Hacker projects on Kickstarter

I was preparing for a course on the withdrawal of the project at Kickstarter and I had to analyze successful projects as a “homework”. (I gasped a bit when I learned that there are 1,250 active crowdfunding platforms in the world.) Since I have a habr defect, I found all the projects in the field of information security (and a couple of projects were suggested by the hackerspace guys).



10% is the share of technology startups at Kickstarter (they eventually collected about 118,000,000 dollars).

Yes, crowdfunding is perfectly sharpened on any useless, but cool crap. Kickstarter collects loot for salad and rubber handles (16 barreled wooden machine gun of the Gatling system), and on other platforms they implement the “rule 34” for space and for the joy of the old Freud type cigar organs. But there are also hacker projects, some of which are quite serious. As for ordinary users (flash drives with biometrics), and for professional pentesters (analyzer attacks on third-party channels for iron).

')

I propose to evaluate the ideas of the projects (the depth of technical descriptions) and the sense of humor of the developers.

Myths and Facts about Kickstarter

I saw with my own eyes how the guys from CubicRobotics updated the page with statistics on IGG every minute. I also helped a little with the draft book about Venus , and now I'm carrying out plans to launch a shahid belt project of loyalty belts for the development of magnetoreception (the first prototype of which we soldered to schoolchildren in the camp this summer ).



Therefore, I wonder what pieces the campaign on Kickstarter consists of. I made a selection of projects using the following examples: work with the media, video quality, game mechanics, visualization of awards and goals, interaction with the community, sense of humor, depth of technical descriptions.



Independent analysis of projects - a powerful thing. For example, there is a myth that only gadgets or desktops are successful at Kickstarter. I found okolokhakerskie projects, tutorials, research, software projects, iron and paper solutions. Or another misconception that the video must be expensive - I witnessed how they spent 10,000 dollars on the set. Examples of IB projects demonstrate that you can shoot video both in the studio and on a webcam.



During the preparation, I was able to talk a bit with “our man” in Silicon Valley, which helps to “hack citizenship restrictions on Kickstarter”, here he is a real myth destroyer and a specialist in cultural codes. Who knows why you can not congratulate the girls on March 8 Kickstarter?



A record holder in the field of information security collected more than $ 700,000, and another project was notable for attracting 1,200 backers (those who "voted with money") in the first 24 hours. Russian activity on Kikstarter is as follows: 15,000 Russians contributed a total of 3,350,000 dollars.



Wednesday is the most active day of the week for Kickstarter users. Date of the month - 13.

I publish an article on Thursday, the 6th, but in the article I use one of the popular game mechanics - “stretch goals”. This is such a thing, borrowed from the games, when after taking the next height, a new nishtyachok opens.

Cybersecurity projects

Cybrary MOOC IT and Cyber ​​Security

Cybrary : The world's first free MOOC (Multi-user online course) about information technology and cybersecurity. For each. For any level. Is free. Forever and ever.



The Cybrary.IT platform offers free MOOCs for IT specialists. There are now 20 online courses on system and network administration and cybersecurity available for obtaining certification from beginner to advanced levels (Ethical Hacker, CISSP, CCNA, CompTIA A +) and niche skills (deployment of Microsoft Exchange).



The idea of ​​the Cybrary.IT project is to eliminate financial barriers for IT professionals in constantly improving their skills and make the field accessible to talented professionals from low-income segments of the population.



A teacher with a class of 20 students will be able to use additional tools for free, and if you use Cybrary.it for the whole school, you will have to pay from two to ten thousand dollars a year. For this money, it will be possible to follow the progress in passing pupils' material, organize the activities of several teachers at once, and make up complete curricula from the materials of the site.





Chips: filling in advance with the content of your channel on YouTube , where you can find several demos with teachers.



The amount collected, continue to be published on hacker resources . On May 29, 2015, the project exceeded 100,000 registered.



Collection - $ 25,803 ($ 25,000)

Start of the project - March 4, 2015

Project site - www.cybrary.it

Kickstarter page





A video is a simple one shot on an ordinary camera and for some reason it causes confidence, more than a video from Coursera, where sometimes teachers teach their books or services. I even want to learn from the guys, and the course is also free, which is in harmony with the hacker worldview about the dissemination of knowledge and competencies.

---

Enigmaze - Secure Internet Password Log Book

Enigmaze is a cool notebook specially designed to quickly and easily create and store strong passwords.



A password about “forty thousand monkeys” and their relationship with bananas is easy to remember, but what to do with this xXkleG! 8 + Ke $? Mcd ? Given that these need to have a few dozen for each project.



The authors of the project offer such "Enigma" on paper. It can be used in different ways - from an invisible ultraviolet marker, to mnemofrases, from which a strong password is “output” using a cipher-notebook.





The chip is a great solution, especially for organizations where you can / need to implement strong passwords for all employees. Developers quickly communicate with bakers and even during the campaign, responding to the reviews, added choice options - a notebook without letter-indexing of pages.









Fees $ 18,927 ($ 3,000)

Start of the project - May 11, 2015

Project site - enigmaze.org

Kickstarter page

Video - Studio

---

OneRNG - an open source entropy generator

OneRNG is a reliable hardware source of entropy for random number generators.



The device is designed in the form of a keyfob with a USB interface.



All diagrams, specifications, and software are distributed (https://github.com/MoonbaseOtago/) under free licenses and are available for independent auditing and reliability testing. According to the authors of the project, assurances of trust are worth nothing, only complete openness and the provision of self-verification can guarantee the security of the system.



For the formation of random entropy in OneRNG, a circuit based on a Zener diode and a radio frequency hopping receiver are used. For isolation from external interference, electronic components are insulated with a special metal screen.

" Openness is important, we fully disclose the design of our equipment and our firmware, our board is even designed with removable noise protection (" foil cap "), so you can check and make sure that the circuits inside are exactly the same as those that we build and sell. In order to make sure that our boards cannot be compromised during transportation, we make sure that the internal firmware will be signed and cannot be forged.



The board cannot be reprogrammed via USB using malicious software on the host computer. However, we also believe that you do not actually own your equipment if you cannot open it and tinker with it, and, more importantly, you cannot verify that what we promise.



Therefore, we offer the same programmer that we use, plus a cable for an additional fee - we hope that you can do something even more reliable than what we have created. " Paul Campbell

Chips: cool title, sincere video, the solution to the actual problem. They put pressure on the corn that "the NSA hacked some of the random number generators in the OpenSSL software."



Fees - $ 48,551 ($ 10,000)

Start of the project - December 15, 2014

Project site - onerng.info

Kickstarter page

Video is a simple video describing how it works.









Big project lecture

---

JackPair: secure your voice phone calls wiretapping

JackPair encrypts voices over GSM telephony with protection against man-in-the-middle attacks.

It works with any phones, does not require passwords, does not require installation of any software. Cost $ 89 per device or $ 139 per pair.



All software is open source and open to audit (open source security).

Bruce Schneier claims: " The crypto looks competent, it is well-thought-out. I'd use it. "



Concept: one device connects to the phone, be it a smartphone, a landline phone or a VoIP client on a PC via a standard 3.5mm headphone jack - and then, if the subscriber has a second JackPairs, the devices will establish a secure connection and encrypt the audio signal before sending over any network. The JackPair software uses a synthesized voice to play the decoded audio signal.



For each communication session, a One-Time-Secret-Key (OTSK) is generated, generated using the Diffie-Hellman protocol . For encryption is used stream cipher Salsa20 .



Chips : before launch, the developers have enlisted the support of the popular information security specialist - Bruce Schneier. There is a description and pictures of the main stages of prototyping.



Edward Snowden's revelations (Edward Snowden) showed how vulnerable user data is, especially in the face of state intelligence. The developers used a quote from Snowden as a justification of the need for this device:





Fees - $ 44,661 ($ 35,000)

Start of the project - September 5, 2014

Project site - jackpair.com

Kistarter page



Video - "semi-studio"

---

The Glitch: Security / Pen-Testing Hardware Platform

Hooked up and hacked.

Glitch makes life easier for Pentester . Now the information security specialist does not have to go into the device and write firmware for it. Glitch is a reprogrammable Open Source Hardware device / platform. Took out of the box and turned it on.



Glitch can emulate keyboard operation and, when connected to a computer, quickly type text (which can be used both for fast configuration of Windows / Linux and for playing some payloads).



The advantage of this device over Teensy and Rubber Ducky is that it can log - that is, it can be connected to a USB keyboard and it will record all keystrokes on the microSD card.

Hacking with hardware for non-hardware hackers

“I'm JP and I'm a security researcher who loves to tinker. I have a special interest in wireless security and portable security projects. ”

(“I’m a JP and I’m a security professional who likes to make things. I’m interested in wireless and portable security projects”)



Also due to the small size of the Glitch can be hidden inside other electronics, for example, inside the mouse. To detect such a third-party device will be extremely difficult.





The chip is a cool sticker for those who contributed at least $ 10



The author of the project used the services of the community, they helped him to make a video: “Thanks to gigafide (http://youtube.com/gigafide) for helping me make the video”



Fees - $ 30,137 ($ 14,500)

Start of the project - August 5, 2012

Project site - theglitch.sf.net

Kickstarter project page

Video - home made

---

Webcloak: Advanced Web Security and Online Privacy

Webcloak is a small USB device that is a physical shield to work safely on the web. Protects against viruses and data theft. Provides anonymous access.



How Does Webcloak Work?



When connected to a computer, Webcloak creates a protected virtual “machine inside the machine”. All data is encrypted (AES) 256. The developers promise users absolute invulnerability and protection of all transactions, payments, protection against viruses and vandalism.



Webcloak blocks any incoming access, and you don’t need to install or reboot anything, protection starts as soon as you plug the device into the computer.





The device protects against "SideJacking" (Wi-Fi hacking), traffic sniffing (Network Traffic Sniffing), DNS Spoofing, Key-loggers and Screen Scrapers, man-in-the-middle attacks, Site Visit Tracking Code, Cryptolocker, as well as all viruses and exploits.



Chips - a lot of video instructions and pictures that explain the principle of operation and use of the device. Detailed description of the development team with live photos.











Fees - $ 61,215 ($ 60,000)

Start of the project - November 19, 2014

Project website - webcloak.com

Kickstarter page

Video - Studio

---

Here it is long-awaited coming out content unlock.





Continued - Gluching, attacks on third-party channels and hacker projects on Kickstarter (continued)



If you know crowdfunding projects in the field of information security , which I missed, share.

Competition

Everyone probably has acquaintances who are conducting experiments with cold nuclear fusion in the garage.

Perhaps they want to bring their project to the crowdfunding platform, or maybe they (like proud hedgehogs) should be kicked for this.

Share briefly the essence of the project (in the comments or on the email alexey.stacenko (pack) gmail.com), for our part, being biased and inadequate, we will give two invites for the Kickstarter campaign creation course . One invite to the most beautiful girl to the author of the project, and the second to the one who “passed” him. (priority for projects in the field of information security and OpenSource)