Blog Posts

Ai and Security Resources

I recently gave a presentation at Rhodes House regarding the intersections between AI and cybersecurity. These are some articles, code samples, tools, etc. that I either referenced in the presentation or are related to what we discussed. Hopefully it’s useful both to those of you who were at the presentation and to anyone looking for a decent collection of resources about the relationship between AI and cybersecurity. Resources from the Presentation All jupyter notebooks (you can run these in google colab) https://github.

Read More...

Reverse Engineering the Amazon Dash Wand: Part 2 - Local Shenanigans

About the Project This is the second in a series of posts outlining my efforts to reverse engineer the new Amazon Dash Wand to understand how it works and how secure it is. Rather than just do the typical security blog writeup of exploits, I wanted to share the entire process including the numerous dead ends and false leads involved in an embedded reverse engineering effort. You can find other posts in the series here.

Read More...

Reverse Engineering the Amazon Dash Wand: Part 1 - First Steps

About the Project I recently picked up Amazon’s new Dash Wand essentially for free due to an Amazon promotion ($20 worth of Amazon credits if you purchase the $20 device). The device itself packs a pretty hefty amount of hardware for the cost. It includes a microphone, a linear image sensor for barcode reading, assorted LEDs, a nice big button, speakers, Bluetooth Low Energy and Wifi. It’s all powered by (replaceable) AAA batteries, can be affixed to any magnetic surface or hung from an adhesive hook it ships with, and is remarkably compact and portable.

Read More...

15 Strategies to Win Hackathons

Hackathons are a great deal of fun and also an opportunity to make connections with local tech companies, build a reputation, and grow as a coder. One of the best things about hackathons is the opportunity to win awesome prizes. Unfortunately the competition at hackathons can be tough. Indeed, sometimes hundreds of people will compete for a shot at only 3 or 4 prizes. It can be hard for a new hacker to stand out from the crowd.

Read More...

Hackathons vs. CTFs

One piece of advice I give to people looking to transition from computer science homework assignments to meaningful proficiency in cybersecurity is to seek out Hackathons and Capture-the-Flag competitions. Sometimes the amount of information on these events can seem overwhelming and it can be difficult for someone starting out to know which events are worthwhile and how to best make use of opportunities. After attending a number of these competitions myself, I wanted to share some of the advice I wish someone had given me.

Read More...