Announcement

Collapse
No announcement yet.

Tamper Evident Contest: Announcement & Sign up thread

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Tamper Evident Contest: Announcement & Sign up thread

    Tamper Evident Contest For DEF CON 21

    First, we just wanted to say thank you for being interested in Tamper Evidence and being a part of the community. For the TEC this year Stits, a long time contributor to helping run the TEC at DEF CON is going to be running the contest this year.

    Second, If you're interested in playing this year, we have some great news, we're radically changing the format of the contest to make in shorter and far easier to participate!

    That said, here is the announcement from Stits!

    If you're thinking of playing please:

    • Read this post and decide if it's still something you think would be fun (That's the most important thing) or maybe offer to help run the contest!
    • Go to the registration or help threads and sign up.
    • Show up in Vegas for DEFCON 21!
    • Grab the package, defeat the seals, replace the object inside and present your defeats to the judging panel in less then 10 hours.
    • Win!

    Because Tamper Evidence has grown so much over the last three years with more contests, speakers and defeats there is going to be a dedicated Tamper Evident Village.

    What we can tell you right now is:

    • MFP, the team that has won this contest in years past will be running it. They have years of experience with this sort of thing and it’s going to be kick ass.
    • You will be able to go there for talks, labs, play with various seals and hang out with cool people.

    Contest Specifics

    Team Only: You can register only as a team of two to six people this year. We'd hope to see people max that out, if you're interested reach out on the forums with a team and sign up! This is so the most people can play with the least headache for the contest organizers. Additionally, everything is classified as "Unlimited." That means that anything goes to accomplish a defeat! Got a lathe, access to ultra-pure water (it's an amazing solvent) or an X-Ray machine? Bring it! We're also not going to have a McGyver level (where you use commonly found items in the hotel) this year, it's amazing but very hard to quantify, maybe next year.

    Documentation:

    A component of the contest has always been to require documentation of how you did your defeat. In years past we used a documentation system that unfortunately required just as much time for many teams as the contest itself. It's actually a variant of what's expected in professional and academic communities. This year a brief write-up with pictures or video will suffice, you may be asked questions by the judges so be prepared. It's paramount that your discoveries can be shown and others learn what does and doesn’t work to make informed decisions when buying a TE product. That said, after the contest you're encouraged to create a detailed write up based of the BSI format for the community.

    Instead of pushing the responsibility of publishing your work out to the TE wiki; we’ve chosen to take the reasonability on ourselves and a contest volunteer will be doing that for you.

    THE GOAL:

    With all the different tamper evident technologies out there (I.E. tape, seals, locks, tags, bags, UV, pressure etc) we understand that this can be very intimidating. The goal of this contest is to learn something new and spread that knowledge! The contest will test your ability to perform "defeats" (Described below) against a range of inexpensive commercial low to medium security products in an eight hour window from noon Friday to 22:00 with judging occurring at noon Saturday by three judges for a combined score. You will see a list of the exact products in the contest so you can practice in advance.

    SCORING:

    As with years past; You’ll receive points for succeeding, no points for failing, and negative points for not trying (seriously at least try) to defeat or skipping an item. Extra points are awarded for completeness of documentation. The more unique your exploits are the better. In the case of a tie in points, the winning team is the one that returned the package to the contest booth first.

    Scoring itself isn't going to change. This is exactly what it's been in years past. You will however be allow to contest the results with the judges if you want to be present at noon on Saturday.

    Different levels of defeats are worth different points. We will use the LANL Defeat Categorization Scheme (it's detailed below) to describe them:

    ● [1]Type 1 defeat = 1 points
    ● [2]Type 2a defeat = 2 points
    ● [3]Type 2b defeat = 4 points
    ● [4](Type 3 defeat = 6 points) - Treated as 2b because we don't have the gear to detect a level 3 defeat
    ● Failing to attempt a defeat earns you negative 2 points (-2)

    THE COURSE OF THE CONTEST:

    When you get to CON you will be given a package at noon Friday. This package will have tamper evident seals on it. Your goal is to defeat them and document your work. After defeating all the external seals open the box and tamper with its contents. Inside you will find two chains. One of the chains is just a plain chain; the other chain will have some tamper evident tags and such on it. You will have 22:00 on Friday (yes ten hours) to move as many of these seals and tags from one chain to the other without your tampering being detected..

    There will only be than 6 or so tags this year, this is not everything, but it is the majority of what you’ll see

    Some security tapes from here:
    http://www.uline.com/BL_3079/Securit...eywords=tamper <http://www.uline.com/BL_3079/Securit...eywords=tamper>

    Uline colored Cable Seal
    http://www.uline.com/BL_2313/Colored-Cable-Seals <http://www.uline.com/BL_2313/Colored-Cable-Seals>

    Uline padlock seal
    http://www.uline.com/Product/Detail/.../Padlock-Seals <http://www.uline.com/Product/Detail/.../Padlock-Seals>

    Uline Metal Truck Seals ball lock "Tamper Proof"
    http://www.uline.com/Product/Product...elnumber=H-542 <http://www.uline.com/Product/Product...elnumber=H-542>

    Tug-Tights "Tamper Resistant"
    http://www.uline.com/Product/Detail/...ght-Drum-Seals <http://www.uline.com/Product/Detail/...ght-Drum-Seals>

    Uline Plastic truck seals "Tamper Resistant"
    http://www.uline.com/Product/Detail/...ic-Truck-Seals <http://www.uline.com/Product/Detail/...ic-Truck-Seals>

    Uline Plastic truck seals "Tamper Evident"
    http://www.uline.com/Product/Product...number=S-13677 <http://www.uline.com/Product/Product...number=S-13677>

    REFERENCES:
    Here is a list of Links & papers to get you started becoming familiar with what I have found on this subject.

    Websites:
    http://www.ne.anl.gov/capabilities/vat/seals/index.html <http://www.ne.anl.gov/capabilities/vat/seals/index.html>
    http://www.ne.anl.gov/capabilities/vat/seals/types.html <http://www.ne.anl.gov/capabilities/vat/seals/types.html>

    Definitions to use when talking about tamper evidence http://www.ne.anl.gov/capabilities/v...efinition.html <http://www.ne.anl.gov/capabilities/v...efinition.html>
    http://www.ne.anl.gov/capabilities/vat/detect.html <http://www.ne.anl.gov/capabilities/vat/detect.html>
    http://www.ne.anl.gov/capabilities/v.../findings.html <http://www.ne.anl.gov/capabilities/v.../findings.html>

    PDF documents:

    Read this first paper, Effective Vulnerability Assessment of Tamper-Indicating Seals, because it will describe the definitions of the defeats.
    http://library.lanl.gov/cgi-bin/getfile?00418792.pdf <http://library.lanl.gov/cgi-bin/getfile?00418792.pdf>
    http://grandideastudio.com/wp-conten...mbed_paper.pdf <http://grandideastudio.com/wp-conten...mbed_paper.pdf>
    http://csrc.nist.gov/groups/STM/cmvp...secpaper06.pdf <http://csrc.nist.gov/groups/STM/cmvp...secpaper06.pdf>
    http://www.cl.cam.ac.uk/~mkb23/research/PIN-Mailer.pdf <http://www.cl.cam.ac.uk/~mkb23/research/PIN-Mailer.pdf>

    From the first PDF, here is a quote describing the different defeats for those of you curious, but not curious enough to download and read it.

    Under the LANL scheme, we classify successful attacks into four categories: type 1, 2a, 2b, or 3.

    In a type 1 defeat, tampering is not detected if the "usual" seal inspection process is followed. See figure 1.

    The usual process is that routinely or typically employed by the end-user. For most seals, this is the protocol recommended by the developer or manufacturer of the seal. A type 1 defeat, however, will be detected if unusual efforts are taken. For many seals, an example of an unusual inspection protocol would be to disassemble the seal and examined it in great detail to look for tampering.

    In a type 2a defeat, tampering is not detected if the usual inspection protocol is followed and if the user visually studies the exterior of the seal (plus any internal parts that can be seen without opening the seal) to look for evidence of entry. The visual inspection can be done with either the naked eye or a hand-held magnifier.

    In a type 2b defeat, tampering is not detected if the usual inspection protocol is followed and if the user disassembles the seal and meticulously examines the interior and the exterior of the seal visually (with the naked eye or a hand-held magnifier) to look for evidence of entry.

    In a type 3 defeat, tampering cannot be detected, even if the most advanced postmortem analysis is undertaken. See figure 3. State-of-the-art techniques in forensics, material science, or microscopy will not be able to tell that the seal has been defeated. Classifying a defeat as type 3 is problematic in that it is difficult to be absolutely certain that no technology anywhere in the world has the ability to detect the tampering. Despite this problem, we believe we have demonstrated a number of type 3 defeats at LANL [13].

    If a non-type 3 defeat is successful in a seal application where the "usual" inspection protocol automatically includes meticulous visual examination of the exterior or interior of the seal, the defeat is classified as 2a or 2b, respectively, rather than as a type 1 defeat.

    For this contest the "usual" seal inspection process will be that of cursory inspect held at arms length, to simulate someone walking by or casually looking at the seals while talking to someone else.

    In reality a type 3 defeat is essentially the same as a 2b defeat because we don't have all the advanced gear on site to determine the difference, and we now treat them the same for points.

    NEXT STEPS:

    Sign up if by posting in the registration thread, or, the helpers thread if you’re interested.

    Thank you all, look forward to having a really fun contest this year!
    The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
    PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

  • #2
    Re: Tamper Evident Contest: Announcement &amp; Sign up thread

    There will be a maximum of 9 teams this year, so get your guys together and sign up!

    2 minimum, 6 maximum to a team, 9 teams maximum.

    Current teams signed up for the TEC at DEF CON 21

    #1
    Team Name: KILLFACE
    Team Members: Blak Dayz, Cobolt Blue, GIANTEYE, Tactical_Intel, Netstat, LadyChaos


    #2
    Team Name: Let me try this thing I saw once on an episode of Burn Notice
    Team Members: rCON, Dolfan, penni-piper, the lord canon
    we can take more team members..


    #3
    Team Name: LOOOT
    Team Members: jgor, a13k, Eric M

    #4
    Team Name: Gnosis
    Team Members: d3dl0ck, obfusicationx2, Bri@n, Andrew, Webhakr

    #5
    Team AnTikS
    Team Members:
    sl3nd3r
    em0n
    gr1ml0ck
    rY4n

    #6
    Team Name: Iparted event
    Team Members:
    toil
    reconnoiter

    #7
    Team Name:
    Team Members:

    #8
    Team Name:
    Team Members:

    #9
    Team Name:
    Team Members:
    Last edited by Dark Tangent; 07-30-2013, 03:01 PM.
    The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
    PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

    Comment


    • #3
      Re: Tamper Evident Contest: Announcement &amp; Sign up thread

      Thanks DT, this year we're going with an origami theme for the contest that I think everyone will really enjoy. If you need to get ahold of me the quickest way is through twitter, my account is @stits. I'll update this thread in the next week or so with photos of the boxes and seals for this years contest.


      -stits


      * Edit for late night typos
      Last edited by stits; 07-08-2013, 10:31 AM.

      Comment


      • #4
        Re: Tamper Evident Contest: Announcement &amp; Sign up thread

        Seriously? No one has signed up?

        SIGN UP. It will be good for you.
        The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
        PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

        Comment


        • #5
          Re: Tamper Evident Contest: Announcement &amp; Sign up thread

          Originally posted by Dark Tangent View Post
          Seriously? No one has signed up?

          SIGN UP. It will be good for you.
          I did this contest the first 2 years, 2nd place the first year. it was a great way to get involved and meet new people. Our team formed right here in the signup thread. If your even THINKING about it, id recommend signing up, or at least expressing interest.
          Vell, WiK's just zis guy

          Comment


          • #6
            Re: TEC &amp; Sign up thread

            TEAM KILLFACE REPORTING IN!!

            TEAM consists of:

            Blak Dayz
            Cobolt Blue
            Cynic
            Tactical_Intel
            Netstat
            LadyChaos *self

            umm not sure what other info you need

            [QUOTE=Dark Tangent;128977]Tamper Evident Contest For DEF CON 21

            Comment


            • #7
              Re: Tamper Evident Contest: Announcement &amp; Sign up thread

              I'm down for starting a team or joining one.

              Comment


              • #8
                Re: Tamper Evident Contest: Announcement &amp; Sign up thread

                Team Let me try this thing I saw once on an episode of Burn Notice, is also reporting in

                Team members:
                rCON
                Dolfan
                penni-piper

                so far...

                we can take more team members

                We had ALOT of fun doing this last year.so if you think you want to do it just do it.

                Comment


                • #9
                  Re: Tamper Evident Contest: Announcement &amp; Sign up thread

                  I have myself and definitely two others. No idea what we are doing with regards to tamper proof devices. We are all TOOOL members as well.

                  Interest in joining forces?

                  Originally posted by Penni-piper View Post
                  Team Let me try this thing I saw once on an episode of Burn Notice, is also reporting in

                  Team members:
                  rCON
                  Dolfan
                  penni-piper

                  so far...

                  we can take more team members

                  We had ALOT of fun doing this last year.so if you think you want to do it just do it.

                  Comment


                  • #10
                    Re: Tamper Evident Contest: Announcement &amp; Sign up thread


                    With a few teams coming on board it's time to start talking about the interesting things we're doing this year. I've worked with an Origami Artist named James Lucas this year to make the contest a little more interesting. Instead of traditional boxes teams will be handed one of these, the cubes are made from Pacon Fadeless art paper (you may want to research that) and the dimensions are 8.5 inches. They're a modular design that's very simple to take apart and put back together. We didn't want anyone to have the burden of learning Origami just to compete. That would just be mean. I'll be posting pictures this week hopefully of completed cubes and seal descriptions.

                    -stits

                    Oh here's the cube pic:

                    Comment


                    • #11
                      Re: Tamper Evident Contest: Announcement &amp; Sign up thread

                      Originally posted by Dark Tangent View Post
                      Seriously? No one has signed up?

                      SIGN UP. It will be good for you.
                      I tried on Thurs./Fri., but there's the whole 24 hour waiting period and whatnot...

                      ------------

                      I'd like to sign up a team

                      Team Name: LOOOT
                      Team Members: jgor, a13k, Eric M.

                      We may be adding members in the (near) future (before starting the contest), but are also ok with taking on people.

                      Comment


                      • #12
                        Re: TEC &amp; Sign up thread

                        CYNIC had to DROP OUT.. Stepping IN HIS PLACE = @GIANTEYE

                        [QUOTE=LadyChaos;129270]TEAM KILLFACE REPORTING IN!!

                        TEAM consists of:

                        Blak Dayz
                        Cobolt Blue
                        GIANTEYE
                        Tactical_Intel
                        Netstat
                        LadyChaos *self

                        umm not sure what other info you need

                        Originally posted by Dark Tangent View Post
                        Tamper Evident Contest For DEF CON 21
                        Last edited by LadyChaos; 07-15-2013, 11:05 PM.

                        Comment


                        • #13
                          Re: TEC &amp; Sign up thread

                          [QUOTE=LadyChaos;129295]CYNIC had to DROP OUT.. Stepping IN HIS PLACE = @GIANTEYE

                          Originally posted by LadyChaos View Post
                          TEAM KILLFACE REPORTING IN!!

                          TEAM consists of:

                          Blak Dayz
                          Cobolt Blue
                          Cynic
                          Tactical_Intel
                          Netstat
                          LadyChaos *self

                          umm not sure what other info you need

                          That's really all we need, thanks!
                          Look forward to seeing all of you at CON

                          Comment


                          • #14
                            Re: TEC &amp; Sign up thread

                            Looking foreword to it ^_^

                            (Please Note: switch CYNIC => GIANTEYE )

                            Comment


                            • #15
                              Re: Tamper Evident Contest: Announcement &amp; Sign up thread

                              Originally posted by a13k View Post
                              ...
                              We may be adding members in the (near) future (before starting the contest), but are also ok with taking on people.
                              Like to add scorche to the LOOOT team.

                              Comment

                              Working...
                              X