Home › Items tagged with security-hacks

• I posted to hackaday.com

  Thwart robbers with an old smoke alarm.

  http://hackaday.com/2010/02/28/thwart-robbers-with-an-old-smoke-alarm/

  

  [Anders] tipped us off about his hack that re-purposes a smoke alarm as a burglar alarm. Unfortunately, he came home in the middle of a burglary but wanted to be ready the next time someone tries to break in. By cleverly patching into the test button on an old smoke detector he created a circuit-trip alarm. One side of each piece of wire is secured to the frame and jam of a window. A paper clip completes the circuit by pinching the two bare conductors. If the window is opened the connection is lost and the alarm sounds.

  We see a few problems with this system. First off, never hack your ONLY smoke detector, you are putting lives at risk by doing so. But [Anders] says he’ll have a replacement detector and since these things need to be replace every ten years or so, chances are you can find an old one kicking around. We’d recommend disguising the case so that people aren’t confused about it being a smoke detector. Secondly, he’s mounted the alarm right in the window frame so most likely an invader will just smash the thing to bits.

  Anyway, it’s still an interesting reuse of these ubiquitous, and life-saving, devices.

  
  
  • Tags:
  • security hacks
  • burglar alarm
  • fire alarm
  • smoke detector

  February 28 2010, 8:26am | More »

• I posted to hackaday.com

  More cellphone controlled door locks

  http://hackaday.com/2010/02/23/more-cellphone-controlled-door-locks/

  
  

  

  [Tom Lee] and his colleagues just moved to a new office. The doors are setup like a security checkpoint with electronic strikes and buttons on the inside to allow entry. The button simply completes a low-voltage circuit, activating the strike which made it quite easy to patch into. They build an interface board with a small relay to complete that circuit. As we’ve seen before, Linksys routers have plenty of extra room in the case so there was no problem housing the new circuit in this tiny network device. Now [Nicko] and his friends can use a custom app to input an access code or to verify a device ID from a cell phone and gain entry. The door still has keyed locks in case of a power outage. In fact, the only change made to the system was the addition of two wires to the “door release” button as seen above. See the one-touch device ID authentication in the video after the break.

  This hack is similar to the GSM door entry from last year. In this case, the phones are communicating with the door via web interface and not the GSM network.

  

  [Thanks Nicko Margolies]

  
  • Tags:
  • cellphones hacks
  • security hacks
  • lock
  • wrt54g

  February 23 2010, 4:00pm | More »

• I posted to hackaday.com

  Chip and pin broken and other security threats

  http://hackaday.com/2010/02/12/chip-and-pin-broken-and-other-security-threats/

  
  

  

  Another exploit has been found in the Chip and PIN system.  The exploit is a man-in-the middle attack that wouldn’t take too much know-how to pull off. You can watch the BBC report on the issue or check out the paper (PDF) published by the team that found the vulnerability. A stolen card resides in a reader that connects to a dummy card via a small cable. When the dummy card is inserted into a card reader, any PIN can be used to complete the transaction. The chip on the original card gets confirmation that the sale was completed via signature and the vendor’s card reader gets confirmation that the pin was correct. The UK based Chip and PIN system seems like a great idea, but it has had its share of security loopholes. This makes us wonder how hard it is to roll out security patches to the hardware readers in the system.  Obviously this needs to be patch but does it take a technician visiting each terminal to flash an upgrade?

  Switching to the topic of wide-scale attacks, we caught the NPR interview with [James Lewis] on Wednesday when they discussed the growing threat of Cyberterroism. He feels an attack on the US electrical grid is currently the biggest threat and will happen in the next ten years. Obviously taking the grid down would endanger lives and bring things to a standstill; traffic lights, refrigeration, heat, etc. We’re just glad that when asked if he thinks there is already malicious code residing in the control system, he doesn’t think that’s the case.

  [Thanks to Whatsisface and Mcinnes]

  
  • Tags:
  • security hacks
  • security
  • HackIt
  • cyberterroism
  • man-in-the-middle
  • pin and chip

  February 12 2010, 11:56am | More »

• I posted to hackaday.com

  TPM crytography cracked

  http://hackaday.com/2010/02/09/tpm-crytography-cracked/

  
  

  

  Trusted Platform Module based cryptography protects your secrets as well as your government’s secrets.  Well, it used to. [Christopher Tarnovsky] figured out how to defeat the hardware by spying on its communications. This requires physical access so it’s not quite as bad as it sounds, but this does reach beyond TPM to many of the security chips made by Infineon.  This includes peripheral security chips for Xbox 360 and some chips used in cell phones and satellite TV.

  [Christopher] revealed his hack during his presentation at Black Hat 2010. The method is wicked-hard, involving removal of the chip’s case and top layer, then tapping into a data bus to get at unencrypted data. The chip still has some tricks up its sleeve and includes firmware traps that keep a look out for this type of attack, shutting down if it’s detected. Infineon commented that they knew this was possible but regard it as a low threat due to the high skill level necessary for success.

  [Thanks Greg]

  
  • Tags:
  • security hacks
  • Cryptography
  • encrypted
  • Christopher Tarnovsky
  • Infineon
  • TPM
  • Trusted Platform Module

  February 9 2010, 12:25pm | More »

• I posted to hackaday.com

  PS3 exploit released

  http://hackaday.com/2010/01/27/ps3-exploit-released/

  
  

  

  You can now download the exploit package for the PlayStation 3. [Geohot] just posted the code you need to pull off the exploit we told you about on Sunday, making it available on a “silver platter” with just a bit of explanation on how it works. He’s located a critical portion of the memory to attack. By allocating it, pointing a whole bunch of code at those addresses, then deallocating it he causes many calls to invalid addresses. At the same time as those invalid calls he “glitches” the memory bus using a button on his FPGA board to hold it low for 40ns. This trips up the hypervisor security and somehow allows read/write access to that section of memory. Gentleman and Ladies, start your hacking. We wish you the best of luck!

  [Thanks Phileas]

  
  • Tags:
  • security hacks
  • playstation hacks
  • hack
  • playstation 3
  • memory
  • exploit

  January 27 2010, 8:37am | More »

• I posted to hackaday.com

  Coded entry using your wristwatch

  http://hackaday.com/2010/01/21/coded-entry-using-your-wristwatch/

  
  

  

  [Ziyan] and [Zach] built a door entry system that uses a code entered from your wristwatch. They’re using the TI eZ-430 Chronos that we saw in November. There is a project box mounted over the deadbolt lever. Inside, the wireless fob waits for the watch to connect. When a watch has connected and the correct code is received (using 128 bit encryption) the fob actuates a servo to turn the lock. On the user side of things the code is entered by tapping the watch. The built-in accelerometer picks up these taps and relays them to the door unit.

  It’s a heck of a project! Check out their demonstration video after the break. We’d like to see a mechanical option for escaping the apartment in case the door unit fails but otherwise we think this is perfectly executed. We’re looking forward to seeing more projects that tap into this TI hardware.

  

  
  • Tags:
  • home hacks
  • security hacks
  • lock
  • ti
  • door
  • watch
  • wristwatch
  • ez-430

  January 21 2010, 11:00am | More »

• I posted to hackaday.com

  Buzzle: a morse code puzzle box

  http://hackaday.com/2010/01/21/buzzle-a-morse-code-puzzle-box/

  
  

  

  [lucasfragomeni] built the Buzzle after being inspired by the reverse geocache puzzle. The Buzzle was built as a gift to a friend. It’s a tricky gift too. His friend can’t open it until he decodes the words being displayed in morse code via an LED. A word is chosen at random, so you would have to decode it each time you want to open the box. That’s a pretty neat security feature. Sure it’s not the most secure, but it would keep casual peepers out. Unfortunately, the box was empty when his friend received it.

  
  • Tags:
  • home hacks
  • security hacks
  • arduino
  • morse
  • arduino hacks
  • puzzle

  January 21 2010, 9:00am | More »

• I posted to hackaday.com

  NES console to cartridge security in depth

  http://hackaday.com/2010/01/20/nes-console-to-cartridge-security-in-depth/

  
  

  

  [Segher] has reverse engineered the hardware and command set for the NES CIC chips. These chips make up the security hardware that validates a cartridge to make sure it has been licensed by Nintendo. Only after authentication will the console’s CIC chip stop reseting the hardware at 1 Hz. The was no hardware information available for these chips (go figure) so [Segher] had to do some sleuthing with the tools at hand which include some rom dumps from the chip pairs. He was nice enough to share his findings with us. We’re betting they’re not of much use to you but we found it an interesting read.

  [Thank ppcasm]

  [Photo credit: Breaking Eggs and Making Omelets]

  
  • Tags:
  • security hacks
  • snes
  • security
  • nintendo
  • nes
  • nintendo hacks
  • rom
  • cic

  January 20 2010, 2:43pm | More »

• I posted to hackaday.com

  Russian billboard includes a “happy ending”

  http://hackaday.com/2010/01/16/russian-billboard-includes-a-happy-ending/

  
  

  

  It seems someone hacked into one of LED billboards and added porn video clips to the rotation of advertisements. We caught a glimpse before YouTube yanked it. We’ve pixelated the shot above which already had some blackbox censorship from the OP but we assure you, it was hardcore porn.

  The 9-by-6 meter billboard is in downtown Moscow. The AP is reporting that this caused something of a traffic jam and shocked passersby. We’ve seen porn before, but have to admit that even knowing what to expect in the video it was a bit shocking for us to see cars driving by a giant sex scene. This is certainly much more of a distraction than leaving cleaver messages on the side of the road.

  Does anyone know what technology is used to update these billboards? We’re curios as to whether physical access to the unit is necessary for this kind of attack. Leave you insights in the comments.

  [Thanks Sean]

  
  • Tags:
  • security hacks
  • traffic
  • billboard
  • moscow
  • porn
  • pornography

  January 16 2010, 3:00pm | More »

• I posted to hackaday.com

  Start the car with a wave of your hand

  http://hackaday.com/2010/01/14/start-the-car-with-a-wave-of-your-hand/

  
  

  

  [Jair2K4] likes his RFID almost as much as he likes his chaw. Ever since his car was stolen he’s had to start it using a screwdriver. Obviously this is not a good way to leave things so he decided to convert his starter to read an RFID tag. He installed an RFID transponder he picked up on eBay, wiring it to the ignition switch. He’s removed the clutch-check sensor and wired a rocker switch to enable the RFID reader. We presume the rocker switch will eventually be used to shut the car off as well.

  While most would have purchased a key-chain RFID tag, [Jair2k4] went far beyond that and had the tag implanted in his hand. This is an honor usually reserved for pets and until he adds RFID functionality to the door locks maybe a key fob would have been a better answer. But, to each his own. See his short demonstration video after the break.

  

  
  • Tags:
  • security hacks
  • rfid
  • transportation hacks
  • car
  • tag
  • ignition

  January 14 2010, 2:00pm | More »

• I posted to hackaday.com

  Kodak digital frame vulnerability

  http://hackaday.com/2010/01/11/kodak-digital-frame-vulnerability/

  
  

  

  Kodak managed to release a product with a big fat security vulnerability. [Casey] figured out that the Kodak W820 WiFi capable digital frame can be hijacked for dubious purposes. The frame can add Internet content as widgets; things like Facebook status, tweets, and pictures. The problem is that the widgets are based on a feed from a website that was publicly accessible. The only difference in the different feed addresses is the last two characters of the frame’s MAC address. Feeds that are already setup can be viewed, but by brute-forcing the RSS link an attacker can take control of the feeds that haven’t been set up yet and preload them with photos you might not want to see when you boot up your factory-fresh frame.

  It seems the hole has been closed now, but that doesn’t diminish the delight we get from reading about this foible. There’s a pretty interesting discussion going on in the thread running at Slashdot.

  [Photo credit]

  
  • Tags:
  • security hacks
  • digital
  • frame
  • vulnerability
  • kodak

  January 11 2010, 1:00pm | More »

• I posted to hackaday.com

  Spy on your office

  http://hackaday.com/2010/01/07/spy-on-your-office/

  
  

  

  [Garagedeveloper] sent us his custom surveillance system, part 1, part 2, and part 3 after needing a way to find out why some cables at work were becoming unplugged (spoiler, the cleaners were messing up the wiring). At the base of the system is a web cam glued to a stepper motor. However, it gets much more in depth with a web front-end that allows the user to stream the feed and control the position of the stepper. We’re not particularly fond of how many different parts the project takes, while it all could be accomplished under C# with ASP.NET and parallel port library instead of including Arduino and excess code, but to each their own and the project turned out a success anyway.

  
  • Tags:
  • security hacks
  • arduino
  • arduino hacks
  • stepper motor
  • c++
  • web front end

  January 7 2010, 2:00pm | More »

• I posted to hackaday.com

  Arduino security with frickin’ laser

  http://hackaday.com/2010/01/03/arduino-security-with-frickin-laser/

  
  

  

  [over9k] used his Arduino to set up a laser trip wire. The laser is mounted along side the Arduino, reflects off of a mirror, and shines on a photoresistor that interfaces via a voltage divider. The signal from the voltage divider is monitored for a change when the laser beam is broken. [over9k] set things up so that a webcam snaps a picture of the intruder and Twitters the event for easy notification. Video after the break walks through each of these steps.

  This build is a bit rough around the edges but unlike other laser trip wires this keeps all the electronics in one place. The laser interface could be a bit more eloquent, and we’re wondering just how much current it is pulling off of the Arduino pins. But if you’re bored and have this stuff on hand it will be fun to play around with it.

  
  • Tags:
  • security hacks
  • webcam
  • security
  • laser
  • twitter
  • laser hacks
  • arduino hacks
  • trip wire

  January 3 2010, 10:00am | More »

• I posted to hackaday.com

  GSM Cracked

  http://hackaday.com/2009/12/30/gsm-cracked/

  
  

  

  [Karsten Nohl], with a group of security researchers has broken the A5/1 Stream Cipher behind GSM. Their project web site discusses their work and provides slides(pdf) presented at 26C3. A5/1 has had known vulnerabilities for some time now and is scheduled to be phased out for the newer KASUMI or A5/3 block cipher. This should be an interesting time in the cell phone business.

  Thanks to [Tyco] and [MashupMark] for pointing us to this story.

  http://online.wsj.com/article/SB10001424052748703510304574626451948722542.html?mod=rss_Today%27s_Most_Popular

  
  • Tags:
  • cellphones hacks
  • news
  • security hacks
  • wireless hacks
  • security
  • gsm
  • cell phone
  • A5/1
  • Cipher

  December 30 2009, 12:00pm | More »

• I posted to hackaday.com

  Bluetooth based Psuedorandom Number Generation

  http://hackaday.com/2009/12/19/bluetooth-based-psuedorandom-number-generation/

  
  

  

  [MS3FGX] has done an interesting study about using Bluetooth adapters as a source for Psuedorandom Number Generation (PRNG). As it turns out, the Bluez package has a function that calls a remote Bluetooth adapter to return a random number. He picked up 10 compatible adapters for about $30 from DealExtreme and set about assembling some numbers to see how this compares to an OS-based PRNG.

  Because millions of samples are needed for an accurate comparison, time became a problem. The adapters are a little bit slow responding to a request, sending just 4800 numbers in the first 30-second test. This can be overcome with multiple adapters being accessed by multiple computers for hours at a time. What can this be used for? Your guess is as good as ours, but [MS3FGX] has done a great job of writing up his tests. He’s also made a set of 20.7 million randomly generated values available if you want to generate your own statistical analysis.

  
  • Tags:
  • random
  • security hacks
  • bluetooth
  • DealExtreme
  • prng

  December 19 2009, 2:27pm | More »

• I posted to hackaday.com

  How to root a Nook

  http://hackaday.com/2009/12/17/how-to-root-a-nook/

  
  

  

  Here’s the latest in rooted consumer devices, nookdevs.com has rooted the Barnes & Noble Nook eBook reader. The process is extremely easy, as the operating system is stored on a 2GB SD card inside the device. In fact, once you have the case open the hard part is over. From there, the card should be backed up for safe keeping. Now mount the card, enable the Android Debug Bridge and reassemble. The Android SDK can then be used to log into a shell on the Nook wirelessly.

  We’re not sure there’s much that can be done past this point yet. It’s up to you to get Doom running!

  
  • Tags:
  • android
  • security hacks
  • handhelds hacks
  • root
  • Barnes & Noble
  • Nook
  • sdk

  December 17 2009, 12:08pm | More »

• I posted to hackaday.com

  GSM enabled security door

  http://hackaday.com/2009/11/28/gsm-enabled-security-door/

  
  

  

  The security door at the front of [Oliver's] building uses an intercom system to let in guests remotely. Each unit has an intercom handset with a button that unlocks the door. [Oliver] wanted a way to enter without carrying any extra items so he built a system to unlock the door with his cell phone.

  He patched into the intercom and attached a GSM module. The module runs python so he wrote a script that will monitor the entryway buzzer, then wait for an approved cell phone connection to unlock it. He went through a couple of different iterations for the final project. The first attempt used XBee modules to communicate between the intercom handset and the GSM module. For the final version, he snaked cable through his wall using rare-earth magnets (creative!) in order to forgo the use of a battery in the handset.

  Who doesn’t carry a cell phone with them?  Because of this, the use of GSM modules in automation is a trend we think will continue to gain popularity.

  
  • Tags:
  • cellphones hacks
  • security hacks
  • lock
  • security
  • gsm
  • xbee

  November 28 2009, 1:31pm | More »

• I posted to hackaday.com

  Recover borked HDD after Xbox 360 ban

  http://hackaday.com/2009/11/25/recover-borked-hdd-after-xbox-360-ban/

  
  

  

  [Incudie] tipped us off about a method to fix a borked HDD in your Xbox 360. Many of the one million consoles banned earlier in the month also had the hard disks scrambled making off-line gaming impossible as well. It turns out that this is caused by having a ban flag in the NAND chip on the motherboard. It has been discovered that because of wear levelling, the NAND will have two copies of the “secdata.bin” file which stores the ban flag. Please note, this will NOT allow the console to use Xbox Live, it just re-enables the HDD.

  The quick and dirty of the fix is as follows: First the NAND is dumped from your Xbox 360 to a computer. After verifying the file, it can be opened in a HEX editor and the two copies of “secdata.bin” located. Once identified by date, the older version is injected on top of the newer to overwrite the ban flag.

  Looks like this is not for the faint of heart, but if you got banned for modding in the first place this should be easy to pull off.

  
  • Tags:
  • security hacks
  • xbox hacks
  • hdd
  • xbox 360
  • hex
  • ban
  • banned

  November 25 2009, 2:20pm | More »

• I posted to hackaday.com

  Knock detecting lock

  http://hackaday.com/2009/11/04/knock-detecting-lock/

  
  

  

  [Steve] shows us his version of the knock detecting lock system. The idea is pretty simple, knock in a certain pattern and the door unlocks. We’ve seen it before several times. This solution is somewhat cleaner than the others, not only in physical design, but also in how you reprogram it. Simply push the reprogram button and enter your new knock. We’re a bit surprised that the suction cups actually hold it on the door. Maybe it’s just us, but we can never seem to get those things to hold very well. There are lots of great pictures as well as the source code available on his site.

  [via HacknMod]

  
  • Tags:
  • security hacks
  • arduino
  • lock
  • arduino hacks
  • knock

  November 4 2009, 9:00am | More »

• I posted to hackaday.com

  freeBOOT gives the Xbox 360 JTAG hack new life

  http://hackaday.com/2009/10/20/freeboot-gives-the-xbox-360-jtag-hack-new-life/

  
  

  

  There has been another development in the never-ending battle that is Microsoft trying to keep its gaming system closed to unauthorized use. Xbox-scene reports that a new hack called freeBOOT v0.01 allows the Xbox 360 to upgrade to the newer kernels, but allows the option of rebooting to an older kernel in order use the JTAG exploit and gain access to the hardware.

  In case you missed it, the JTAG hack is a way to run homebrew code on an Xbox 360. Exploiting this hack makes it possible to boot a Linux kernel in about five seconds. We’ve long been fans of the homebrew work done with XBMC on the original Xbox and hope that advances like this will lead to that end. We want this because the older hardware cannot handle high definition content at full resolution but the Xbox 360 certainly can.

  This exploit is still far from perfect. It currently requires that the Cygnos360 mod chip be installed on the system. A resistor also needs to be removed from the board to prevent accidental kernel updating. That being said, this is still progress. If you’re interested in step-by-step details, take a look at the text file instructions provided.

  [Thanks wdfowty]

  
  • Tags:
  • security hacks
  • microsoft
  • xbox 360
  • jtag
  • exploit
  • cygnos360
  • freeBoot
  • mod chip

  October 20 2009, 3:00pm | More »

• I posted to hackaday.com

  Two-factor authentication using a hardware token

  http://hackaday.com/2009/10/20/two-factor-authentication-using-a-hardware-token/

  
  

  

  We ran into a friend a while back who was logging into her employer’s Virtual Private Network on the weekend. She caught our attention by whipping out her keys and typing in some information from a key-fob. It turns out that her work uses an additional layer of protection for logging into the network. They have implemented a username, pin number, as well as a hardware token system called SecurID.

  The hardware consists of a key-fob with an LCD screen on it.  A code is displayed on the screen and changes frequently, usually every 60 seconds. The device is generating keys based on a 128-bit encryption seed. When this number is fed to a server that has a copy of that seed, it is used as an additional verification to the other login data.

  This seems like a tech trickle-down of the code generating device from GoldenEye. It does get us thinking: with the problems free email services have been having with account theft, why aren’t they offering a fee-based service that includes a security fob? With the right pricing structure this could be a nice stream of income for the provider. We’re also wondering if this can be implemented with a microcontroller and used in our home network. As always, leave comments below and let us know if you’ve already built your own system using these principles.

  
  • Tags:
  • security hacks
  • key
  • vpn
  • encrypted
  • SecurID

  October 20 2009, 10:21am | More »

• I posted to hackaday.com

  POV fan EEPROM hack

  http://hackaday.com/2009/10/09/pov-fan-eeprom-hack/

  
  

  

  Hacking with Gum got their hands on one of the persistence of vision display fans that Cenzic was giving away at Blackhat this year. It’s not the biggest fan-based POV display we’ve seen but it’s still a fun device to tinker with. They hacked into the EEPROM on the device in order to change the message the fan displayed.

  This is very similar to the other EEPROM reading/writing we’ve seen recently. Hacking with Gum read the data off of the EEPROM and then disassembled it to discover how the message data is stored on the chip. This was made easier by noting the messages displayed when the fan is running. The first byte of data shows the number of words in the message, then each chunk of word data is preceded by one byte that represents the number of letters in that work. Data length was calculated based on the number of pixels in each display character. Once he knew the data-storage scheme, it was just a matter of formatting his own messages in the same way and overwriting the chip.

  This is a great write-up if you’re looking for a primer on reverse engineering an unknown hardware system. If you had fun trying out our barcode challenges perhaps deciphering EEPROM data from a simple device should be your next quest.

  [Thanks James]

  
  • Tags:
  • security hacks
  • POV
  • barcode
  • persistence of vision
  • blackhat
  • eeprom
  • fan
  • led hacks
  • challenge
  • cenzic
  • swag

  October 9 2009, 3:00pm | More »

• I posted to hackaday.com

  Safelock: biometric typing security

  http://hackaday.com/2009/10/09/safelock-biometric-typing-security/

  
  

  

  We’ve seen some ways to bypass biometric security measures but here’s a new offering that we think will be hard to fool. The Safelock system is used in conjunction with a password to identify a specific user. This software records your typing style including the time between keystrokes, the time keys are held, and key pressure data. This information is then normalized and compared to the information stored about the user when the password was originally set. If you don’t fall within specifications that match the stored data, you won’t get in even with the right password.

  The icing on the cake is that Safelock will look for malicious users. If you enter the wrong password, it will begin to record and analyze your typing style. If you make enough incorrect attempts you will be labeled as a security threat and locked out of the system altogether. We can only think of one reliable way to circumvent this and that’s using a man-in-the-middle method of recording the keyboard inputs of the legitimate user for playback later.

  This is an innovative user identification system and we’re not the only ones that think so. [Jeff Allen] and [John Howard], students at SMU won first prize for the Student Innovation Contest at the 2009 User Interface Software and Technology Symposium.

  
  • Tags:
  • peripherals hacks
  • security hacks
  • password
  • biometrics
  • safelock
  • smu
  • uist

  October 9 2009, 2:00pm | More »

• I posted to hackaday.com

  Adding a keypad to a key card lock

  http://hackaday.com/2009/10/09/adding-a-keypad-to-a-key-card-lock/

  
  

  

  [Colin Merkel] had a little problem: he was continually forgetting his electronic key card, locking himself out of his own dorm room. Like any normal Hack a Day reader, rather than getting in the habit of always carrying his card, the natural impulse of course is to build this elaborate rig of electronics and duct tape. Right?

  The result is an additional keypad that can be used to gain access…not by altering the existing electronic lock, but with a secondary mechanism that operates the inside door handle. An 8-bit PIC microcontroller scans the outside keypad (connected by a thin ribbon cable), and when a correct access code is entered, engages a 12 volt DC motor to turn the handle. It’s a great little writeup that includes a parts list, source code, and explains the process of keypad scanning.

  It’s similar to the RFID-based dorm hack we previously posted. By physically operating the handle, most any approach could be used: facial recognition, other biometrics, DDR pad, or whatever inspired lunacy you can dream up.

  
  • Tags:
  • security hacks
  • lock
  • pic
  • duct tape
  • door
  • microchip
  • keypad
  • classic hacks
  • pic16

  October 9 2009, 10:00am | More »

• I posted to hackaday.com

  Robot security patrol brings Skynet closer

  http://hackaday.com/2009/10/06/atv-brings-skynet-closer/

  
  

  

  The students at the University of Oklahoma have put together a robot that will surely join the other drones in our future robot overlord regime. This autonomous vehicle was produced to replace human security patrols which can be both boring and dangerous. Intent on delivering surveillance to most locations, an all terrain vehicle was used as the base. It can navigate by itself through an obstacle avoidance system and communicate video and audio wirelessly. After the break we’ll take a look at the systems that make this work.

  

  The team implemented steering controls by mounting a geared motor to the front of the ATV. This steering motor interfaces with a gear they added to the steering column via a chain. Obstacle avoidance is facilitated by sonar sensors on the front and sides of the chassis. These sensors can detect ground level obstacles such as curbs.

  

  The vehicle uses both pre-programmed as well as sensor-based behavior. To start, the patrol route is fed into the program. Once unleashed, the bot uses a combination of this data, as well as input from a GPS module, digital compass, and the range finders to complete its mission. All of these components are tied together by the onboard Toughbook in conjunction with a 16-bit microcontroller. A wireless router provides connectivity for transferring data as well as remote joystick based control if needed.

  

  Project developers [Fares Beainy] and [Sesh Commuri] sent us their paper detailing the project (PDF). The readily available, inexpensive hardware used to complete this bot says a lot about how far we have come with technology. It shouldn’t be too much longer before this type of hardware shows up in your town sweeping the streets for criminal scum (or humans recently escaped from the processing facility).

  
  • Tags:
  • security hacks
  • robots hacks
  • autonomous
  • robot
  • atv
  • drone
  • abomination
  • overlord
  • surveillance
  • terminator

  October 6 2009, 11:00am | More »

• I posted to hackaday.com

  Garage door… packet sniffer

  http://hackaday.com/2009/10/03/garage-door-packet-sniffer/

  
  

  

  Some type of logger or sniffer exists for almost every form of electronic communication. Your keystrokes, phone conversations, and wireless networks could all be monitored. In this awesome proof-of-concept project, [James] expanded that array to include garage door openers. After receiving a piece of chain mail which stated that criminals have the technology to record any remote code and play it back, [James] wondered if he could build such a device that would work on at least his opener model.

  

  [James] started off with a trip to the hardware store. He was unable to find both a transceiver that worked on the frequency of his remote control (308MHz clocked MAX7042 chip), so at least for this incarnation (he plans to build another one that is capable of replaying a captured signal), only a receiver was implemented. The receiver was connected to a logic analyzer in order to determine its protocol. Since the signal coming from the receiver was very low, [James] had to amplify it  through a buffer before it could be detected.

  

  An ATtiny26 and a 4 line x 20 character backlit LCD were used to interpret and display info from the receiver. [James] built the sniffer around a custom PCB (though he ran into a few layout errors that he had to fix post-production). All of the firmware was written in C. It is fairly straightforward, but takes up 98% of the microcontroller’s memory. The program is designed to monitor pin change interrupts and timers to filter out invalid codes as well as noise. Any info (the door codes that have been sniffed) is displayed through a 4-bit interface on the LCD, for easy recording. With the codes, one can configure another garage remote to open the door. If you have any suggestions for V2, We’re sure [James] will be reading the comments.

  

  Update: The code and PCB files (with the error) are available through one of the following mirrors:
  filesavr.com/codegrabber
  filefactory.com/file/a0eb0gg/n/code_grabber_zip
  filedropper.com/codegrabber_1
  mediafire.com/?sharekey=7c4692dd4f3ad2c36e7203eb87368129e04e75f6e8ebb871

  
  • Tags:
  • home hacks
  • attiny
  • security hacks
  • remote
  • sniffer
  • garage

  October 3 2009, 3:00pm | More »

• I posted to hackaday.com

  See through walls via wireless network

  http://hackaday.com/2009/10/01/see-through-walls-via-wireless-network/

  
  

  

  Researchers at the University of Utah have been able to detect movement in a room based on variations in wireless signals. Accurate to about a meter, they are using a 34 node wireless network to do their sensing.  As a person moves, they change the signals, and can therefore be detected. They state one possible application being rescue workers deploying multiple wireless nodes around a building to find people located inside.

  [via Gizmodo]

  
  • Tags:
  • security hacks
  • wireless
  • wireless hacks
  • snooping
  • xray

  October 1 2009, 1:46pm | More »

• I posted to hackaday.com

  Homemade Bokode

  http://hackaday.com/2009/10/01/homemade-bokode/

  
  

  We’ve recently been getting a lot of new comments on our Bokode post from a while back, and with good reason.  [M@] has managed to find a way to replicate Bokode at home, using $0 worth of equipment (before the price of microprint). To accomplish Bokode at home, it seems all you need is and old webcam lens assembly and an LED.  Of course the his version is not as thin as a regular barcode so it probably wont be replacing anything in the near future, but the concept of from MIT to home within such a short period of time is amazing.

  
  • Tags:
  • misc hacks
  • security hacks
  • barcode
  • Homemade
  • Bokode

  October 1 2009, 8:32am | More »

• I posted to hackaday.com

  Batcave-style entrance (on a budget)

  http://hackaday.com/2009/09/29/batcave-style-entrance-on-a-budget/

  
  

  

  Want to enter your hidden lair in style? Well [Jimmy] simply wanted to create a cool prop for his school’s homecoming dance. This project includes some obvious inspiration from Wayne Manor. [Jimmy] wired up the automated entrance with a 12VDC motor. In order for it to be able to push the door , the motor had to be attached to a gearbox, which directly powered a wheel. Current consumption issues were solved by using a wall-wart. Because a real bookshelf would still be too heavy, [Jimmy] dressed up a regular door with some patterned wallpaper to give it the right look. Coupled with a Shakespearean bust concealing the button, and some other cosmetic touches, this project was sure to impress any student who knew its secret.

  
  • Tags:
  • home hacks
  • security hacks
  • motor
  • batman
  • bookcase
  • secret

  September 29 2009, 8:05pm | More »

• I posted to hackaday.com

  Unhackable Netbooks given to students

  http://hackaday.com/2009/09/27/unhackable-netbooks-given-to-students/

  
  

  

  Where would be the best place to test out an unhackable netbook? The NSW department of education in Australia thinks that college is perfect . They plan on distributing netbooks, preloaded with Windows 7,and iTunes. They also have bios level tracking and security, allowing them to be remotely shut down on command. With 20,000 of these in circulation, we would think that we’ll see someone proving the “unhackable” statement wrong. We can only hope.

  [via slashdot]

  
  • Tags:
  • security hacks
  • netbook
  • windows 7
  • Australia
  • unhackable

  September 27 2009, 9:41am | More »

• I posted to hackaday.com

  Steal the administrator password from an EEPROM

  http://hackaday.com/2009/09/24/steal-the-administrator-password-from-an-eeprom/

  
  

  

  Did you forget your hardware-based password and now you’re locked out? If it’s an IBM ThinkPad you may be in luck but it involves a bit more than just removing the backup battery. SoDoItYourself has an article detailing the retrieval of password data from an EEPROM.

  The process is a fun one. Disassemble your laptop. Build a serial interface and solder it to the EEPROM chip where the password is stored. Connect this interface to a second computer and use it to dump the data into a file. Download a special program to decipher the dump file and dig through the hex code looking for something that resembles the password. Reassemble your laptop and hope that it worked.

  We know that most people won’t be in a position to need a ThinkPad administrator password, but there must be other situations in which reading data off of an EEPROM comes in handy. What have you used this method for?

  
  • Tags:
  • security hacks
  • AVR
  • serial
  • eeprom
  • password
  • administrator

  September 24 2009, 11:00am | More »

• I posted to hackaday.com

  Universal credit card in the palm of your hand

  http://hackaday.com/2009/09/23/universal-cc/

  
  

  

  Do you remember the magnetic card spoofer in Terminator 2? It was a bit farfetched because apparently the device could be swiped through a reader and magically come up with working account numbers and pin numbers. We’re getting close to that kind of magic with [Jaroslaw's] card spoofer that is button-programmable.

  Building off of a project that allows spoofing via an iPod and electromagnet, [Jaroslaw] wanted something that doesn’t require a computer to put together the card code. He accomplished this by interfacing a 16-button keyboard and a character LCD with an AVR ATmega168 microcontroller. Card codes can be entered with the buttons and verified on the LCD. Of course this is still dependent on you knowing the code in the first place.

  As you know, credit cards use this technology. We don’t think Walmart is going to be OK with you pulling this out in the checkout line, not to mention local five-oh. This technology is also used for building access in Universities, businesses, and hotels. If used in conjunction with some other spy technology you’ll be on your way to becoming a secret-agent-man.

  
  • Tags:
  • security hacks
  • ATmega168
  • AVR
  • lockpicking hacks
  • classic hacks
  • credit card
  • electromagnet
  • magnetic card
  • spoofer

  September 23 2009, 10:00am | More »

• I posted to hackaday.com

  Photographic key duplication

  http://hackaday.com/2009/09/22/photographic-key-duplication/

  
  

  

  [Ben] and his associates over at the University of California at San Diego came up with a way to duplicate keys using a picture of them. They developed an algorithm that uses measurements from known key blanks to extrapolate the bitting code. Because the software is measuring multiple points it can correct the perspective of the photo when the key is not photographed on a flat surface, but from an angle.

  They went so far as to test with cell phone cameras and using a telephoto lens from 195 feet away. In most cases, correct keys were produced within four guesses. Don’t miss their wonderful writeup (PDF) detailing how key bitting works, traditional covert duplication methods, and all the details of their process. The lack of available code prevents us all from playing secret agent (or felon) with this idea but [Ben] did mention that if there is sufficient interest he might release it.

  Lock bumping showed us how weak our security is, but this is a bit scary.

  [Thanks Mike]

  
  • Tags:
  • security hacks
  • lock
  • key
  • ucsd
  • lockpicking hacks
  • bitting
  • picking
  • SneaKey

  September 22 2009, 4:00pm | More »

• I posted to hackaday.com

  TI lashes out at their biggest fans

  http://hackaday.com/2009/09/22/ti-lashes-out-at-their-biggest-fans/

  
  

  

  Texas Instruments has issued a DMCA notice to United TI, a group of enthusiasts. They had been cracking the keys that sign the operating system binaries in an attempt to gain access and possibly expand on the features. This seems, at least a little counter productive to us. Texas Instruments doesn’t sell the operating system separately do they? These people were buying their product and expanding on it. There is no difference in their income, except possibly a gain as people flock to the one they can modify. Maybe they are charging more for an expanded feature set that is crippled in the OS.

  [via slashdot]

  
  • Tags:
  • news
  • security hacks
  • texas instruments
  • calculator
  • dmca
  • united TI

  September 22 2009, 1:00pm | More »

• I posted to hackaday.com

  Super Game Boy boot ROM dumped

  http://hackaday.com/2009/09/18/super-game-boy-boot-rom-dumped/

  
  

  

  [Costis] managed to dump a copy of the boot ROM for the Nintendo Super Game Boy. This small piece of code (256 bytes) writes a graphic to the display at boot time as it loads the ROM on the game cartridge. He was able to dump the code by finding the exact point at which the device locks down the boot ROM. Just as that point approached he overclocked the device causing it operate so fast it couldn’t write the lockout bits into the register. Once past that single point of security, he executes a code that writes the boot rom out to a different address that he is able to read from. He’s got a copy of the dump along with the explanation up for your enjoyment.

  [Thanks Anthony]

  
  • Tags:
  • security hacks
  • gameboy hacks
  • game boy
  • boot
  • rom
  • super game boy

  September 18 2009, 12:45pm | More »

• I posted to hackaday.com

  SecurityTube – a YouTube for hacks

  http://hackaday.com/2009/09/15/securitytube-a-youtube-for-hacks/

  
  

  

  SecurityTube is a site which has recently caught our attention. The site has quite a variety of videos from various sources related to security and hacking. Videos range from DEFCON talks, to documentaries, step by step how tos, and even proof of concept vulnerability videos. It’s certainly a great resource for anyone looking for something a bit more involved then a plain text writeup, and offers a way for you to catch those hacker conference talks you missed. Many of the videos come with a bit of a background information as well, so it’s far more informative then your regular YouTube videos. This site is certainly going to become a very valuable resource for many people, and is certainly a great way to kill an afternoon while still learning something.

  
  • Tags:
  • news
  • youtube
  • security hacks
  • hacking
  • videos
  • securitytube

  September 15 2009, 11:00am | More »

• I posted to hackaday.com

  Android app “tests” Windows vulnerability

  http://hackaday.com/2009/09/14/android-app-tests-windows-vulnerability/

  
  

  

  An Android App for “testing” the Windows SMB2 vulnerability we covered last week has been released. For testing? Yeah right! The availability of this kind of software makes it ridiculously easy for anybody to go out and cause some havoc. Go right now and double check that your machines that run Windows Vista or Windows Server 2008 are protected (see the “workarounds” section.)

  [Thanks Tom101]

  
  • Tags:
  • android
  • security hacks
  • pcs hacks
  • windows
  • vista
  • exploit
  • android hacks
  • smb
  • vulnerability
  • server 2008
  • smb2

  September 14 2009, 3:30pm | More »

• I posted to hackaday.com

  Disabling your cell phone’s mic for security

  http://hackaday.com/2009/09/14/disabling-your-cell-phones-mic-for-security/

  
  

  

  [Dan] set up this simple cell phone hack to disable his microphone when he’s not using his cell phone. He had read that the government can listen to you using your cell phone, even when it is off. This concerned him enough to hack into his phone. He removed the expansion port and wired the microphone to a magnetic reed switch. A strong magnet located in the screen side of his flip phone opens the circuit when he closes the phone. He notes that you could always just pop the battery out of your phone, but then you are left completely disconnected. This mod allows you to still receive phone calls.

  
  • Tags:
  • cellphones hacks
  • security hacks
  • security
  • cell
  • spy

  September 14 2009, 9:48am | More »

• I posted to hackaday.com

  Blue light special: Earn $10 by installing spyware

  http://hackaday.com/2009/09/13/blue-light-special-earn-10-by-installing-spyware/

  
  

  

  Ars technica is reporting on the ruling from the FTC about the software shenanigans of Kmart and Sears. The marketing geniuses behind the parent company of Sears and Kmart decided they needed more information about the users of their website. Their solution? Offering $10 to users who install their custom software which phones home with data on just about everything they do on their computer. Not content with just browsing habits of webites, the software apparently recorded everything the user did online, including secure sessions. Under the settlement (PDF) with the FTC, Sears says they will stop collecting data and promises to destroy any and all information they’ve collected so far. Selling what websites you’ve been to, how much money you have, which prescriptions you take and what products you’re interested in for the low low price of $10 seems like a bargain.

  
  • Tags:
  • news
  • security hacks
  • spyware
  • FTC
  • kmart
  • marketing
  • sears
  • unethical

  September 13 2009, 8:49pm | More »

• I posted to hackaday.com

  Windows 7 and Vista crash via SMB exploit

  http://hackaday.com/2009/09/09/windows-7-and-vista-crash-via-smb-exploit/

  
  

  

  [Laurent Gaffié] has discovered an exploit that affects Windows Vista, Windows 7, and possibly Windows Server 2008 (unconfirmed). This method attacks via the NEGOTIATE PROTOCOL REQUEST which is the first SMB query sent. The vulnerability is present only on Windows versions that include Server Message Block 2.0 and have the protocol enabled. A successful attack requires no local access to the machine and results in a Blue Screen of Death.

  [Laurent] has a proof of concept available with his writeup in the form of a python script (please, white hat use only). There is no patch for this vulnerability but disabling the SMB protocol will protect your system until one is available.

  Update: According to the Microsoft advisory this vulnerability could lead to code execution, making it a bit worse than we thought. On the bright side, they claim that the final version of Windows 7 is not open to this attack, only Windows Vista and Windows Server 2008.

  [via Full Disclosure]

  [picture: Inquirer]

  
  • Tags:
  • news
  • security hacks
  • pcs hacks
  • windows
  • bsod
  • vista
  • windows 7
  • smb
  • vulnerability

  September 9 2009, 8:14am | More »

1 2 3 4

Popular Tags

• craft
• Arts
• arduino
• Green
• tech
• Electronics
• food
• DIY Projects
• home
• Music
• news
• Announcements
• science
• Events
• misc hacks
• art
• Kids
• robots hacks
• home hacks
• Crafts
• peripherals hacks
• Halloween
• Photography
• daily
• arduino hacks
• tool-hacks
• Robotics
• offbeat
• hacks
• home entertainment hacks
• outdoors
• Maker Shed Store
• life
• Holiday projects
• Computers
• led
• iPhone
• Makers
• digital audio hacks
• security hacks
• maker faire
• Paper Crafts
• Home and Garden
• Toolbox
• cellphones hacks
• led hacks
• robot
• Make: television
• pcs hacks

Search