Now that ZigBee is finally appearing in the wild, Travis will take a look back at all the nifty ways of exploiting it. (ZigBee is a low cost, low power, wireless mesh network standard.) This fast-paced lecture features as many practical, real-world exploits as can fit in the time slot. Learn how to extract firmware from a locked Freescale MC13224 by grounding pin 133, how to extract keys from a Chipcon CC2530 by erasing it first, and how to hijack control of other radios with a few hypodermic syringes. You’ll also learn how Certicom’s proprietary crypto library caused multiple ZigBee Smart Energy Profile stacks to remotely expose private ECC keys and why none of this matters because cleartext traffic is easily found in most major cities.