Bryson Payne – BrysonPayne.com http://brysonpayne.com author | professor | cybersecurity director | TEDx speaker Sat, 20 Oct 2018 05:40:40 +0000 en-US hourly 1 https://wordpress.org/?v=5.5.3 http://brysonpayne.com/wp-content/uploads/2015/04/brysonpayne_favicon-5536db45v1_site_icon-32x32.png Bryson Payne – BrysonPayne.com http://brysonpayne.com 32 32 Car Hacking in 30 Minutes or Less http://brysonpayne.com/2018/10/20/start-car-hacking-in-30-minutes-or-less/ http://brysonpayne.com/2018/10/20/start-car-hacking-in-30-minutes-or-less/#respond Sat, 20 Oct 2018 04:40:59 +0000 http://brysonpayne.com/?p=1177 Dr. Payne car hacking his own Volkswagen Jetta

My Facebook Live video on car hacking brought in over 3,600 viewers!

This tutorial will guide you step-by-step into one of the hottest cyber skills in the world: car hacking!

Using VirtualBox and Kali Linux, you can start car hacking using completely free open-source software and tools, including can-utils, ICSim, ScanTool, Wireshark, and tcpdump. You’ll create a functioning CAN (controller area network) simulator with a dashboard just like the one in your car. I’ll even show you how to perform a “replay attack”, recording packets from the CAN bus and replaying them to change the car’s settings, sensors, and controls! When you’re ready to try you skill on an actual automobile, you can buy (or build) the hardware for $20 to $75 (USD) and connect to your vehicle

I’m a Certified Ethical Hacker, and I’ve always worked on my own cars. But when I started car hacking a little over 10 years ago, there weren’t any clear, step-by-step, easy-to-follow instructions for beginners. Ten years later, there still aren’t any complete car hacking beginner-to-pro tutorials out there that show you how to get started and how to actually connect to a real car or truck, so I wrote this post based on my popular presentations at hacking conferences and workshops (GenCyber, CCERP, NCWA, STEM, and more).

In this tutorial, you’ll be able to:

  • install free, open-source car-hacking tools on your computer (desktop, laptop, even a Raspberry Pi, or on a Linux virtual machine),
  • perform a replay attack on a simulated controller area network (CAN),
  • buy or build the low-cost tools necessary to test for similar vulnerabilities in modern automobiles.

If you’ve got any ethical hacking experience, you can use a Kali Linux VM (the most popular ethical hacking toolkit) for your car-hacking workstation. And the only physical equipment needed to connect the software to a modern car, a USB to OBD-II cable or wireless connector, can be built or bought easily online for around $20-75 (USD).

Introduction to the CAN Bus

Car hacking itself is surprisingly similar to hacking other networked devices. We can use a network sniffer to view packets as they move across the controller area network, or CAN bus, in an automobile. The CAN (controller area network) bus enables communication between the vehicle’s sensors and its various electronic control units (ECUs). Modern production cars can have as many as 70 or more ECUs controlling the engine, airbags, anti-lock braking system, tail lights, entertainment system, and more. One advantage of the CAN bus architecture is that it allows all of these devices to communicate over as little as one pair of shared wires running to each sensor, controller,and ECU.

CAN bus protocol messages are small (8 bytes or less of data inside another 8-byte package), with no addresses in the messages, just a priority value (messages from the engine or brakes get higher priority than the air conditioning or audio player). The CAN bus protocol was not built with modern security in mind.

Brief History of Car Hacking

In 2011, the first widely accepted remote hack of a production vehicle was accomplished by a team of researchers at the University of California, San Diego, against a 2011 Chevy Malibu. The researchers were able to cause the car’s brakes to lock up while driving using two different remote attack vectors.

In 2015, researchers Charlie Miller and Chris Valasek remotely controlled the steering, braking, acceleration, and other controls of a 2015 Jeep Cherokee. High-profile hacks were demonstrated against electric vehicles, including a 2016 Tesla Model S and a 2018 BMW i3 by Tencent’s Keen Security Lab.

An Open Source Toolkit for Car Hacking

OpenGarages ICSim software

ICSim from the OpenGarages team, is a free car simulator to practice car hacking on.

The software I use for car hacking is both free and open-source. The first app is from OpenGarages.org,  the Instrument Cluster Simulator, or ICSim package (get it from GitHub). ICSim was created by car hacking researcher Craig Smith, author of The Car Hacker’s Handbook (No Starch Press, 2016). ICSim includes both a dashboard simulator with a speedometer, door lock indicators, and turn signal indicators, and a control panel that allows the user to interact with the simulated automobile network, applying acceleration and controlling the door locks and turn signals. ICSim relies on other free Linux tools, including the CAN Utilities, or can-utils, that are available under the package installer repositories for most Linux distributions.

In the following section, we will detail the step-by-step installation and configuration of the ICSim software and related tools for use in a classroom, computer lab, or automotive research workstation, as well as running in a virtual machine on a commodity Windows, Mac or Linux laptop.

Installation

If you’re familiar with Linux, especially Kali Linux for ethical hacking, you’ll find both the setup and the use of the tools themselves easy to follow. Those with less experience, especially with less command-line Linux expertise, can still install and run the tools in a virtual machine similar to the ones used in most hands-on courses in ethical hacking.This installation will assume the user has either a workstation running Kali Linux or a virtual machine running Kali Linux in a platform like VMware or VirtualBox. For the car hacking modules, we will use open-source tools from OpenGarages.org developed by Craig Smith.

Installing Dependencies

The first step in setting up the OpenGarages.org car hacking software is installing prerequisite software known as dependencies. First, update Kali Linux by typing the update command into a new Terminal (command-line) window:

sudo apt-get update

Then, install the LibSDL (SDL stands for Simple DirectMedia Layer, a cross-platform development library for computer graphics and audio) development libraries. LibSDL is used by the Instrument Cluster Simulator software from OpenGarages to draw and animate the virtual dashboard (or instrument cluster), as well as to access various game controllers, like the PlayStation PS3 controller.

Install both the libsdl2-dev and libsdl2-image-dev libraries with the command:

sudo apt-get install libsdl2-dev libsdl2-image-dev

After the LibSDL libraries are installed, add the CAN utilities. CAN is short for controller area network, the primary network in modern automobiles. The CAN utilities are included in some Linux distributions, but not in Kali as of this writing. The CAN utilities can be installed using the command:

sudo apt-get install can-utils

Once the LibSDL and CAN utilities software dependencies are in place, we can download and install the ICSim car hacking tools.

Downloading and Installing ICSim

We will utilize git to download the OpenGarages.org software ICSim, short for Instrument Cluster Simulator. Git is the most widely used version control system, and is free and open-source (created by Linus Torvalds, the creator of Linux himself). It’s also included in Kali, as well as in most Linux distributions.

Git will clone, or copy the ICSim project files, directly to your local computer. Set the directory to your home directory with the command:

cd ~

That’s cd (short for change directory) followed by a tilde (~) symbol, to signify the user’s home directory. On Kali Linux, this is usually the directory /root/, corresponding to the root user.

Download and expand the ICSim project files using git with the command:

git clone https://github.com/zombieCraig/ICSim.git

Git will download the project files for ICSim into a folder labeled ICSim in your home directory. Change into the ICSim folder and list the contents:

cd ICSim/
ls

You should see several files, including two executable files labeled controls and icsim, inside the ICSim folder.

Preparing the Virtual CAN Network

Run the setup script by typing:

sh ~/ICSim/setup_vcan.sh

You can verify that the vcan0 network link is active by typing ifconfig. In addition to your regular network interfaces, you should now see vcan0 listed. With the vcan0 network link active, we can run the Instrument Cluster Simulator and the Control Panel to simulate a live controller area network and instrument cluster in a modern automobile.

Running the ICSim Software

The standard setup for running ICSim includes at least two components, the icsim Instrument Cluster Simulator program file, which simulates an automobile’s dashboard instrument panel, and the controls executable, which gives the user control of the virtual automobile, including acceleration, steering, door locks, and turn signals. For a first experience for beginning car hackers, it’s also instructive to open a third terminal window running a network sniffer to view packets on this new virtual CAN network.

ICSim dashboard and controller.

ICSim includes a dashboard simulator and a controller app to let you “drive” your virtual car!

Open three terminal windows. In the first window, open the Instrument Cluster Simulator application, icsim, on the vcan0 virtual CAN network interface we created:

~/ICSim/icsim vcan0

That’s vcan0, with a zero, denoting the virtual CAN network we created by running setup_vcan.sh above. The dashboard instrument panel simulator will appear as shown to the right.

Nothing on the dashboard will light up, and the speedometer will stay at zero, because there’s no traffic on the vcan0 network yet. We’ll fix that by starting the ICSim’s controls. In a second terminal window, open the controls app:

~/ICSim/controls vcan0

The CANBus Control Panel application will appear on the screen, with a GUI mimicking the PlayStation 3’s PS3 controller (which, by the way, is supported by the controls app). The keyboard controls are labeled on the controller GUI: acceleration is controlled with the Up arrow key, turn signals with the Left and Right arrow keys, and so on.

Right-click (or control-click) on the title bar at the top of the window, and select Always on Top to keep the control panel app visible.

Resize the controller window so that it fits on the screen with the dashboard simulator. You’ll notice that the speedometer is now “idling”, or jittering slightly while sitting at 0 MPH. This is because the controller app is sending mild noise signals over the virtual CAN bus network vcan0 to simulate a real car’s CAN bus.

The keyboard controls shown in Table 1 will only function when the CANBus Control Panel app is currently selected. If the dashboard doesn’t seem to be responding, first click your mouse in the CANBus Control Panel window, then use the keys given below to see changes in the IC Simulator dashboard:

Function Key(s)
Accelerate Up Arrow (↑)
Left/Right Turn Signal Left/Right Arrow (←/→)
Unlock Front L/R Doors Right-Shift+A, Right-Shift+B
Unlock Back L/R Doors Right-Shift+X, Right-Shift+Y
Lock All Doors Hold Right Shift Key, Tap Left Shift
Unlock All Doors Hold Left Shift Key, Tap Right Shift

Table 1: Keyboard controls for the CANBus Control Panel app, and their associated function viewable in the IC Simulator dashboard app.

Click the CANBus Control Panel window and press a few of the keys and key combinations given in Table 1 to see the virtual car take off, signal for left and right turns, lock and unlock doors, and so on.

Finally, let’s view the network packets that our control panel app is sending across the vcan0 network to the dashboard simulator by running cansniffer, the CAN network sniffer included in the CAN Utilities software we installed earlier. From a third terminal window, run:

cansniffer -c vcan0

The cansniffer executable is not provided in the ICSim package; it’s in the can-utils software we installed prior to downloading the ICSim software. As you can see, the network traffic looks similar to a raw tcpdump or captured packet data in Wireshark.

The cansniffer -c flag tells the sniffer to colorize bytes that are changing, which can help us identify bytes that vary as we interact with the CAN bus via the control panel app.

With these three windows open, the icsim dashboard, the controls control panel, and the cansniffer network sniffer, we can see one perspective of how sensors, actuators, and ECUs interact over a simple CAN bus. Try accelerating all the way to 90 MPH, the maximum speed configured for the controller, then lock and unlock all the doors, and press the left and right turn signals while accelerating. The dashboard will reflect your keystrokes regardless of whether such combinations would be safe to attempt in a real vehicle.

In the next section, we’ll see how to use this combination of tools to perform a common cybersecurity test by demonstrating the ability to capture packets and replay them on the CAN network to trigger sensors and controls without interaction on the part of the driver.

Replay Attacks

In a replay attack, a hacker captures packets from interesting network traffic and attempts to re-inject them into the network later. A replay attack can be one of the first steps a security tester or an attacker might use in attempting to reverse-engineer a networked device.

Fortunately, just like the cansniffer software allowed us to view packets on the virtual CAN network interface, there are additional tools in the can-utils library that enable us to capture and replay those packets. In this example lab module, we’ll demonstrate the replay attack in two steps: capturing packets with known commands from the virtual CAN network traffic, and replaying those packets on the virtual CAN bus.

Capturing the CAN Bus Packets

If you still have the icsim, controls, and cansniffer windows active from the previous section, press Ctrl-C (control-C) in the cansniffer window to stop the network sniffer.

If you’ve closed the car-hacking windows, or if you’ve restarted your Kali VM, you can run the following commands to recreate the vcan0 network and open the icsim dashboard and controls control panel on vcan0:

cd ~/ICSim
sh setup_vcan.sh
./icsim vcan0 &
./controls vcan0 &

Note that by adding the ampersand (&) to the end of the last two commands, you can run both the IC Simulator and CANBus Control Panel from the same terminal window. The ampersand places each command in the “background”, allowing the user to continue working in the command line shell while a process executes.

In a separate terminal window, run the candump tool to log all the traffic on vcan0 to a file:

candump -l vcan0

Note the -l is dash-lowercase-L (not dash-one). The candump -l flag stands for log, or capture the CAN traffic and save it to a file. We still use the vcan0 network interface, because that’s the interface where our dashboard and controller are simulating CAN traffic.

Immediately after starting candump, click back on the CANBus Control Panel window and begin pressing keys to accelerate, activate the turn signals, and lock and unlock doors. After a few seconds of “driving”, click back on the candump terminal window and press Ctrl-C (control-C) to stop the packet capture.

List the contents of the current directory with the ls command, and you’ll see a new file in the format candump-YYYY-MM-DD_time.log, such as:

candump-2018-07-23_083845.log

This log file contains all the packets we just captured. Now it’s time to close the controller window and try the replay attack against our virtual CAN bus.

Replaying the CAN Bus Packets

Close the CANBus Control Panel window. You’ll notice the needle on the virtual speedometer stops “idling”, because the controller was adding the noise and jitter. Right now, the CAN bus is completely quiet. But, we can re-inject the packets we captured above and observe whether the packets will have the same effect on the dashboard as the real controller did. This is a simple, safe replay hack, but we’ll learn how to extend it to try this out on a real automobile.

In the terminal window you were using to run the candump tool, type the following command:

Car dashboard during a replay attack

In this replay attack, we’ve unlocked all four doors while driving 90 MPH with both turn signals on!

canplayer -I candump-2018-07-23_083845.log

The -I flag tells canplayer to use the supplied log file as input. Note that you can start typing the log filename and just press the tab key (type c-a-n and press the Tab key to auto-complete the log file name) instead of typing the long sequence of digits. Also notice that you don’t have to specify which interface to use, vcan0, like you did with all the previous CAN utilities. This is because canplayer will replay the packets on the same interface they were captured on.

After pressing the enter key, you should see the speedometer and other dashboard components do the same thing they did when you captured the packets, as shown to the right. Notice we were able to get both the left and right turn signals on at the same time, and unlock all the doors, while the car was going at over 90 miles per hour!

You’re able to see the same indicators, even though the car is turned “off”—there are no controls active, but you’re changing the dashboard as if the car is actively running.

In fact, if you run canplayer with the CANBus Control Panel still active, the speedometer will jump between its “real” value, determined by the controller app, and the value the canplayer app is replaying onto the virtual CAN bus.

Connecting to a Real Automobile

The OBDLink is an easy-to-use first step into car hacking, for around $29 USD [click here to see it on Amazon].

On a lab computer, this is cool, but just by adding a $20-30 ODB-II to USB cable you can purchase online, like the one shown here, you can plug into your car’s on-board-diagnostic port (or OBD-II port, usually found under the steering wheel near the driver’s side floorboard) and see the results of CAN messages on your Windows, Linux, or Mac computer.

The OBDLink SX is an inexpensive way to start working with your car’s CAN messages through a graphical (GUI) app. To connect to the OBDLink cable shown for the first time, it’s helpful to install the ScanTool software from ScanTool.net (Hobbs, 2015), available as an apt-get package:

sudo apt-get install scantool

Then, run the scantool application by typing the command:

scantool
Scantool software

The ScanTool software gives you a GUI interface to read sensors and diagnostic codes for your car or truck.

You can plug the OBD-II cable into your laptop or computer using the USB adapter end, plug the OBD-II connector into your car’s OBD port under the steering wheel on the driver’s side near the floorboard, and turn on the automobile’s ignition. If you’re using a virtual machine, you’ll need to connect the USB device to your VM in VirtualBox by selecting Devices > USB > ScanTool OBDLink (or similar).

The ScanTool software will connect to automobile’s CAN network to perform tasks like reading diagnostic codes (and resetting them, like your mechanic does when he changes your oil, etc.), reading sensor data (with room for over eight pages of sensors to accommodate most modern vehicles), and more. The Linux version of the ScanTool GUI is shown right.

Real Car Hacking

Tools like OBDLink are an easy way to get started, and you may be able to capture some packets from ttyUSB or usbmon0, but they’re not reliable for performing a replay attack. To perform a real replay attack against your car, you’ll need a true CAN to USB connection.

The cheapest option is CANable, from canable.io, for just about $29 US. It requires you to connect wires directly to the small circuit board, which plugs into a micro-USB connector that you can connect to your Kali Linux box as can0 (instead of virtual CAN vcan0, this is an actual CAN connection, can0).

A better, more durable option is the CANtact CAN-to-USB adapter ($65 on Amazon) plus an OBD-II to 9-pin adapter ($10). For just under $75 (plus a regular USB printer cable you probably already have around the house), you can connect directly from your laptop to your car and record real CAN packets and replay them.

Further Extension: Hacking the Car Hacking Software

One time when I taught this car hacking module in an ethical hacking course, my students asked if they could modify the open-source ICSim software to allow the speedometer to go faster than 90 MPH. ICSim is open-source, so the answer was YES!

Using a simple text editor, running gedit controls.c (any text editor will do, we just chose gedit) to view the controls.c file revealed the following lines of code, in lines 80-83 of the controls.c source code:

#define MAX_SPEED 90.0 // 270.0 is full gauge speed
#define ACCEL_RATE 8.0 // 0-MAX_SPEED in seconds
#define USB_CONTROLLER 0
#define PS3_CONTROLLER 1

Changing the maximum speed of the IC Simulator is as easy as editing the MAX_SPEED constant value to a higher number:

#define MAX_SPEED 300.0 

Most students chose values between 260.0 and 300.0, but some went as high as 1000.0 MPH, causing the speedometer to “wrap” around three times! Save the file, and run make in the ICSim folder:

cd ~/ICSim
make

If the make command is successful, all you have to do is run icsim and controls like we did in the Implementation section, and the accelerator now runs the car to 260 MPH, or beyond!

On some systems (mostly 64-bit), the make command will generate an error due to a bad lib.o file. Fixing this requires a few additional steps that we’ll list here without much explanation, as it’s beyond the scope of this document, but it’s worth adding the fix for those students and researchers interested enough to modify the source code. If your make command failed after editing the controls.c source code, run the following eight commands from a terminal window:

cd ~
git clone https://github.com/linux-can/can-utils
cd can-utils
make
cp lib.o ~/ICSim
cd ~/ICSim
make clean
make

In short, the above steps replace your incompatible lib.o file with a newly compiled version from an updated can-utils built on your computer’s architecture. Now run icsim and controls and you should see the new, updated and improved version of your IC Simulator and CANBus Control Panel apps.

Where to learn more…

Enroll in my course on Udemy!

If you’d like step-by-step videos showing you how to set up the car hacking software, sign up for my Ethical Hacking course for just $10 on Udemy!

I hope you’ve enjoyed learning how to set up free, open-source car-hacking software for instructional or research use. You can also add an inexpensive (under $30USD) physical cable or wireless connector capable of connecting to modern production vehicles through the OBD-II on-board-diagnostic port. To go full car-hacking, you might spend as much as $75, but you’ll be able to do everything to a real-life automobile that you did on the simulator.

If you’d like step-by-step videos of me performing all of the steps above, enroll in my Ethical Hacking course for just $10 on Udemy, 80% off the retail price using the coupon code FRIENDS10.

I’d love to hear from you in the comments below if you use any of the car hacking tools I’ve described above – leave me a note!

Also, let me know if there’s something else you’d like to see here – I’m glad to add more! Sign up for my mailing list, and I’ll even send you my car-hacking manual ebook for free!

Happy car hacking!

 

]]>
http://brysonpayne.com/2018/10/20/start-car-hacking-in-30-minutes-or-less/feed/ 0
Dr. Payne’s TEDx Talk on Teaching Kids to Code http://brysonpayne.com/2018/04/24/bryson-payne-tedx-talk-coding-cyber-new-literacy/ http://brysonpayne.com/2018/04/24/bryson-payne-tedx-talk-coding-cyber-new-literacy/#comments Tue, 24 Apr 2018 20:38:20 +0000 http://brysonpayne.com/?p=1149 Dr. Payne speaks on Coding and Cyber as the New Literacy at TEDx 2018.

Dr. Payne speaks on Coding and Cyber as the New Literacy at TEDx 2018.

Imagine a world with a literacy rate of only 3%.

What if, out of every 100 people, only 3 could read and write?

Right now, in America, there are over 320 million people, yet fewer than 9 million of us, less than 3%, can read and write code – the language of technology.

So, what is code? Coding, or programming, is just telling a computer what to do – code is the same thing as software. Or, if you’re younger than 30, code is what apps are made of. Code is what runs a computer, and computers are everywhere today, in all the coolest gadgets, from 3D printers to drones, from self-driving cars to smartphones, fitbits to roomba’s and more. Software, code is a part of every piece of technology you’ll use at home and at work for the rest of your life.

Almost every job that you want, or that you want your kids to have, is touched by computer software – imagine the advantage you can have if you learn to speak the language of code.

As many as 70 million jobs could disappear in the next 10 years due to automation. On the other hand, there are over 6 million job openings unfilled in the US right now. Over a million of those are good-paying technology jobs, with no qualified applicants. No literate applicants.

And you don’t have to go very far to find these jobs – there are literally thousands of coding and cyber-related jobs right here in Atlanta.

Why are you so valuable if you’re a coder? Because we’re problem solvers who can use technology. Are there problems in the world? A few, right? The world needs problem solvers! Your goal in life should be to solve more problems than you create! Coding gives you the power to solve problems using technology, and the world highly rewards problem solvers…

You might have seen a graphic like this one, from code.org: 

https://code.org/images/cs-stats/Slide5_CS_Education.png

https://code.org/images/cs-stats/Slide5_CS_Education.png

A college graduate earns over half a million dollars more in a lifetime than a high-school graduate. A computer science graduate earns over a million dollars more than a high-school graduate. There’s another stack of gold coins that belongs to the right of this – a cybersecurity professional may be able to earn another half million more than the average IT worker.

And the gap is growing wider. That small stack of coins is a grim picture of what technology illiteracy can look like. But this chart is also an illustration of how important coding is to your future, to your children’s future.

In 1910, fewer than 18% of teenagers went to high school, and in 2010, fewer than 18% of teenagers went to a high school that taught coding.

It only took us 30 years to correct that first problem. As farming jobs disappeared in the early 1900’s, the US invested heavily in secondary education, and by 1940, 3/4 of teenagers went to high school. We need to do the same this century for technology education – by 2025, we need more than 3 out of 4 teenagers to go to a high school that teaches coding and cybersecurity.

As parents, as teachers, as citizens, we can’t wait until 2040.

I’m a computer science professor and a cybersecurity expert. I’ve been teaching coding since 1998. I write books, I record videos, I travel, I speak in high schools, elementary schools, middle schools, conferences. But it’s not enough. How many of you have taken a computer programming class? … see,there are some – that’s good, but it’s not enough. I need your help.

All of you. You can learn to code.

Henry Ford once said “Whether you think you can or think you can’t, you’re right.”

But, if you think you can’t code, you just haven’t tried yet. If you’re in this audience today, or if you’re watching online – you can learn to code starting now.

Some of you may already feel your defenses kicking in – what if I’m not good at it, what if I don’t like it?  What if I just don’t want to be a coder for the next 20 years? My answer might surprise you…

Coding is not the goal. Coding is the gateway.

Coding is not the goal. Coding is the gateway.

In the same way we learn English not just to become authors or journalists, but to be able to communicate with others. And Math doesn’t just help us become accountants or engineers, it helps us solve problems, manage our finances, and make complex decisions.

People who learn to code can become entrepreneurs, innovators who create new platforms to connect people in new ways. You can become an animator, filmmaker, or you could be like two of my former students who’ve worked at both Riot Games and Blizzard Entertainment, building games like League of Legends and World of Warcraft. You can go into IT or cybersecurity, robotics, artificial intelligence or into any other job with extra skills, extra literacy, that can buffer you from some of the rapid changes that are coming.

My mom – and I am so lucky to have my mom here in the audience today! Thank you, mom – I love you – My mom bought me my first computer, a Commodore 64, in 1983 – I believe we have a picture – look how happy I am, and thinking about that computer still makes me smile 35 years later.

I started coding as a teenager, but I have a lot of students who take their first programming class as young adults. They didn’t know that instead of just playing Minecraft all these years, they could have been coding in it!

Let me give you three reasons to start coding now:

#1) Code for you.

It’s not just about the money, although you’ll make a lot… If you go on to learn about cybersecurity, you can protect yourself from cyber criminals and online predators. If you learn how to build web and mobile apps, you can create your own business model like Uber or AirBnB.

You can start by finding a technology that you enjoy. Go to a library and use a 3D printer to print something cool. Buy a programmable drone for under $100.

A lot of people like to start coding with a block-based programming language like Scratch or Blockly – this is the Tickle app, that uses a block-based programming language to tell drones and robots what to do.

The commands look like lego bricks – you pick the blocks that you want the drone to run, and the blocks snap together in the order you decide. When you’re the programmer, you get to choose how things work!

Let’s run this block of code on this actual drone and see what the code does…

Find the apps that are fun or fascinating to you, and try those things first. Even before you understand every line of code, run it, change it, move things around. Learn to code, for yourself first.

#2) Do it for others.

Bring value to your future employer, provide for your family, impact your community. When you learn to protect yourself online, you can better protect your kids and family members from online threats. You can build apps to help people in your hometown: One of my students this semester is building an app for the City of Dahlonega that allows residents to report problems like potholes in the road and street lights that are out. In addition to giving the exact GPS location of problems, it tracks when and how many people have reported an issue, and the problems that get reported by more people get higher priority in being repaired.

You can build a future for your family, and make your neighborhood a better, safer place – that’s the kind of lasting impact you can make when you learn to use technology to solve problems.

#3) Do it for the world.

Charity Water is a global clean water initiative that revolutionized transparency in both the dire need for clean water in poorer countries and in the ability to track where your donation is being used, down to the precise GPS coordinates of the drinking well you sponsor. A web application, code, is helping bring much-needed attention, and relief to people that need it the most.

At my house, my wife is able to track the remaining 3,800 tigers left in the wild through a similar app from an animal rescue organization. The thought of big cats becoming extinct before our kids grow up is heartbreaking to her. If there’s something that breaks your heart, or something that makes you really mad, coding can help you harness the power of technology to reach thousands or even millions of people who care about the same cause, and create a positive chain reaction to make people aware, and get them involved.

If you’re passionate about protecting your country, every branch of the US military now recognizes cyber as a domain equal to land, sea, air and space.

Today, billions of people go online every day, sharing skills and resources, creating new businesses, new charities, new games, new apps, new ways of seeing the world.

4 Billion of the world’s 7-1/2  Billion people have access to the Internet: spies and soldiers, terrorists and activists, hackers, doctors, musicians and bloggers are logging on every day, and it’s all possible because of code.

People say the world is changing – the world has already changed. Don’t get left behind. Step out of your comfort zone, and become literate in the language of technology.

Learn to code. What you do with it from there… is limitless.


Watch the full video of Dr. Payne’s TEDx Talk here: https://www.youtube.com/watch?v=IoEqyswsFvs 

]]>
http://brysonpayne.com/2018/04/24/bryson-payne-tedx-talk-coding-cyber-new-literacy/feed/ 2
Enroll in “Real-World Ethical Hacking” for Just $10! You Get 80% Off (Save $40) by Joining This Week! http://brysonpayne.com/2017/08/29/enroll-in-real-world-ethical-hacking/ http://brysonpayne.com/2017/08/29/enroll-in-real-world-ethical-hacking/#respond Tue, 29 Aug 2017 11:07:04 +0000 http://brysonpayne.com/?p=1115 Students Are Loving “Real-World Ethical Hacking” and “Learn Java the Easy Way”!  

I just learned that both of my new courses, Real-World Ethical Hacking: Hands-on Cybersecurity  and Learn Java the Easy Way: Build Desktop & Android Mobile Apps  are rated in the top 10% of all courses on Udemy! These courses join my best-selling Teach Your Kids to Code (Python)  to give you a complete path from beginning coder to advanced coder to ethical hacker!

To celebrate, you can enroll in all three courses (or share with a friend, so you can learn together) for just $10 each! Just enroll using the coupon code CYBERHERO10 !

Here are some recent 5-star reviews from students:

★★★★★  “Greatest course on Java for the beginner student I have ever seen on Udemy and/or other platforms. Instructor is quick to respond to my questions. Will be looking for any and all course he crafts in the future.”

★★★★★ “This is a great introduction to ethical hacking, as well as working with different hacking tools in order to protect your own network.”

You’ll learn through short, step-by-step videos:

  • Protect yourself from viruses, ransomware, and other attacks by learning the tricks the bad guys use, and how to stop them.
  • Quickly master the hottest new job skills in Windows, Linux and Android hacking & cybersecurity– with over 1 Million job openings 
  • Set up your own safe, FREE virtual network and VM (virtual machine) lab for Ethical Hacking on your desktop or laptop (PC, Mac, and Linux).
  • Learn to fix vulnerabilities, and how to stop 99% of attacks by doing just four things.

You can use the Coupon Code CYBERHERO10 in any of my courses this month!

★★★★★ Join over 25,000 students from 150 countries in my top-ranked and best-selling courses!

Forward this to friends, colleagues, and family members who could become coders and cyber heroes! The $10 price won’t last forever, but once you enroll, it’s yours to keep. And, if you refer a friend and they win the $25 Amazon Gift Card, I’ll give you one, too! Enroll now with the coupon code CYBERHERO10!

I look forward to seeing you in class!

Sincerely,

Dr. Bryson Payne, Computer Science Professor and Author
Teach Your Kids to Code (2015)
Learn Java the Easy Way (2017)
Real-World Ethical Hacking  (2018)

Enroll Online:  Ethical Hacking  |  Python  |  Java

 
Buy both books on Amazon today!

]]>
http://brysonpayne.com/2017/08/29/enroll-in-real-world-ethical-hacking/feed/ 0
UNG cited as a national leader in cyber security education http://brysonpayne.com/2016/05/27/ung-cited-as-a-national-leader-in-cyber-security-education/ http://brysonpayne.com/2016/05/27/ung-cited-as-a-national-leader-in-cyber-security-education/#respond Fri, 27 May 2016 12:47:08 +0000 http://brysonpayne.com/?p=1076 The University of North Georgia is designated by the NSA as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE).

The University of North Georgia is designated by the NSA as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE).

The University of North Georgia (UNG) recently earned designation as a National Center of Academic Excellence in Cyber Defense (CAE-CDE).

The designation is from the Department of Homeland Security (DHS) and the National Security Agency (NSA) who jointly sponsor the National Centers of Academic Excellence (CAE) program. Universities are designated based on their robust degree programs and close alignment to specific cybersecurity-related knowledge units, pilule validated by subject matter experts in the field. CAE graduates help protect national security information systems, prescription commercial networks, and critical information infrastructure in the private and public sectors.

In January, UNG launched the Center for Cyber Operations Education to plan, coordinate and support cyber education in the university’s 30-county service region.

“Our institution is well on its way to becoming a national leader in cybersecurity education,” said Dr. Bonita Jacobs, president of UNG. “Being recognized alongside other elite universities heightens our academic reputation and validates that our cyber education initiatives meet the highest national standards.”

Read the full story at http://ung.edu/news/articles/2016/05/ung-cited-as-a-national-leader-in-cyber-security-education.php

]]>
http://brysonpayne.com/2016/05/27/ung-cited-as-a-national-leader-in-cyber-security-education/feed/ 0
Permanent Coupon Codes for My Udemy Courses – Just $19 Forever! http://brysonpayne.com/2016/03/09/permanent-coupon-codes-for-udemy-courses/ http://brysonpayne.com/2016/03/09/permanent-coupon-codes-for-udemy-courses/#respond Wed, 09 Mar 2016 12:55:39 +0000 http://brysonpayne.com/?p=1057 InstructorDashboardIn the past 8 months, I’ve been honored, humbled, and amazed to have over 8,600 students enroll in my two Udemy courses, “Teach Your Kids to Code” and “Fun with Java”! In the ten months since my book, Teach Your Kids to Code debuted, we’re already in a third printing (over 22,000 copies!), and I’ve spoken in dozens of classrooms, webinars, and conferences and signed books across the U.S. Plus, I’ve been featured in the Wall Street Journal twice, on NPR, on radio and in newspapers nationwide.

To say thank you for all the support my readers, students, and friends have given me throughout this adventure, I’ve set up two permanent coupon codes for my Udemy courses. My book is just ~$19 or so on Amazon, thanks to working with a great publisher, No Starch Press. We were able to keep the cost of the books low even with full-color throughout, to make Teach Your Kids to Code affordable for parents and kids around the world (and now in 3 languages).

I now have students in 129 countries (see my Instructor Dashboard from yesterday, right), thanks to Udemy, and I want to make sure my online video courses are as affordable to students worldwide as my books are, so starting today, the coupon code FOREVER19 will give you full, unlimited access to either “Teach Your Kids to Code” or “Fun with Java” for just $19, forever.

It’s kind of like a Forever stamp here in the U.S. – buy it now, and it’s good forever. I feel the same about learning to code – enroll now, learn Python or Java, or both, and life’s good forever (well, at least you have a great skill that can earn you terrific money for a lifetime).

Udemy has notified instructors that it’s changing its pricing structure next month, and they’ll no longer run $15-$20 or similar sales like they’ve done sporadically in the past. But, I want you to be able to enroll in my courses at a great price, and I want you to be able to share the gift of coding with friends, family members, and people you care about. $19 seems like the perfect price to be able to share the joy of coding in Python or Java at. With over 19 hours of combined video and exercises in the two courses, and new content added every month, it’s a gift that keeps on giving.

I’m grateful for the support, the great feedback, the questions, requests, and all the code snippets and cool apps my students and readers have sent me on this journey so far, and we’re deep into development on the book to accompany the second course, Learn Java the Easy Way“, coming September 2017 from No Starch Press.

Thank you for choosing me as one of your guides on the world-changing path to learning to code.

Let me know if I can help anytime, and happy coding!

BrysonSignatureTransparent

p.s. FOREVER19 really is a permanent coupon, as in forever $19 – if you ever have any trouble enrolling in either course for $19 using this coupon code, comment below, message me in Udemy, tweet to me @brysonpayne, or let me know somehow – I’ll make sure to get you the course at that price as long as there’s Internet.

p.p.s. Here are links to all three, my book on Amazon, the Teach Your Kids to Code on Udemy, and Learn Java Like a Kid on Udemy – just $19 for any one!

Learn Java Like a Kid - just $19 on Udemy, now and forever!

Fun with Java – 12 hours of video for just $19 on Udemy, now and forever!

Teach Your Kids to Code book cover

Teach Your Kids to Code (2015) – by Bryson Payne on Amazon

WebLogoTYKTC

Teach Your Kids to Code, 7.5-hour Video Course at Udemy.com, just $19!

]]>
http://brysonpayne.com/2016/03/09/permanent-coupon-codes-for-udemy-courses/feed/ 0
Coding example apps in Python 2.7 versus Python 3.5 http://brysonpayne.com/2016/01/23/coding-example-apps-in-python-2-7-versus-python-3-5/ http://brysonpayne.com/2016/01/23/coding-example-apps-in-python-2-7-versus-python-3-5/#respond Sat, 23 Jan 2016 15:10:15 +0000 http://brysonpayne.com/?p=1042 Several readers and students have asked about running the example programs from “Teach Your Kids to Code” in IDLE for Python 2.7 (the common default on Mac OS X and Linux computers) – the good news is that there are two relatively easy options:

  1. Upgrade to Python v3 with the terminal commands:
    sudo apt-get install python3

    and

    sudo apt-get install idle3

    (let me know if you’re using a version of Linux that doesn’t work with apt-get, and I’m glad to post a video if it’ll be of help).
    All the examples in the book and the online course for “Teach Your Kids to Code” will work as-written for the newer Python/IDLE 3.
    – OR –

  2. Change just the input() and print() statements in any code examples to raw_input(), and print without the parentheses (the round brackets) for backward compatibility with Python v2.
    Example: Here’s what the YourName.py program from Chapter 1, p. 6 of the book, or Lecture 3 of the Udemy course would look like for Python 2.7:
# YourName.py - for Python 2.7 from p.6 or Lecture 3
# Teach Your Kids to Code
name = raw_input('What is your name?\n')
print 'Hi,', name
Python 2.7 code sample

Just a couple of small changes to your apps can help you code in Python 2.7

The other statements (and almost all turtle examples) should work the same from Python 3 back to Python 2, but the input and print statements changed between versions.
I hope this post this is of help, or message me/reply below if you’d like me to post a video – Python 2 is still used widely in the scientific and other communities (and still ships on new Linux/Mac computers). Enjoy either version of Python, and let me know if I can be of help anytime!

Happy coding!

BrysonSignatureTransparent

]]>
http://brysonpayne.com/2016/01/23/coding-example-apps-in-python-2-7-versus-python-3-5/feed/ 0
Join 6,000 Students in My New Java Course in 2016! http://brysonpayne.com/2016/01/04/join-3000-students-in-my-new-java-course/ http://brysonpayne.com/2016/01/04/join-3000-students-in-my-new-java-course/#respond Mon, 04 Jan 2016 13:05:01 +0000 http://brysonpayne.com/?p=1023 Learn Java Like a Kid

Join over 3,000 students learning Java the quick, fun, and easy way with my new course at https://www.udemy.com/learn-java-like-a-kid/?couponCode=10REASONS

You can celebrate the new year by joining over 6,000 students in my brand new Java programming course, “Learn Java Like a Kid: Build Three Desktop and Mobile Apps!” on Udemy – and, thanks to the Udemy New Year’s Promotion, you can enroll for just $10 by using the coupon code 10REASONS!

I would love to have you as a student in “Learn Java Like a Kid”, the perfect next course to add to your programming skills, and you get 90% off at just $10 through January 31, 2016 with this special offer from Udemy!

Over 12 hours of video in short, 2-10 minute lessons you can watch at your own pace, with full source code downloads so you can get started right away

BubbleDraw

A screenshot from the interactive, multi-touch Android app, BubbleDraw, you’ll learn to program in my new Java course!

You’ll build three complete desktop apps (Guessing Game, Secret Message Encoder, and BubbleDraw), and then develop the same apps for Android mobile devices to extend your Java programming skills (see a screenshot, left)! Learn Java by building quick, easy, fun apps you’ll actually enjoy and be able to share with your friends!

The course went live on New Year’s Eve, was featured in Udemy’s $10 New Year’s promotion, and gained over 2,900 students in the first four days, a new personal record!

Master a powerful new skill in 2016: Programming in Java, one of the highest-paying and most popular programming languages in the world today. Join me in “Learn Java Like a Kid” – you’ll be glad you did!

Happy New Year, and I hope you make the most of 2016!

Bryson

p.s. The Udemy promotion ended Monday, January 11, but I’m leaving the coupon code 10REASONS active for at least another 1,000 students or through January 31, whichever comes first, to give you every reason to sign up to learn Java the fun, quick and easy way. Enroll today!

]]>
http://brysonpayne.com/2016/01/04/join-3000-students-in-my-new-java-course/feed/ 0
Get $30 Off for Back-to-School, Over 2,000 Students Enrolled! http://brysonpayne.com/2015/09/08/back-to-school-30-off/ http://brysonpayne.com/2015/09/08/back-to-school-30-off/#respond Tue, 08 Sep 2015 12:57:16 +0000 http://brysonpayne.com/?p=1011 Special back-to-school pricing for my Udemy course, get $30 off with coupon code BACK2SCHOOL19 !

Special back-to-school pricing for my Udemy course, get $30 off with coupon code BACK2SCHOOL19 !

It’s back-to-school time nationwide, and over 2,000 students have joined my Udemy online course, “Teach Your Kids to Code: Learn to Program Python at Any Age!” in the two months since we launched! To celebrate, you can get the course for just $19, with 7 hours of video in over 100 short, 2-6 minute lectures for learners young and old alike. Use coupon code back2school19 to get this special pricing and join my 5-star rated course by clicking here: https://www.udemy.com/teach-your-kids-to-code/?couponCode=bk2school19

It’s also a great week for my book, Teach Your Kids to Code: A Parent-Friendly Guide to Programming – grab it from Amazon, or pick it up at any Barnes & Noble nationwide. We’re still in the Top 10 Children’s Programming Books on Amazon, and we just got a glowing review from OpenSource.com writer Don Watkins (read it at http://opensource.com/education/15/9/review-bryson-payne-teach-your-kids-code).

I’ve been humbled and so grateful to read the kind words that have been written about both the course and the book – thank you to everyone who’s bought the book and signed up for the course so far, I’m truly thankful for your feedback and reviews. Here are a few recent quotes:

Inspired

“This is an inspiring course taught by an inspired teacher. The examples are well-chosen — demonstrating principles through engaging, colorful projects rather than by teaching abstract principles first.”
-Kent Osband, Udemy student

Outstanding Material and Logical Instruction

“I’ve read books and I’ve taken lots of programming courses over the years, and the one thing that the best teachers have in common is a logical method for teaching the basics before getting into the advanced topics. This course (and its companion book) will get you skilled in Python…”
-James Floyd Kelly, Author, Udemy instructor and student

Excellent path into Python

“Not just for kids…use this course as the perfect Python primer. Clear examples, that build quickly into programs, leading to learning challenges. Bryson’s delivery is well paced and good fun.”
-Sean Jon Darcy, Udemy student

…A book that invites everyone who sincerely wants to learn to code

“I have read a number of introductory texts about Python that were intended to make it seem easy to master, but this book simplifies that process while at the same time providing everyone with wonderful designs that invite the learner to experiment with iterations of the code snippets. At the end of each chapter, there are programming challenges that encourage the student to apply the skills learned in that chapter.”
-Don Watkins, writer, educator and OpenSource.com contributor

]]>
http://brysonpayne.com/2015/09/08/back-to-school-30-off/feed/ 0
Join My FREE O’Reilly Webcast Tomorrow (8/13 1pm ET/10am PT): “Teach Your Kids to Code” http://brysonpayne.com/2015/08/12/join-my-free-oreilly-webcast-tomorrow-813-1pm-et10am-pt-teach-your-kids-to-code/ http://brysonpayne.com/2015/08/12/join-my-free-oreilly-webcast-tomorrow-813-1pm-et10am-pt-teach-your-kids-to-code/#respond Wed, 12 Aug 2015 11:45:52 +0000 http://brysonpayne.com/?p=1003 Register for my FREE O'Reilly Webcast, TOMORROW (Thu, 8/13) from 1-2ET (10-11PT).

Register for my FREE O’Reilly Webcast, TOMORROW (Thu, 8/13) from 1-2ET (10-11PT).

There’s still time! Register now for my FREE O’Reilly Webinar, “Teach Your Kids to Code: Basic concepts with Turtle graphics in Python”, LIVE tomorrow, Thursday, August 13, 2015, from 10-11am Pacific Time (1-2pm Eastern).

You can register for free at http://www.oreilly.com/pub/e/3422 – I’ll be demonstrating how you can teach (and learn) basic programming concepts likes variables, loops and functions using Turtle graphics in Python, with examples straight from my book and Udemy course, with a few bonuses added in.

Turtle graphics have been teaching kids basic coding concepts since the late 1960’s. The Turtle module in Python carries the turtle tradition into the 21st century and makes turtle programming easy and accessible on Windows, Mac, Linux and more.

Turtle graphics in Python are a great way to introduce kids to coding, staring with short programs of just five to ten lines of code that draw beautiful, colorful shapes that kids can create and modify as they learn. I’ll be sharing some of the turtle basics I began teaching my own sons when they were two and four years old, all the way through fully interactive elements I teach in freshman-level college courses.

In this webcast, you will learn:

  • How to code turtle graphics in Python
  • How to engage children from pre-K through college with short, interactive, visual programs for every age level
  • How to build on more advanced programming concepts using turtle graphics as a foundation

Register at http://www.oreilly.com/pub/e/3422, then tune in LIVE tomorrow from 1-2 Eastern (10-11 am Pacific)! Happy coding!

]]>
http://brysonpayne.com/2015/08/12/join-my-free-oreilly-webcast-tomorrow-813-1pm-et10am-pt-teach-your-kids-to-code/feed/ 0
Over 1,100 Students Enrolled in “Teach Your Kids to Code” Course Online! http://brysonpayne.com/2015/08/09/over-1100-students-enrolled/ http://brysonpayne.com/2015/08/09/over-1100-students-enrolled/#respond Sun, 09 Aug 2015 22:12:06 +0000 http://brysonpayne.com/?p=998 Join over 1,100 students and growing in "Teach Your Kids to Code" on Udemy!

Join over 1,100 students and growing in my Udemy course, “Teach Your Kids to Code”!

We launched “Teach Your Kids to Code” as a Udemy online course in mid-July, and over 1,100 students have enrolled in less than a month! If you’re one of my students, thank you for taking the course – if you haven’t signed up yet, you can still use the coupon code FRIENDS27 to get $30 off and start coding today for just $27 (the original coupon code has expired, but FRIENDS27 will work from now on). Over six hours of total content, in short, easy two-to-six-minute videos will have kids and adults age 5 to 95 coding in minutes!

This week is also my FREE O’Reilly Media Webcast, “Teach Your Kids to Code: Basic concepts with Turtle graphics in Python” on Thursday, August 13 from 1-2pm ET (10-11am PT). You can register for free at http://www.oreilly.com/pub/e/3422 – I’ll be demonstrating how you can teach (and learn) basic programming concepts likes variables, loops and functions using Turtle graphics in Python, with examples straight from my book and Udemy course, with a few bonuses added in.

The book is back up in the Top 5 Children’s Programming Books on Amazon this week – we’ve stayed in and around the top 10 since its release in May, but the O’Reilly webcast buzz has pushed us as high as #3 the last few days.

Alex just filmed a video (the 100th lesson in the Udemy course) with me this past week, right before he and Max started back to school. Max says he’s willing to do a video next month, so we’ll keep adding to the Udemy course and keep spreading the word about teaching kids to code!

It’s an awesome time in the Payne household! Hope you and your family are doing well, and happy coding!

]]>
http://brysonpayne.com/2015/08/09/over-1100-students-enrolled/feed/ 0