Unboxing RFIDIOt's Black Cow Deluxe Cheddar Cheese

As I write this blog, during this historical moment, when almost the entire world is under home quarantine amidst the fear of deadly COVID-19 virus, it gives me immense pleasure to tell you I, finally, unboxed one of the two Black Cow Deluxe Cheddar cheese blocks that I won (on two consecutive days) during the Practical RFID / NFC Hacking training by Adam Laurie at Nullcon Goa 2020, just three weeks ago.

As I removed the thick layer of wax, and extracted the cheese, a lot of memories came rushing through my mind. The greatest pleasure was not the cheese itself, but to receive the cheddar cheese from Adam Laurie himself. Why did I attend the RFID training? How did it all started?

I had met Adam for the first time at BSides Delhi 2019 where he was the keynote speaker and I was a speaker speaking about my tool VyAPI. During this same conference, I had also met Antriksh face-to-face for the first time. Before that I had only seen Antriksh’s signature on all my Nullcon certificates.

You should see Adam and Antriksh together. They are light-hearted and fun, especially in each other’s company. Not a single chance would go waste, to pull each other’s leg.

Sometimes I feel thankful for actively participating in BSides Delhi conferences because that’s the place where I made some real connections. I happened to meet extremely talented people and got a chance to work with them on exciting projects, later on.

For obvious reasons I feel strongly connected to the BSides Delhi team, each one of them. My first security conference talk, titled “Attacking Web Applications using Burp Suite”, was delivered at BSides Delhi 2018. In the year 2019, I returned to this stage and presented a talk about my vulnerable Android app VyAPI. Besides delivering the talks as was planned, I also met new people. My network was expanding. It’s during the post-conference dinner at BSides Delhi 2019 that I had got a chance to spend a good amount of time interacting with Adam, Antriksh and the entire BSides organising team.

As Steve Jobs had rightly said,

“You can’t connect the dots looking forward; you can only connect them looking backwards. So you have to trust that the dots will somehow connect in your future…”

After BSides Delhi 2019 conference was over, I had to leave for Abu Dhabi to present the tool VyAPI at the HITB+CyberWeek. To my pleasant surprise, I met Adam once again at the Hack In The Box conference in Abu Dhabi.

During the HITB conference, I noticed the RFID village, walked up to Adam’s booth and stood there till I had his attention. I spoke to him about his work and I was really impressed by how he patiently tried to explain whatever he was working on. It was evident from my face that I knew nothing about the subject but Adam continued explaining to me a few concepts and informed me about the ongoing RFID challenge. It seemed too daunting to me. I did not even attempt to solve the challenge, even though I had said to myself that I would give it a try atleast.

Once the HITB conference was over, I spent majority of my time exploring Abu Dhabi. The most adventurous of all explorations was the solo trip to Liwa Desert. So much was done in just half a day, starting from exciting desert safari, embarassing sand boarding, pro-like quad biking, and the best of all star gazing in the middle of nowhere.

On returning to office, I found that everyone at Appsecco had already started planning for the Nullcon Goa 2020 security conference.

I was asked which of the Nullcon trainings would I be interested in attending. After glancing through the list of trainings and respective trainers, I saw the now-so-familiar name “Adam Laurie” and recognised him immediately. Without even reading the training title completely, I expressed my interest in attending Adam’s training. The training title was “Practical RFID / NFC Hacking” and I understood only 50% of what it meant then. The terms “practical” and “hacking” was all that I understood. I signed up for Adam’s training to understand what the remaining 50% of the title meant, i.e., to know what RFID and NFC was.

By the end of the Practical RFID / NFC Hacking training at Nullcon 2020, I had not only solved the classroom challenges on RFID hacking, and won two yummy Black Cow Deluxe Cheddar cheese blocks that came from a vibrant small village in UK, but, I also bought the RFIDler hardware and returned with a new-found interest in RFID tags and RFID readers.

In the present blog post, I wouldn’t elaborate on what the RFID challenges were and how I managed to solved them. However, I will share my RFID learnings with you in future posts.

For now, I have a tool to explore (i.e., RFIDler), some knowledge to start with (i.e., RFID tags and RFID readers), and a mentor to look forward to (i.e., Adam Laurie). And, I am ready to conduct some experiments in the solitary confinement of my home (quarantined) laboratory. With every progress that I make, I promise to share my experiences with all my readers.

Until my next blog post, do not step out of your homes. Stay safe and embrace your solitude!