Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a critical security vulnerability in goTenna Pro encrypted radios through this DEF CON 33 conference talk that demonstrates how a single unauthenticated RF packet can compromise the device's entire cryptographic security model. Learn how attackers can overwrite public keys stored for peer-to-peer and group chats, effectively becoming an undetectable man-in-the-middle who can read all AES-256 encrypted communications intended for legitimate recipients. Watch live demonstrations showing three attack scenarios: manipulating GPS coordinates to lure teams into dead zones, impersonating surveillance teammates to spread disinformation and break team cohesion, and triggering network-wide blackouts that force operators onto weaker communication channels vulnerable to direction-finding. Discover the technical details behind crafting malicious packets, poisoning key stores, pivoting between victims, and restoring normal operations using commodity SDR hardware and open-source tools released during the presentation. Gain insights into the fundamental weaknesses in cryptographic key lifecycle management and examine the hardening guidance and patch implemented in goTenna Pro version 2.0.3 to address CVE-2024-47130, reinforcing the principle that cryptography's strength depends entirely on proper key management practices.
