Well, he did a DNS zone transfer. That's all he did. And he did it at a command line. And because he did that, the judge in the case decided against him and that he basically conducted an unauthorized attack. So he ended up getting, there was a $63,000 judgment. So we're having to deal, even just by jailbreaking the phone, we have some other issues. Now, if you remember, you know, we all know that as soon as you turn on the wireless, a lot of these devices just start trying to connect to networks. What kind of legal issues are we're dealing with? That's something that we're really going to have to tighten down to. It goes back to the topic about supporting the EFF and making ourselves known that these kind of laws are really dangerous and just don't really make a lot of sense. Anyway, now that we talked about some of the legal issues, let's talk about the actual tools. I used for mine. I know there's more out there, but for my iPod Touch, I used QuickPone. And I have the iPod Touch, the first generation, I guess, is what you would say. And so this software was perfect for me. These are the different phones and the different things that they're going to talk about that they currently hack. And I think that the second generation is coming around to, I don't know if they finish that or not, but that's not really a big concern of mine. What gets installed originally when you do the jailbreak? There's a SIDIA, and then there's also another program called Installer. And the first thing that you'll want to drop on there is a open SSH in order to be able to communicate directly with the operating system. OK, we're going to talk about this section is talking about the iPod Touch as a computer. And whether or not you want to actually move your attacks onto the system to conduct your attack. So first, let's talk about the operating system. The kernel that I'm using is 9.4.1. I think it's up to 9.7 or something like that. It's actually open source, strangely enough. It's POSIX compliant. And it includes a lot of code from FreeBSD. That's what originally caught my eye with this. I've always been interested in having like a PDA that actually was a computer that I could do stuff with. And so that's why I actually ended up buying the iPod Touch. And I was an avid hater of Mac, but now I own a Mac and I own an iPod. So they're sucking me in slowly. I feel my soul being drawn out too. So the interesting thing also is that it's actually UNIX compliant according to the single UNIX specification. So after going through this and messing with it personally, I came to the conclusion that what we really have here on this iPod Touch is a UNIX system, not just a clutch of different stuff thrown together. They actually put together something that we could use as a community to do stuff with. The next problem that I addressed was, OK, so I've got an operating system. Well, what is its capabilities? I mean, if it's totally neutered and there's nothing I can do other than just run applications, games, and stuff like that, then it was going to be worthless. So there had to be some sort of development behind it. There had to be some sort of ability to expand it and add the stuff that I needed to do. Well, Sedia is actually a port of the Debian app. And it has 30-plus repositories. And it's got hundreds, if not 1,000, at least, different applications that you can put on there. And for those that will probably duck out during the conclusion, I put a list of all the applications that I have on the second to last slide. So you guys got to hang around. But we'll talk about those just a little bit as well. But we'll talk about some of those as a subset. There are a few applications that are useful from the Apple iStore. So don't hesitate to look around there as well for a lot of your applications that you want to put on there. So I said I need to be able to get applications. I need a good solid operating system. I can also develop on this. I can compile code on this. In fact, when we do talk about some of the different applications, look for little asterisks. Those are the ones that I either had to compile or had to just install myself. And we'll talk about the code signing at that point. But you have the ability to do the GNU compiler on the iTunes, or on the iTouch, an iPhone. It has most of the headers you can actually download from SIDIA as well. The one that I ran into that wasn't there was the Telnet header. But you can actually get that from Apple itself and download for free. But that's like three gigs. It takes a lot longer. But there is a way to just download the headers and start compiling straight off the iPhone. You can also, there's also the ability to install some of these different programs. The scripting language is like Perl and Python. You can even do Ruby, Ruby on Rails. And of course there's a bash shell in there as well. You can load up other shells as well, C shell or whatever. So now from a system administrator perspective, I've got everything I need together in order to be able to manipulate this system to actually start hacking. There's some additional network tools that made it even better. Open SSH, we already kind of talked about that. There's some iNet utilities as well. FTP, it doesn't install RLogin. It allows you to connect using RLogin. Tribule FTP, Telnet, things like that. There's also some network commands. There's ARP, NetStat, TracerOut, WGet. I mean, you can't complain about that. And here's some other cool ones. At this point, once you start looking at this, you'll start expanding your mind and seeing what kind of potentials there is. You can change your MAC address on that. That's pretty cool. You can also install STunnel on there so you can have your secure tunnels and also TCP dump, which really becomes a big boon later on. As a usability issue, the iPod is really small. We all know that. I got big meat sticks, so when I'm trying to type a lot of that stuff, it just goes, my thumbs go all over the place. So this just shows you a picture of the screen. It's only 13 lines and 57 characters across. You can start manipulating it to get the letter smaller. I'm wearing glasses so that makes it painful. There's some other things you can do, but the actual keyboard takes up a lot of the real estate of the device. As you can tell there, there's not a whole lot. And when it starts spewing out, especially the Nmap stuff, you just can't keep up. So one of the observations I'm gonna make right now is that if you're going to do anything with the iPod Touch, it's better to do it remotely than to do it right on the device. From a social engineering perspective, you'll want to use the iPod Touch directly because we'll talk about that in a minute. People will just assume that you're texting and that you've got a lot of friends. So all right, now let's talk about actual hacking with the iPod Touch. Now for those that are here that expect to learn how to hack, it's not gonna happen. What I'm gonna do is I'm gonna talk at a high level of some of the tools that we're gonna, that are available to use on the Touch to do actual hacking. But we're not gonna get, this isn't a class on Nmap or Metasploit. Saturday I'm actually looking really forward to the Metasploit track myself, but we're just gonna go over some of the high level stuff. Okay, before we get going on that, I wanna talk about some of the tools that I uploaded and some statistics on it. Out of the top 20 tools that's on sectools.org, I got nine of them installed. Some of those 20 are actually redundant. So it doesn't give you a clear picture. Basically a lot of the stuff that you'll want, you can put on there. I installed John the Ripper, there's a little asterisk, I told you I had to do it myself. Use it as a benchmark to see how the performance was. Use the MD5 and it turns out with the MacBook Pro, you get 7,600 hits at a time and the iPod touch is basically quite dramatically less. So as far as a powerhouse, it's not. But in a lot of cases when you're doing like a Netcat or something like that, you don't really need the power behind it, you just need the connectivity. Okay. So in the information gathering phase, we've got some tools that are pretty obvious. There's Safari, which is built in. You also, for the hardcore guys out there that like links, you can actually install links. That stuff gives me a total headache, so more power to you. Nmap is on there. It was one of the first tools I think that was installed or built. And of course you can use it during this phase to do some foot printing and some banner grabbing and then we've got Telnet and Netcat that's on there. We can actually use it to verify and enumerate all of our findings previously. So when we go to vulnerability identification, there's actually a gap. There's not a whole lot of tools out there that will do this. Nessus is obviously the first one that comes to mind, but there's also core impact. And there's a few others. Well, there's nothing that's been ported or nothing that's easily ported to the phone. I know that Nessus, you can set up a client, do it all command line. And that was one thing that I was thinking of doing. But I do know that from using core impact, I could probably use or set up a remote shell and use it to pivot attacks into the network. So I don't think that's too much of a stretch, but there's nothing directly on the iPod touch that you can use. Now, we can get in the argument about vulnerability identification primarily for low-hanging fruit. There's a lot of stuff that you can still do. You can still obviously grab all your code off online and compile whatever you need to do to do your attacks, including fuzzing and stuff. So vulnerability exploitation. Metasploit has been available for installation on the iPod touch and phone for almost a year now. And basically, if I remember right, it's there's Metasploit framework three. So you can exploit the code. You got exploit code, excuse me. And you also get the shell code that you can push onto the system. One of my favorite tools is Scapey, that's a packet manipulation. You can do whatever you need to do if you want to get down to the hands-on part of this type of an attack. On web hacking, you can install other programs called, one's called Nikto. I used, it's basically a web server scanner. It's going to give you some, basically just goes out and looks to see what it can find on the target. But then I also installed Medusa. I tried installing Hydra. Hydra was having a real bad problem getting it on there, but Medusa seems to work actually very well. And it basically will do brute forcing. I mentioned it at the web hacking as well, but obviously you can do it across a variety of different protocols as well, not just web hacking. Here's a cool one. I'm going to take a minute on this one. Recently there's a guy, I forget, I got the URLs at the end there. Pyrny is an application that does ARP spoofing and network sniffer. It also has the ability to filter the traffic at the command line when you launch this thing to only grab certain data. And in this case the example is to just grab the TCP destination port 80. We also have John the Ripper, I'm going to go back to Pyrny in a second. We have John the Ripper, which does the password brute force attack and of course Medusa again. Now, on the Pyrny there was another application that some of you guys are probably familiar with DSNIF. And that's actually been ported as well over to the iPhone and the iTouch. And that seems to work pretty well. It's not something I've used with any great extent, but Pyrny has been working for me, but I know a lot of people are more comfortable with DSNIF and so you just basically do your ARP spoofing and then you start capturing data live as it flows across. When you want to maintain access after actually exploiting a system, there's the Netcat and then there's OpenSSH, so you can do your reverse shells and new shells. The Netcat obviously can do additional things too and we'll talk a little bit about that in an example, where you can read and write data across the network and it also provides the back doors and file transfers. And then the OpenSSH which provides reverse shells. Now, here's the biggest problem with iPhone is actually if you turn off the phone, you're dead. You don't have your SSH connection or any other stuff. So in order to keep your system alive and be able to do all this stuff, you have to keep it turned on. Now, there's some other cool widgets that you can install as well that what I use to extend the life of my battery is since I have to leave it on and the screen is actually on, there's a dimmer. You can actually dim it all the way down till we can barely see anything and that will extend the life of the battery dramatically. So this has been my biggest problem, is keeping the processes alive and then also trying to do multiple processes. If you're doing things remotely, it's a little bit easier, but doing it straight from the iPod touch is dramatically more difficult. All right, in this section, I'm going actually pretty fast here, so I know that there's some other people gonna be doing a lot of AV stuff coming in, so I might try to give them additional time or at least get some questions out here. Okay, iPod touch as an attack vector. I've got two things I got to prove to you. One is that iPod touch actually works like a computer and the other one is that it works better than a computer. When I wrote the original write up for this talk, I included that we were gonna do some attacks against some real systems. Well, people get nervous when you actually ask them to be able to put up data at DEFCON on some of their systems, so everything here that we're gonna talk about is hypothetical, okay? Hypothetical, we got it. That's the mantra. All right, some of the advantages of the iPod touch is that it's small, compact, and nobody really has any fear of it. You saw the number of hands that were up here, just, there's a lot of people that have the iPhone or the iPod touch. I personally like the iPod touch because it gives me a little bit more flexibility as far as network connectivity. But you walk into any place, let's just say a bank. You walk into a bank with a laptop, people start looking at you, you walk into a phone, you can sit there for an hour or so, just doing nothing but twiddling with it and people are just assuming, like I said, you got a lot of friends, you know, the Twittering or sending off messages. Some of the disadvantages are that there's a power issue and that it's only wireless, specifically the iPhone touch has, especially the version I have, has no real way to provide connectivity for other systems to connect to it and I can't directly power into a local area network. The price itself for the one I think the base price is $299 for the iPod touch, which is more than I actually paid for my APC, which I've actually used to do some penetration testing with as well. But so it can be considered a little bit more pricey but the trade-off is the size and the fact that nobody gives a flip if you're messing with your phone. So it's a big difference. Okay, so the iPod touch versus the laptop. Like I said, most people just assume that what you have is a phone instead of an attack vector device. And a lot of people, probably even after this talk, will be totally unaware that you can do anything as far as malicious with an iPhone. Texting is socially acceptable and it's compact, easy to hide, which really comes into play and then of course there's another application out there that allows you to hide your applications themselves. So I've got on my system, you know, like Sedia and Touch Term and all those other things, I can hide those with a specific application. It's called iPod. Basically it pretends it's a computer. Okay, I'm docking all you guys that are leaving right now, so you know. All right, so you can actually make it look like your phone is unjailbroken and people won't be too suspicious if they take a look at it. All right, so iPod Touch as an attack vector. This way, this is part of the description where it actually works like a computer. Again, it's all hypothetical, got that down. Okay, so we can intercept data specifically with iPod Touch. It can provide ARP spoofing and then collect the TCP traffic. So in this case, I ran Pyrene and I basically created a PCAP file called It's Not Caesar's Palace. The IP addresses and everything haven't been changed for the innocent because this is all innocent anyway, right? All right, so once that data gets stuck on my iPod, I want to be able to transfer it off somewhere. I don't have the ability to run Wireshark on iPod Touch, so I have to actually drop it off to another system somewhere. So I can simply use Netcat to push the Not Caesar's Palace PCAP file onto another system somewhere in another network. Okay, once I get it there, obviously you can do a lot of things with it. You can specifically look for passwords, user names and stuff like that. But there also seems to be a lot of fun stuff that shows up once in a while. So actually, this is a clip from a hypothetical chat, so I don't know how many people can read it, but the fewer, probably the better. All right, so now we've got the ability, we've got a system in an environment that is collecting data and pushing data back. Well, it can also set up a reverse shell so we can have access to that system at any time. So we'll throw up another Netcat. I'm a big fan of Netcat. I wrote a chapter for Netcat called the dark side of Netcat, so I'm kind of like it, like it a lot. Really old school, but still a lot of fun. And I don't care about the, there's an argument about, well, it's not encrypted, you're pushing data across. Well, they didn't encrypt it in the first place. I'm pulling off port 80, so if they don't care, I don't care. So I'm pushing the Netcat, and I'm basically allowing it to do a reverse shell, so as soon as it connects back to my system. And of course you can script all of this stuff to do it on the hour or stuff like that. So you can just basically be hands off. You can really have it in a remote site and be somewhere else and still have access to it on a regular basis. As long as the power doesn't die. Now, why does it work better than a computer? Well, stealth, that's really the big thing. You can hide it anywhere. I mean, when you start thinking about it, these things are really teeny tiny. I mean, they can go in drawers, they can go behind coffee machines, they can go all this other stuff. But my favorite is duct tape. The, try to go a little low tech, right? So I found out though that you don't want to actually use duct tape on the iPod because that glue sticks for a very long time. So I found out, you just use those little baggies, you know, throw it in a baggie, zip it up, and then tape that to the wall or whatever. Now, what can we do with the duct tape? We can surface mount the thing. My favorite location is actually behind pictures. So, I mean, nobody ever looks there. You can do it underneath the table as well in the conference room or something along those lines. And if I don't say it, remind me, I wanna talk about the difference between iPhone and I touch that there's some additional vectors that you can use with that, but just keep going here. So what else can you do with the duct tape besides surface mount? We can hide things that you don't want others to see. Plus you can also, it will stick to anything. Now, I know a lot of you guys are still catching up on your notes. So I'm gonna actually leave this up for a minute because I don't have a picture of actually duct taping the iPod to the wall or behind the picture frame. But I mean, start thinking about some of the things that you can do. I mean, it can go anywhere, like I said, behind desks, behind computers. It doesn't really matter. The primary thing you're gonna want is a power source. And we'll talk about that here in just a second. So everybody got caught up on the notes or do I need to leave up a little bit longer? We're good? Okay. Oh, by the way, my wife hasn't seen that slide yet. So if I don't make it to the Q and A, you don't know why. So, and I also suspect that I'm gonna have a Q and A for each of my slides later on too, independent from what you guys are gonna be dealing with. So, all right, here's a better idea than duct tape. After messing with that for long enough, I decided to put together a little something because I'm lazy and I hate messing with duct tape and this was kind of convenient. Now, what we have here is we have, basically, less than $10, I take that back. The box that you see up here and the thing that's laying on top of the iPod, that was less than $5 with the plate that's on it. And then I bought a USB power supply for my iPod. And basically, the idea was is I should be able to conceal this thing and just put it wherever I want to. Because it's got an outlet and because it's plugged into the iPod, I can just find an outlet and put it on there and most people will not even mess with it because it's a covered outlet plate. Something you won't see in here is, if you look, yeah, you can't see it, thank goodness, is the USB power supply. Well, it didn't fit perfect, so I started sanding it and I basically stopped when I could see most of the wires. I don't know if that's a fire hazard or not, but it hasn't gone up in flames yet and so. All right. Here is a picture of it actually attached to a wall. Now, you see this stuff all over the place. Now, what I've done is I have my iPod touch in there. I have it powered, so it will not die. I plug it on to the wall. I walk away, it sets up a script to do a reverse shell every hour to my system and I just start hacking away. It has to auto-connect to a network, that's a problem. If I don't get a network, we already talked about that, then I might be hosed, but if you think about it, there's a lot of wireless access around there and if you can't pick up one, you might be able to pick up something else. The other problem that I encounter is that in an organization, their wireless network often doesn't connect directly with their internal network. So that's a problem as well, but at least I'm in the facility being able to communicate with a device that is secured up against the wall. Now, I find that's true in the larger monolithic organizations and the smaller ones. That's not true. You can pretty much connect straight to their wireless and be in their internal network. Okay, so that's why it works better than a laptop. I've got quite a few more minutes here, so I'm still doing good. I'm gonna give some personal thoughts, I'm gonna expand a little bit. I wanna do some shout-outs, I'm gonna get a reminder and I'm gonna do the listed tool so YouTube people are leaving right now, there's just another couple points off. All right, remember, there's good stuff all the way to the very end. Is the iPod Touch a worthwhile hacking platform? We're gonna talk about, could it be better? iPod Touch versus iPhone and what does the future hold? Let's go back, sorry. Okay, worthwhile hacking platform, absolutely. I think that the biggest problem, though, is that there is no support. Obviously, Apple's not gonna say, yeah, you gel broke your phone, yeah, here's some patches for you to buff up your distribution that you've decided to hack up yourself. So from an industrial side, from a professional side where I actually get paid to use these tools, I can't use this, I don't have the support behind me in order to be able to apply this. Obviously, it'll catch a lot of traffic of customers that sensitive data and we wanna make sure that we're using something really tight. For a hacker perspective, it's awesome. I mean, there's no reason why not to use this. Okay, what could be better? There's a few things, obviously, it would be nicer if there was the ability to actually connect to a local network. And I'm hoping that there's been talk about being able to do that directly using your USB or using another jack or something like that, but we'll see how all that plays out. Right now, like I said, it provides some complexity simply because everything you have to do is going over a wireless network. iPod touch versus iPhone. The iPhone is an interesting device where it includes the ability to record audio and record video. The newest editions of the phones have the ability to do the video, but there's been a Sedia distribution for many months where you can actually do video using the older generation iPhone. There was a recent event where discussion, I guess, where some people were talking about shoulder surfing is no longer a threat or it's a minor threat, but this basically would allow people to shoulder surf a lot easier than what we're doing now. I mean, I see people type and it's hard to keep track of what they're doing, but it'd be nice to be able to record that and go back later. One of the other features is that there's no light telling you that you're taking pictures. There's no click, there's no nothing. So you have a device that you're playing with, messing around with, and you're able to record anything and everything that's going on in that room at the same time. Now, the other thing is that there's the audio part too. A hacker or anybody can record conversations. All they need to do is a little bit of duct tape and slap it up underneath a table and start recording. In Colorado, the law is that one person that's part of the conversation has to know that the recording is being made. That's the extent of it. From a hacker, do you think they care? So the iPhone itself has some additional features that I would love to be able to take advantage of using the iPod Touch as well. And there's also rumor about that. So we'll see how that comes around. So what does the future hold? I think that these types of devices are going to be widely accepted. I mean, obviously there's a lot of people in this room that are ecstatic about the ability to use this. Oh, I forgot to talk about code signing. I'll touch on that later. Anyway, catch me at the Q and A. We'll talk about code signing, I'm sorry. The future holds is that these things are going to become prevalent and eventually we're going to see the same kind of functionality all the way down to much smaller phones like this. And so all anybody has to do is forget it, get picked up, turned into lost and found, and then it'll be sitting there collecting data for who knows how long. So it's going to get cooler, is what I'm saying. All right, shout outs. The DC-303, those guys are an intense group. I haven't given them enough credit, but I've learned quite a bit from them. They're primarily the capture of the flag group is outstanding. There's also Colorado Tech Security Club people here as well, Sudosu, and of course my family. I got my wife and my daughter here. My daughter was nine years old and so we're trying to teach her to hack early then later. She picked up her first, thank you. We picked up her first set of lockpick tools today, so we're still wondering about the hardware hacking and whether or not those fumes can really do brain damage but we'll figure that out later. And then let's talk about some links. There's, if you guys are interested, I'm going to post these slides that are a little bit different than what's on the disk. If you go to forms.herit.net, you can get them. You will be able to get them by the end of this weekend. QuickPone is one of the outstanding applications that you can use to crack your iPod or iTouch. Sedia, that's where the guy who developed Sedia is there and of course developer.apple.com. I definitely wouldn't want to exclude them. There's a lot you can do with iPhone even within the legal boundaries that they lay out. General reminder, beer, good. And then here's a list of the tools that I was able to get on there. Some of them that are interesting, let's see. Well, I'll just leave this up a little bit. Basically, anything you want to talk about or want on a Unix machine, you can pretty much get it installed. And like I said, these are, that list up there is primarily those that are available to download automatically through Sedia. Click it, it's installed. There's no hassle, no fret, no worry. It also does updates too, so when they do an update to the repository, you get notification, you can update it. All right, and then there's also, like I said, I installed John the Ripper, Scapi Medusa. Now, I would like to thank you for attending. We're gonna have a Q and A session afterwards and we'll have Punch and Pie. So, thank you very much.