Hackfest 2023 - Back to the Future

Xeno Kovah

Prior to working full time on OpenSecurityTraining2 (ost2.fyi), Xeno worked at Apple designing architectural support for firmware security; and code auditing firmware security implementations. A lot of what he did revolved around adding secure boot support to the main and peripheral processors (e.g. the Broadcom Bluetooth chip.) He led the efforts to bring secure boot to Macs, first with T2-based Macs, and then with the massive architectural change of Apple Silicon Macs. Once the M1 Macs shipped, he left Apple to pursue the project he felt would be most impactful: creating free deep-technical online training material and growing the newly created OpenSecurityTraining 501(c)(3) nonprofit.

Which country are you from? – USA


It was harder to sniff Bluetooth through my mask during the pandemic...

During the pandemic I took up Bluetooth (BT) sniffing as a way to get out of the house.

Bluedriving left me with questions that are different from those you'd ask based on traditional WiFi wardriving. Is there a geographic correlation between poverty, obesity, and BT sleep apnea medical devices? What are the implications of BT on police body cameras? Are fitness trackers still making it easy to track humans instead? Can someone steal heavy-construction equipment thanks to BT keyless ignition? Can hackers be tracked by their "portable multi-tool[s]"? Do hotels using BT door locks "open the door" to easier assassinations?

In this talk I will share some of the most interesting observations from the past few years, and share surprising answers to the above questions, and more.