About the Speaker

This presentation delves into OpenThread technology, highlighting its accessibility through the newly developed Flipper Zero Thread radio extension board. Participants will gain comprehensive insights into Thread functionality, including best practices for network configuration and potential vulnerabilities posed by malicious actors.

The session begins with a brief introduction to Flipper Zero, followed by exploring the challenges surrounding effective interaction with Thread networks. Key focus areas include the commissioning process—covering both Native and Matter protocols—and the investigation of alternative connection methods utilizing default keys and shared datasets.

A technical demonstration will showcase the modification of an NRF USB dongle for compatibility with Flipper Zero, incorporating essential wiring and soldering techniques. The presentation will culminate in a video illustrating the device's capabilities, such as connecting to Thread networks, conducting TCP port scans, and establishing TCP tunnels.

Attendees will leave with a richer understanding of Thread networks, the technical intricacies involved, and the challenges faced while developing the new Zephyr firmware app and the Flipper app/script.

András Tevesz is a Senior Vulnerability Researcher at CUJO.AI with 15+ years of experience in the IT security industry.

He holds a degree in Software Engineering and worked on multiple software development projects and a consulting company as a security professional and penetration tester.

His interest is the security of IoT devices, reverse engineering of firmware, and bypassing security protections.