Eric Michaud

At Unciphered we recover keys for people who’ve lost them. We are building toolkits for that on an industrial scale. We’ve also been in deep discussions since last year on how to handle Responsible Disclosure when we discover a new class of vulnerability that allows us to create Private Keys, Mnemonics, or Seed Phrases.

This talk covered the research I performed to develop a .onion address mapping infrastructure.

Interviewed for the book and thanked in the acknowledgements. I'm not the author Geoff is. Made recommendations to others interviewed whom ended up in the book.

Indexing the dark Web offers a way to track crime—and shows that the hidden realm is a refuge for people who fear persecution.


Criminals selling Social Security numbers, the world’s largest social network, and transgender people seeking a safe place to talk are all part of the diverse world known as the dark Web—sites that can be accessed only using special software, usually intended to protect the identity and location of the websites and people using them.

The dark Web… Show more

Indexing the dark Web offers a way to track crime—and shows that the hidden realm is a refuge for people who fear persecution.


Criminals selling Social Security numbers, the world’s largest social network, and transgender people seeking a safe place to talk are all part of the diverse world known as the dark Web—sites that can be accessed only using special software, usually intended to protect the identity and location of the websites and people using them.

The dark Web pierces the public consciousness only through incidents like the 2013 capture of Ross Ulbricht, who operated the Silk Road marketplace that hosted sales of illegal drugs and other contraband. But security companies and researchers are starting to deploy software that crawls the dark Web, similar to the way a conventional search engine indexes regular Web pages. As well as ferreting out or even preventing crime, these tools are showing that the dark Web has a significant light side. Show less

The first complete automated census of the Tor hidden services network.

While pop culture still struggles with the concept of lockpicking as a sport, in the past decade -- since Eric Michaud picked his first lock -- lockpicking has gone from taboo to trend. Exploits have a newly rapt audience, excited by bypassing mul-t-locks, the Masterlock speed dial, various attacks on Medeco, and even pedestrian lock bumping. Things that now -- to Michaud, at least -- seem crude, stifling, and boring in contrast to what's in current use at the upper echelons of opening doors,… Show more

While pop culture still struggles with the concept of lockpicking as a sport, in the past decade -- since Eric Michaud picked his first lock -- lockpicking has gone from taboo to trend. Exploits have a newly rapt audience, excited by bypassing mul-t-locks, the Masterlock speed dial, various attacks on Medeco, and even pedestrian lock bumping. Things that now -- to Michaud, at least -- seem crude, stifling, and boring in contrast to what's in current use at the upper echelons of opening doors, and shared among those who push the boundaries of bypass.
In constantly questing to move attacks past the horizon, the professional world of getting in and out is host to a world of custom, sophisticated tools that put most of the public work to shame in terms of elegance. According to Michaud's astonishing catalogs and expansive research arena, tools and attacks the professionals employ to get intel and surveil are far beyond what's passed around as public knowledge.
In this talk, Eric shows what the evolution of attack vectors of locks looks like, and how attacks, tool development and cunning techniques are surpassing the imagination -- and in some instances, surpassing instinct and ability. Show less

Interview with Eric Michaud and Brian O'Shea about their October 2014 Oslo Freedom Forum talk.

While pop culture still struggles with the concept of lockpicking as a sport, in the past decade -- since Eric Michaud picked his first lock -- lockpicking has gone from taboo to trend. Exploits have a newly rapt audience, excited by bypassing mul-t-locks, the Masterlock speed dial, various attacks on Medeco, and even pedestrian lock bumping. Things that now -- to Michaud, at least -- seem crude, stifling, and boring in contrast to what's in current use at the upper echelons of opening doors… Show more

While pop culture still struggles with the concept of lockpicking as a sport, in the past decade -- since Eric Michaud picked his first lock -- lockpicking has gone from taboo to trend. Exploits have a newly rapt audience, excited by bypassing mul-t-locks, the Masterlock speed dial, various attacks on Medeco, and even pedestrian lock bumping. Things that now -- to Michaud, at least -- seem crude, stifling, and boring in contrast to what's in current use at the upper echelons of opening doors, and shared among those who push the boundaries of bypass.

In constantly questing to move attacks past the horizon, the professional world of getting in and out is host to a world of custom, sophisticated tools that put most of the public work to shame in terms of elegance. According to Michaud's astonishing catalogs and expansive research arena, tools and attacks the professionals employ to get intel and surveil are far beyond what's passed around as public knowledge.

In this talk, Eric shows what the evolution of attack vectors of locks looks like, and how attacks, tool development and cunning techniques are surpassing the imagination -- and in some instances, surpassing instinct and ability. Show less

Increasingly, users and their computing hardware are exposed a range of
software and hardware attacks, ranging from disk imaging to hardware keylogger
installation and beyond. Existing methods are inadequate to fully protect users,
particularly from covert physical hardware modifications in the “evil maid” scenario, and
yet are very inconvenient. Victims include governments and corporations traveling
internationally (e.g. China), anti-government activists in places like Syria… Show more

Increasingly, users and their computing hardware are exposed a range of
software and hardware attacks, ranging from disk imaging to hardware keylogger
installation and beyond. Existing methods are inadequate to fully protect users,
particularly from covert physical hardware modifications in the “evil maid” scenario, and
yet are very inconvenient. Victims include governments and corporations traveling
internationally (e.g. China), anti-government activists in places like Syria, and anyone
who is a target of a motivated attacker who can gain physical access. Physically
Unclonable Functions, combined with a trusted mobile device and a network service, can
be used to mitigate these risks. This talk will describe a novel open-source mobile client
and network service which can protect arbitrary hardware from many forms of covert
modification and attack, and which when integrated with software, firmware, and policy
defenses, can provide greater protection to users and limit potential attack surface. Show less

If Jason Bourne had an illustrated guide to spy tricks, it would be Access Prohibited: The Physical Security Tool Guide to Hacks, Cracks, and Recon. Author Eric Michaud teamed up with illustrator Martin Whitmore, photographer Alex Rodriguez and a team of physical security penetration testers to distill physical security hacking into this incredible guide.
This fully illustrated 35-page color guide explains the tools, techniques and methods used in the field every day by physical security… Show more

If Jason Bourne had an illustrated guide to spy tricks, it would be Access Prohibited: The Physical Security Tool Guide to Hacks, Cracks, and Recon. Author Eric Michaud teamed up with illustrator Martin Whitmore, photographer Alex Rodriguez and a team of physical security penetration testers to distill physical security hacking into this incredible guide.
This fully illustrated 35-page color guide explains the tools, techniques and methods used in the field every day by physical security professionals worldwide to gain unauthorized access to buildings, rooms and facilities. The specialized tools and everyday items, from the exotic to the ordinary, are described in clear step-by-step instructions accompanied by color photos and bold illustrations. Show less

Physical tamper-evidence and tamper-response can be applied to client devices (cellphones, tablets, laptops), particularly to protect travelers in hostile regions. We describe the technologies, deployment and lessons learned across several technologies and market segments, and how these technologies can best be used by IT and security administrators to protect their users.

IF you’re traveling overseas, across borders or anywhere you’re afraid your laptop or other equipment might be tampered with or examined, you’ve got a new secret weapon to improve security. Glitter nail polish.

Don’t laugh. It works....

Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the "evil maid" scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is… Show more

Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the "evil maid" scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is a target of a motivated attacker who can gain physical access.

Physically Unclonable Functions, combined with a trusted mobile device and a network service, can be used to mitigate these risks. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface. We'll also be showing video of an unreleased tool to the public utilized by surveillance teams. Show less

Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the “evil maid” scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is… Show more

Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the “evil maid” scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is a target of a motivated attacker who can gain physical access.

Physically Unclonable Functions, combined with a trusted mobile device and a network service, can be used to mitigate these risks. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface. Show less

ncreasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the “evil maid” scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is… Show more

ncreasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the “evil maid” scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is a target of a motivated attacker who can gain physical access.
Physically Unclonable Functions, combined with a trusted mobile device and a network service, can be used to mitigate these risks. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface. Show less

The story about the beginnings of TOOOL.US

We will present the common elements and basic mechanisms of modern tamper-evident seals, tags, and labels, with emphasis on attack and circumvention. Adhesive seals, crimp seals, wire wraps, fiber optic seals, electronic, chemical, biological, and make-shift seals will be dissected, examined, and explained, with emphasis on their shortcomings and circumvention techniques. We will also present an overview of typical applications for tags, seals, and labels, including covert traps and uses… Show more

We will present the common elements and basic mechanisms of modern tamper-evident seals, tags, and labels, with emphasis on attack and circumvention. Adhesive seals, crimp seals, wire wraps, fiber optic seals, electronic, chemical, biological, and make-shift seals will be dissected, examined, and explained, with emphasis on their shortcomings and circumvention techniques. We will also present an overview of typical applications for tags, seals, and labels, including covert traps and uses ranging from consumer goods to loss reduction to government secrets. Show less

This paper covers my research into the realities and statistics of art theft in museums.

Abstract:

Building a private network to connect your neighbourhood. Why we feel common solutions are terrible on resources and what we think is better.

Get on board.

This talk will give you the opportunity to take a look at the shades of grey of interconnecting hackerspaces and people's networks. Mc.Fly presents ChaosVPN, reborn in its darknet-ish approach and gaining momentum from established hackerspaces in the US and Europe with spaces like NYC Resistor, Pumping… Show more

Abstract:

Building a private network to connect your neighbourhood. Why we feel common solutions are terrible on resources and what we think is better.

Get on board.

This talk will give you the opportunity to take a look at the shades of grey of interconnecting hackerspaces and people's networks. Mc.Fly presents ChaosVPN, reborn in its darknet-ish approach and gaining momentum from established hackerspaces in the US and Europe with spaces like NYC Resistor, Pumping Station: One, Noisebridge and c-base. The Agora Network will be presented by Aestetix and Eric in covering the community and technical aspects and what to expect. Equinox will show you the white-ish side called dn42 - the old but nice lady that connects mostly german people and younger spaces like sublab and entropia. Show less

Urine is frequently tested to detect illicit drug use for such things as accident investigations; forensics and law enforcement; screening of employees and potential employees; fitness of duty checks for critical personnel such as those involved in the transportation or nuclear industries; tests of national, international, and scholastic athletes for cheating; and evaluations of whether an individual should receive (or continue to hold) a security clearance. Because the results of drug tests… Show more

Urine is frequently tested to detect illicit drug use for such things as accident investigations; forensics and law enforcement; screening of employees and potential employees; fitness of duty checks for critical personnel such as those involved in the transportation or nuclear industries; tests of national, international, and scholastic athletes for cheating; and evaluations of whether an individual should receive (or continue to hold) a security clearance. Because the results of drug tests strongly impact person’s career, livelihood, and reputation, and because the results of drug testing have serious implications for government, corporations, and society, good security to prevent tampering would seem to be essential. Show less

Contributor

Book Description:

As the cliché goes, information is power. In this age of technology, an increasing majority of the world's information is stored electronically. It makes sense then that we rely on high-tech electronic protection systems to guard that information. As professional hackers, Johnny Long and Kevin Mitnick get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, their… Show more

Contributor

Book Description:

As the cliché goes, information is power. In this age of technology, an increasing majority of the world's information is stored electronically. It makes sense then that we rely on high-tech electronic protection systems to guard that information. As professional hackers, Johnny Long and Kevin Mitnick get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, their goal has always been the same: extract the information using any means necessary. After hundreds of jobs, they have discovered the secrets to bypassing every conceivable high-tech security system. This book reveals those secrets; as the title suggests, it has nothing to do with high technology. Show less

True security is often difficult to achieve in our modern age. Most individuals totally overlook this aspect of our daily lives, and those who attempt to take active steps to achieve security often invest in falsehoods and empty promises as opposed to reliable technologies.

Every day, countless people come into direct contact with frighteningly insecure systems and fail to take notice. Such problems will typically remain unaddressed until a catastrophic event captures everyone’s… Show more

True security is often difficult to achieve in our modern age. Most individuals totally overlook this aspect of our daily lives, and those who attempt to take active steps to achieve security often invest in falsehoods and empty promises as opposed to reliable technologies.

Every day, countless people come into direct contact with frighteningly insecure systems and fail to take notice. Such problems will typically remain unaddressed until a catastrophic event captures everyone’s attention. Why is there so much ignorance in this field? Why aren’t manufacturers implementing stronger products? The answer to this conundrum is simple: It is a matter of awareness. While some may lay blame upon the manufacturers, whose profit motive typically dictates production with the least amount of overhead at the cost of security, the chief reason for weak products is the level of awareness the customer-base holds. Without a properly informed public, consumers can never properly make their priorities known in the marketplace.

The average individual is completely ignorant of how quickly their home or business locks and authentication systems can be bypassed. As long as this knowledge remains hidden in the depths of “professionally privileged information” and obscured by the manufacturers themselves, the worse security will be for all of us. We will explain and demonstrate security methods of the past, present, and future. Not only will both old and new technologies be explored they will also be compromised before your very eyes. Everyone will come to appreciate the strengths and weaknesses of various technologies… thus everyone may decide the value of such products for themselves.

If after the conclusion of our talks we have not overwhelmed your minds enough with extensive details, you are also all invited to come and see us at the “Lock pick Village“ an entire area where attendees may ask additional questions and try their hand at everything we have demonstrated and described.
Show less

Matt describes the attack I developed against vulnerable Mul-T-Lock cylinders produced up till my research in 2005.

If the city you live in fell into dystopia and horror and you had to survive for 72 hours, could you? Many of you, let's face it, will die. Squashed under that Victorian you called home. Kidnapped from your SoMa loft by Occupy comrades. Murdered by an angry mob after you snatch more than your fair share of Charmin during a CVS loot. Or worse. But Rift Recon, a physical security agency made up of researchers, former military and private security detail contractors, and computer and hardware… Show more

If the city you live in fell into dystopia and horror and you had to survive for 72 hours, could you? Many of you, let's face it, will die. Squashed under that Victorian you called home. Kidnapped from your SoMa loft by Occupy comrades. Murdered by an angry mob after you snatch more than your fair share of Charmin during a CVS loot. Or worse. But Rift Recon, a physical security agency made up of researchers, former military and private security detail contractors, and computer and hardware hackers, can and will help you survive. Show less