The brains behind the hacks at Hak5, Darren Kitchen's latest invention is something for advanced hackers he calls a "Wi-Fi Pineapple." It's a portable, $99.99 Wi-Fi hot-spot honeypot, a penetration-testing dropbox for executing man-in-the-middle attacks.
The Pineapple is meant to be used only "in authorized security audits," says its documentation.
The Wi-Fi Pineapple comes with a sticker that reads, "Jasager," which is German for "yes man" or "yes sayer." The Pineapple mimics a Wi-Fi hot spot that you have saved on your device, and tells your device, "Yes, I am the Wi-Fi network you think I am," when in fact it's nothing of the sort.
The USB Rubber Ducky, which retails for $59.99, is another penetration-testing tool. Billed as, "the most lethal duck ever," it's designed to deliver payload scripts for further security testing.
Kitchen was also selling the Pwn Plug from his vendor booth. It's an enterprise-grade security-testing suite for commercial penetration testing, similar to the Pineapple but not portable. It can be made to look like an air freshener or printer power brick with an included sticker.
There's more going on in the vendor room than the latest in security tools. Meco proprietor Ira Moser specializes in getting the odds and ends of yesteryear's technology into the hands of people who still want it. Among Meco's more technology-based novelties, the Web site is selling an ambulance's rapid-response table for transporting an injured person, as well as several ladies' formal evening dresses.
At Defcon, Moser showed off a collection of obsolete but otherwise functional communication devices.
The blue box is a storied and often home-brewed instrument for hacking telephone lines. This one is an official one from an unidentified telephone company.
Though it doesn't get as much attention, physical security goes hand-in-hand with the computer security side of Defcon. Mitch Capper of SecuritySnobs.com offers up several unusual locks to keep your stuff safe.
SecuritySnobs also had on display the Mobeye, a GSM-connected alarm that sends you a text message when the alarm has been triggered. It's also completely portable, so though it can be bolted to a wall, it doesn't have to be.
The Geminy Shield is a deadbolt guard that prevents physical attacks against a door's lock mechanism. While that can include attempts to remove the deadbolt from the door itself, it can also protect against pranks like shoving gum into the keyhole.
