Items Tag › RIT Make Club Idea Stream

I posted to hackaday.com

Hacking a code-protected hard disk

http://hackaday.com/2010/08/26/hacking-a-code-protected-hard-disk/

Our friend [Sprite_TM] took a look at the security of a code-protected hard disk. The iStorage diskGenie is an encrypted USB hard drive that has a keypad for passcode entry. After cracking it open he found that the chip handling the keypad is a PIC 16F883 microcontroller. He poked and prodded at the internals and found some interesting stuff. Like the fact that there is an onboard LED that blinks differently based on the code entered; one way for the right code, another for the wrong code of the right number of digits, and a third for a wrong code with the wrong number of digits. This signal could be patched into for a brute force attacking but there’s a faster way. The microcontroller checks for the correct code one digit at a time. So by measuring the response time of the chip an attacker can determine when the leading digit is correct, and reduce the time needed to crack the code. There is brute force protection that watches for multiple incorrect passwords but [Sprite_TM] even found a way around that. He attached an AVR chip to monitor the PIC response time. If it was taking longer than it should for a correct password the AVR resets the PIC before it can write incorrect attempt data to its EEPROM. This can be a slow process, but he concluded it should work. We had fun watching the Flash_Destroyer hammer away and we’d like to see a setup working to acquire the the code from this device.
- Tags:
- security hacks
- pic
- hdd
- usb
- keypad
- encrypted
- 16f883
- diskgenie
- istorage
August 26 2010, 11:56am | More »
I posted to hackaday.com

Burglar alarm in a zippo lighter

http://hackaday.com/2010/08/26/burglar-alarm-in-a-zippo-lighter/

[Madmanmoe64] has really done a fantastic job with this burglar alarm built into a zippo. He crammed a picaxe microcontroller, some IR LEDs, an IR sensor, a battery and various switches in there quite well. It almost closes perfectly, something we think he could remedy if it really bugged him that much.

It has several modes, all initiated by a different sequence of button presses. There is the proximity alarm, which sounds when something moves very close. The reverse proximity alarm which sounds when you remove something from its immediate vicinity. A doorbell mode, and a silent alarm mode. Check out the video after the break to see it in action.
- Tags:
- security hacks
- alarm
- zippo
- spy
- Microcontrollers
August 26 2010, 8:41am | More »
I posted to hackaday.com

Modem used in an alarm system

http://hackaday.com/2010/08/25/modem-used-in-an-alarm-system/

This alarm system senses motion and then alerts you by phone. [Oscar] had an old external modem sitting around and, with some wise hardware choices, he came up with a simple circuit to use it. First up is the PIC 16F628A chosen because it doesn’t require an external crystal. This connects with the modem via a DS275 RS232 transceiver because it requires no external parts for connection. The final portion of the puzzle is a PIR sensor that triggers a pin interrupt in the sleeping PIC, which then dials your number to alert you. It doesn’t look like anything happens other than your phone ringing, but that’s enough for a simple system. We’re just happy to see how easy it was to use that modem… time to go hunting for one in dreaded junk trunk. Don’t miss the clip after the break.
- Tags:
- security hacks
- pic
- alarm
- sensor
- modem
- pir
- 16f628a
August 25 2010, 2:02pm | More »
I posted to hackaday.com

Make iPhone a penetration testing tool

http://hackaday.com/2010/08/18/make-iphone-a-penetration-testing-tool/

[Nicholas Petty] has posted a guide to setting up your iPhone as a penetration tester. You already carry it around with you and, although not too beefy, it does have the hardware you need to get the job done. So if you’re not interested in building a drone or carrying around a boxy access point try this out. The first step is to jailbreak your device and setup OpenSSH so that you can tunnel in for the rest of the setup. From there the rest of the setup is just acquiring build tools and compiling pentesting programs like Aircrack-ng, Ettercap, Nikto2, and the Social Engineering Toolkit. You’ll be up to no good testing your wireless security in no time.
- Tags:
- security hacks
- jailbreak
- iphone hacks
- set
- aircrack-ng
- ettercap
- nikto2
- penetration testing
- pentesting
August 18 2010, 2:53pm | More »
I posted to hackaday.com

Drone cracks WiFi from on high

http://hackaday.com/2010/08/18/drone-cracks-wifi-from-on-high/

The WiFi Aerial Surveillance Platform, or WASP for short, is an autonomous drone aircraft that sniffs out WiFi networks. But it packs a much larger punch than that. Built into this US Army surplus target drone you’ll find an ITX form-factor computer with a Via C7 500 MHz processor that is running Backtrack 4, the popular penetration testing Linux suite. But what if you want to do some real heavy lifting that the onboard PC can’t handle quickly? They’ve thought of that too. There’s an integrated 3G modem which allows for control over the Internet and facilitates the outsourcing of load-intensive operations to the cloud. It’s not shooting fireworks from the wings, but this payload has the potential to cause way more trouble.

[Thanks Spore]
- Tags:
- security hacks
- uav
- drone
- penetration
August 18 2010, 10:51am | More »
I posted to hackaday.com

Portable WiFi penetration testing

http://hackaday.com/2010/08/14/portable-wifi-penetration-testing/

Inside this box you’ll find a La Fonera wireless access point. [Emeryth] and his band of miscreants built this portable device for WiFi security testing. The AP is running OpenWRT and has been set up to use the 16×4 character display as a terminal. An ATmega88 connects the LCD as well as six buttons to the UART of the La Fonera. From there, a set of Ruby scripts takes care of the communication protocol. As you can see after the break, this setup allows you to scan the area for WiFi, showing channel, SSID, and MAC information. Although not specifically outlined in the video we suspect there’s some more devious tricks up its sleeve too.
- Tags:
- security hacks
- wifi
- ATmega88
- openwrt
- pentest
- hd44780
- la fonera
August 14 2010, 11:00am | More »
I posted to hackaday.com

Release the Kraken: Open source GSM cracking tool released.

http://hackaday.com/2010/07/22/release-the-kraken-open-source-gsm-cracking-tool-released/

Open source GSM cracking software called “Kraken” has been released into the wild. You may recognize some of the information from back in December when we announced that they had cracked GSM encryption. Well, now you can participate as well. You’ll need a pretty beefy Linux machine and some patience. They say that an easier GUI and support for GPU processing is coming in the near future.

[Thanks Eliot Via Slashdot and PCWorld]
- Tags:
- cellphones hacks
- security hacks
- gsm
- cell
- karaken
- nol
July 22 2010, 2:58pm | More »
I posted to hackaday.com

Wireless presenters easily cracked

http://hackaday.com/2010/07/04/wireless-presenters-easily-cracked/

While hacking a wireless presenter doesn’t sound like something worthwhile or interesting, [Niels Teusink] demonstrates that these little devices often are a lot more powerful than we give them credit.

With an Arduino, plenty of research, and some heavy sniffing of a wireless presenter’s SPI and then wireless interface [Niels] is able to emulate an entire keyboard. Sending commands as harmless as “next slide” to the devastating “[Win+R] Format C:”. Hopefully anyone planning such a project at the next Apple or Microsoft keynote just intends some gentle fun.

Related: Wireless keyboards easily cracked.

[Thanks Dan Ransom]
- Tags:
- security hacks
- wireless
- arduino
- wireless hacks
- spi
- usb
- dongle
- keynote
- presenter
July 4 2010, 3:00pm | More »
I posted to hackaday.com

Hard drive destruction plan

http://hackaday.com/2010/07/04/hard-drive-destruction-plan/

[Wolf] emailed us to show us his Self destructing Hard Drive tutorial. He’s using thermite, like we did, but he’s put a little more effort into the delivery system. In the video, you can see a huge spray molten iron. This is because his “jet”, the block of wood hollowed out to focus the thermite on to the hard drive didn’t hold a seal at the top. Not too bad for try #1. He could probably build this to be more contained, but even then it will most likely turn into “entire self destructing office” if it were to actually be used. A little common sense goes a long way here folks, this is molten metal and is extremely hot and dangerous.
- Tags:
- security hacks
- Thermite
July 4 2010, 1:00pm | More »
I posted to hackaday.com

Free laundry redux

http://hackaday.com/2010/07/03/free-laundry-redux/

[Koala] was worried his pseudo smart card trick wouldn’t be considered a HackaDay worthy. We’re more worried the internet police will find this article and have us all tarred and feathered.

Jokes aside, it seems Laundromat owners sure aren’t learning. Long story short, using a Bus Pirate and a few techniques we’ve seen before for smart card hacking [Koala] is able to write whatever amount he needs onto his pseudo smart card; thus giving him a free load of laundry.
- Tags:
- security hacks
- bus pirate
- smart card
- laundry
- pseudo
- laundromat
July 3 2010, 1:40pm | More »
I posted to hackaday.com

Now you see me, now you don’t, face detection scripts

http://hackaday.com/2010/06/27/now-you-see-me-now-you-dont-face-detection-scripts/

Straight out of Ghost in the Shell, the Laughing Man makes his appearance in these security camera shots. [William Riggins] wrote us to let us know about his teams Famicam scripts. After taking a screen shot, faces are detected and counted, ‘anonymized’, and the final image is uploaded to Twitter.

The process is rather simple, and sure beats wearing a bunch of white reflective camouflage. All that’s left is detecting specific faces to make anonymous, and of course uploading the script to every camera in the world. Easy, right?
- Tags:
- security hacks
- camera
- security
- script
- twitter
- anonymous
- video hacks
- famicam
June 27 2010, 1:10pm | More »
I posted to hackaday.com

SOAP compatibility for SQLmap

http://hackaday.com/2010/06/25/soap-compatibility-for-sqlmap/

[_coreDump] was doing some database vulnerability testing using SQLmap to automate the process. To his dismay, the package was unable to test using the Simple Object Access Protocol. Faced with having to manually test all of the SOAP vulnerabilities he decided to work some Python magic and add support. His solution allows SQLmap 0.8 to parses XML data from the SOAP protocol by modifying three files from the package. He’s made the diff files available if you need this functionality for your own security testing.
- Tags:
- security hacks
- injection
- xml
- python
- soap
- sqlmap
June 25 2010, 11:00am | More »
I posted to hackaday.com

Win at Hangman, gain entry

http://hackaday.com/2010/06/16/win-at-hangman-gain-entry/

Do not put anything in this box that you will need in a rush. You’ll have to successfully guess the word in a game of hangman to gain entry. He’s using an Atmega328 as the brains of this project with a rotary dial and an LCD for input and display. If you win, the box is unlocked and you can open it up to get whatever is inside. There are links to various tutorials along the way to help with each step, including the Arduino source code he used to build it. We think he should bump it up a notch and have the box destroy the contents if you fail. Sounds like fun, right?
- Tags:
- security hacks
- lock
- game
- arduino hacks
- secure
June 16 2010, 10:00am | More »
I posted to hackaday.com

Ground your car to make it go

http://hackaday.com/2010/06/14/ground-your-car-to-make-it-go/

This security system called G-spot requires that you touch a special place on the car prior to attempting to start it. This is pretty slick as it could be completely un-obvious and doesn’t require any special fobs or minor surgery. With the right placement, no one would ever notice that you had touched it.

[via HackedGadgets]
- Tags:
- security hacks
- transportation hacks
- touch
- car
- immobilizer
June 14 2010, 10:43am | More »
I posted to hackaday.com

Modern car data systems lack security

http://hackaday.com/2010/05/18/modern-car-data-systems-lack-security/

Tomorrow a team of researchers will present their paper on Experimental Security Analysis of a Modern Automobile (PDF) at the IEEE Symposium on Security & Privacy. Much like the racing simulators we’ve seen they’re exploiting the ODB-II port to get at the vehicle’s Controller-area network, or CAN-bus. We’re not surprised at all that they can display custom text on the dashboard display or read sensor data from the car. What does surprise us is their exposé on how truly unsecured the system is. It seems that access to any device on the CAN-bus gives them unobstructed control of the car’s systems. Any device can send commands to any other device. They’ve even found a way to write malicious code to the car’s computer which can be programmed to erase itself in the event of a crash.

Much like RFID the security risks here are basically nill for the vast majority of consumers. We just find it a bit surprising that there’s apparently been little thought put into fortifying the communications between the safety systems such as the brakes on the vehicle. For instance, team experimented with sending random packets over the CAN-bus and stumbled across a way to lock the brake on just one wheel. To us it’s conceivable that a malfunctioning device on the network could start sending out damaged packets and cause a dangerous malfunction like this one.

The 14-page PDF linked above is a page-turner, check it out on your hacked ereader during lunch.
- Tags:
- security hacks
- transportation hacks
- CAN
- odb-ii
- can-bus
May 18 2010, 11:00am | More »
I posted to hackaday.com

Nike + iPod as a tracking device

http://hackaday.com/2010/05/13/nike-ipod-as-a-tracking-device/

[Thomas] found a paper from 2006 that describes using the Nike + iPod system as inexpensive tracking devices. Yep, it’s old as dirt but we think it’s fascinating reading! [Scott Saponas] and his fellow authors take a hard look at the lack of security in the system in a twelve-page PDF. They cover several different ways to capture and track one of the $29 tags in someone’s shoe, including using the Gumstix reader above, or a slightly modified 3G iPod. If the sensors are not removed or manually switched off when not in use they can be picked up by any RF reader within range. Because the tags are cheap and available, one could be planted on an unsuspecting victim James-Bond-style. Maybe this is what prompted Apple’s half-hearted attempt to restrict hacking the devices to do things like unlock doors.

Of course if you don’t want to do the reading you could download their video presentation or just stream it.
- Tags:
- security hacks
- apple
- iPod
- ipod hacks
- gumstix
- tracking
- nike
- nike+ipod
May 13 2010, 10:48am | More »
I posted to hackaday.com

Build your own RFID reader

http://hackaday.com/2010/04/19/build-your-own-rfid-reader/

We asked for it and our readers delivered. [Klulukasz] left a comment pointing to this diy RFID reader that was a final project in 2006 for a class at Cornell University. It is well documented and includes not only a schematic and code, but an explanation of the design considerations used during the build. The project uses an ATmega32 and the parts list priced out at about $50 at the time. There were plenty of responses to the RFID spoofer post pointing out that there are readers available for $40, but we want the fun of building our own.

A bit more vague with the details but no less interesting is this other simple RFID reader design. Thanks to [Chuck] for his comment which pointed to that link.
- Tags:
- security hacks
- rfid
- reader
- cornell
- ATmega32
April 19 2010, 1:00pm | More »
I posted to hackaday.com

Arduino RFID spoofer

http://hackaday.com/2010/04/18/arduino-rfid-spoofer/

An Arduino, a spent roll of toilet paper, magnet wire, and a few passive components are what’s needed to build this RFID spoofer. It’s quick, dirty, and best of all, simple. However, [SketchSk3tch's] creation is not an RFID cloner. You must already know the hex code of the tag you want to spoof. That may or may not be as easy as using a separate tag reader.

We’ve seen some very simple RFID tag concepts. What we want is a DIY reader that is easy to build from cheap and readily available components. If you’ve got one, make with the details and tip us off about it.
- Tags:
- security hacks
- rfid
- coil
- spoof
April 18 2010, 11:00am | More »
I posted to hackaday.com

Intruder alarm McDonald’s toy hacking

http://hackaday.com/2010/04/08/intruder-alarm-mcdonalds-hacking/

[malikaii] needed to set up some kind of tripwire style alarm system for his office. His bosses kept sneaking in to find him slacking. So, like any loyal hacker, instead of just working harder he built an alarm system. After a failed attempt to recreate an IR alarm circuit he found on the web and built from old appliance parts, he found the Hack a Day article about harvesting McDonald’s toys. The end result was a fully functional IR detecting alarm for the office doorway. This is pretty simple really, the best kind of hack.
- Tags:
- security hacks
- led
- ir
- alarm
- led hacks
- classic hacks
- McDonalds
April 8 2010, 8:22am | More »
I posted to hackaday.com

Program your own mayhem-causing USB dongle

http://hackaday.com/2010/04/05/program-your-own-mayhem-causing-usb-dongle/

[Adrian Crenshaw] is up to no good with this programmable USB device. [Adrian's] creation identifies itself as a USB keyboard and can be programmed to do whatever you want. That’s because it’s based around the Teensy board which sports an ATmega32 that will cost you only $18. He’s added a set of DIP switches for easy in-field changes to the firmware. There’s also a light sensor that can be used to activate a command once an unknowing victim has shut off the lights in the office and left for the day. Check out his talk after the break to see his proposed uses for such a device.
- Tags:
- security hacks
- usb
- dongle
- Teensy
April 5 2010, 1:04pm | More »
I posted to hackaday.com

Thwart robbers with an old smoke alarm.

http://hackaday.com/2010/02/28/thwart-robbers-with-an-old-smoke-alarm/

[Anders] tipped us off about his hack that re-purposes a smoke alarm as a burglar alarm. Unfortunately, he came home in the middle of a burglary but wanted to be ready the next time someone tries to break in. By cleverly patching into the test button on an old smoke detector he created a circuit-trip alarm. One side of each piece of wire is secured to the frame and jam of a window. A paper clip completes the circuit by pinching the two bare conductors. If the window is opened the connection is lost and the alarm sounds.

We see a few problems with this system. First off, never hack your ONLY smoke detector, you are putting lives at risk by doing so. But [Anders] says he’ll have a replacement detector and since these things need to be replace every ten years or so, chances are you can find an old one kicking around. We’d recommend disguising the case so that people aren’t confused about it being a smoke detector. Secondly, he’s mounted the alarm right in the window frame so most likely an invader will just smash the thing to bits.

Anyway, it’s still an interesting reuse of these ubiquitous, and life-saving, devices.
- Tags:
- security hacks
- burglar alarm
- fire alarm
- smoke detector
February 28 2010, 8:26am | More »
I posted to hackaday.com

More cellphone controlled door locks

http://hackaday.com/2010/02/23/more-cellphone-controlled-door-locks/

[Tom Lee] and his colleagues just moved to a new office. The doors are setup like a security checkpoint with electronic strikes and buttons on the inside to allow entry. The button simply completes a low-voltage circuit, activating the strike which made it quite easy to patch into. They build an interface board with a small relay to complete that circuit. As we’ve seen before, Linksys routers have plenty of extra room in the case so there was no problem housing the new circuit in this tiny network device. Now [Nicko] and his friends can use a custom app to input an access code or to verify a device ID from a cell phone and gain entry. The door still has keyed locks in case of a power outage. In fact, the only change made to the system was the addition of two wires to the “door release” button as seen above. See the one-touch device ID authentication in the video after the break.

This hack is similar to the GSM door entry from last year. In this case, the phones are communicating with the door via web interface and not the GSM network.

[Thanks Nicko Margolies]
- Tags:
- cellphones hacks
- security hacks
- lock
- wrt54g
February 23 2010, 4:00pm | More »
I posted to hackaday.com

Chip and pin broken and other security threats

http://hackaday.com/2010/02/12/chip-and-pin-broken-and-other-security-threats/

Another exploit has been found in the Chip and PIN system. The exploit is a man-in-the middle attack that wouldn’t take too much know-how to pull off. You can watch the BBC report on the issue or check out the paper (PDF) published by the team that found the vulnerability. A stolen card resides in a reader that connects to a dummy card via a small cable. When the dummy card is inserted into a card reader, any PIN can be used to complete the transaction. The chip on the original card gets confirmation that the sale was completed via signature and the vendor’s card reader gets confirmation that the pin was correct. The UK based Chip and PIN system seems like a great idea, but it has had its share of security loopholes. This makes us wonder how hard it is to roll out security patches to the hardware readers in the system. Obviously this needs to be patch but does it take a technician visiting each terminal to flash an upgrade?

Switching to the topic of wide-scale attacks, we caught the NPR interview with [James Lewis] on Wednesday when they discussed the growing threat of Cyberterroism. He feels an attack on the US electrical grid is currently the biggest threat and will happen in the next ten years. Obviously taking the grid down would endanger lives and bring things to a standstill; traffic lights, refrigeration, heat, etc. We’re just glad that when asked if he thinks there is already malicious code residing in the control system, he doesn’t think that’s the case.

[Thanks to Whatsisface and Mcinnes]
- Tags:
- security hacks
- security
- HackIt
- cyberterroism
- man-in-the-middle
- pin and chip
February 12 2010, 11:56am | More »
I posted to hackaday.com

TPM crytography cracked

http://hackaday.com/2010/02/09/tpm-crytography-cracked/

Trusted Platform Module based cryptography protects your secrets as well as your government’s secrets. Well, it used to. [Christopher Tarnovsky] figured out how to defeat the hardware by spying on its communications. This requires physical access so it’s not quite as bad as it sounds, but this does reach beyond TPM to many of the security chips made by Infineon. This includes peripheral security chips for Xbox 360 and some chips used in cell phones and satellite TV.

[Christopher] revealed his hack during his presentation at Black Hat 2010. The method is wicked-hard, involving removal of the chip’s case and top layer, then tapping into a data bus to get at unencrypted data. The chip still has some tricks up its sleeve and includes firmware traps that keep a look out for this type of attack, shutting down if it’s detected. Infineon commented that they knew this was possible but regard it as a low threat due to the high skill level necessary for success.

[Thanks Greg]
- Tags:
- security hacks
- Cryptography
- encrypted
- Christopher Tarnovsky
- Infineon
- TPM
- Trusted Platform Module
February 9 2010, 12:25pm | More »
I posted to hackaday.com

PS3 exploit released

http://hackaday.com/2010/01/27/ps3-exploit-released/

You can now download the exploit package for the PlayStation 3. [Geohot] just posted the code you need to pull off the exploit we told you about on Sunday, making it available on a “silver platter” with just a bit of explanation on how it works. He’s located a critical portion of the memory to attack. By allocating it, pointing a whole bunch of code at those addresses, then deallocating it he causes many calls to invalid addresses. At the same time as those invalid calls he “glitches” the memory bus using a button on his FPGA board to hold it low for 40ns. This trips up the hypervisor security and somehow allows read/write access to that section of memory. Gentleman and Ladies, start your hacking. We wish you the best of luck!

[Thanks Phileas]
- Tags:
- security hacks
- playstation hacks
- hack
- playstation 3
- memory
- exploit
January 27 2010, 8:37am | More »
I posted to hackaday.com

Coded entry using your wristwatch

http://hackaday.com/2010/01/21/coded-entry-using-your-wristwatch/

[Ziyan] and [Zach] built a door entry system that uses a code entered from your wristwatch. They’re using the TI eZ-430 Chronos that we saw in November. There is a project box mounted over the deadbolt lever. Inside, the wireless fob waits for the watch to connect. When a watch has connected and the correct code is received (using 128 bit encryption) the fob actuates a servo to turn the lock. On the user side of things the code is entered by tapping the watch. The built-in accelerometer picks up these taps and relays them to the door unit.

It’s a heck of a project! Check out their demonstration video after the break. We’d like to see a mechanical option for escaping the apartment in case the door unit fails but otherwise we think this is perfectly executed. We’re looking forward to seeing more projects that tap into this TI hardware.
- Tags:
- home hacks
- security hacks
- lock
- ti
- door
- watch
- wristwatch
- ez-430
January 21 2010, 11:00am | More »
I posted to hackaday.com

Buzzle: a morse code puzzle box

http://hackaday.com/2010/01/21/buzzle-a-morse-code-puzzle-box/

[lucasfragomeni] built the Buzzle after being inspired by the reverse geocache puzzle. The Buzzle was built as a gift to a friend. It’s a tricky gift too. His friend can’t open it until he decodes the words being displayed in morse code via an LED. A word is chosen at random, so you would have to decode it each time you want to open the box. That’s a pretty neat security feature. Sure it’s not the most secure, but it would keep casual peepers out. Unfortunately, the box was empty when his friend received it.
- Tags:
- home hacks
- security hacks
- arduino
- morse
- arduino hacks
- puzzle
January 21 2010, 9:00am | More »
I posted to hackaday.com

NES console to cartridge security in depth

http://hackaday.com/2010/01/20/nes-console-to-cartridge-security-in-depth/

[Segher] has reverse engineered the hardware and command set for the NES CIC chips. These chips make up the security hardware that validates a cartridge to make sure it has been licensed by Nintendo. Only after authentication will the console’s CIC chip stop reseting the hardware at 1 Hz. The was no hardware information available for these chips (go figure) so [Segher] had to do some sleuthing with the tools at hand which include some rom dumps from the chip pairs. He was nice enough to share his findings with us. We’re betting they’re not of much use to you but we found it an interesting read.

[Thank ppcasm]

[Photo credit: Breaking Eggs and Making Omelets]
- Tags:
- security hacks
- snes
- security
- nintendo
- nes
- nintendo hacks
- rom
- cic
January 20 2010, 2:43pm | More »
I posted to hackaday.com

Russian billboard includes a “happy ending”

http://hackaday.com/2010/01/16/russian-billboard-includes-a-happy-ending/

It seems someone hacked into one of LED billboards and added porn video clips to the rotation of advertisements. We caught a glimpse before YouTube yanked it. We’ve pixelated the shot above which already had some blackbox censorship from the OP but we assure you, it was hardcore porn.

The 9-by-6 meter billboard is in downtown Moscow. The AP is reporting that this caused something of a traffic jam and shocked passersby. We’ve seen porn before, but have to admit that even knowing what to expect in the video it was a bit shocking for us to see cars driving by a giant sex scene. This is certainly much more of a distraction than leaving cleaver messages on the side of the road.

Does anyone know what technology is used to update these billboards? We’re curios as to whether physical access to the unit is necessary for this kind of attack. Leave you insights in the comments.

[Thanks Sean]
- Tags:
- security hacks
- traffic
- billboard
- moscow
- porn
- pornography
January 16 2010, 3:00pm | More »
I posted to hackaday.com

Start the car with a wave of your hand

http://hackaday.com/2010/01/14/start-the-car-with-a-wave-of-your-hand/

[Jair2K4] likes his RFID almost as much as he likes his chaw. Ever since his car was stolen he’s had to start it using a screwdriver. Obviously this is not a good way to leave things so he decided to convert his starter to read an RFID tag. He installed an RFID transponder he picked up on eBay, wiring it to the ignition switch. He’s removed the clutch-check sensor and wired a rocker switch to enable the RFID reader. We presume the rocker switch will eventually be used to shut the car off as well.

While most would have purchased a key-chain RFID tag, [Jair2k4] went far beyond that and had the tag implanted in his hand. This is an honor usually reserved for pets and until he adds RFID functionality to the door locks maybe a key fob would have been a better answer. But, to each his own. See his short demonstration video after the break.
- Tags:
- security hacks
- rfid
- transportation hacks
- car
- tag
- ignition
January 14 2010, 2:00pm | More »
I posted to hackaday.com

Kodak digital frame vulnerability

http://hackaday.com/2010/01/11/kodak-digital-frame-vulnerability/

Kodak managed to release a product with a big fat security vulnerability. [Casey] figured out that the Kodak W820 WiFi capable digital frame can be hijacked for dubious purposes. The frame can add Internet content as widgets; things like Facebook status, tweets, and pictures. The problem is that the widgets are based on a feed from a website that was publicly accessible. The only difference in the different feed addresses is the last two characters of the frame’s MAC address. Feeds that are already setup can be viewed, but by brute-forcing the RSS link an attacker can take control of the feeds that haven’t been set up yet and preload them with photos you might not want to see when you boot up your factory-fresh frame.

It seems the hole has been closed now, but that doesn’t diminish the delight we get from reading about this foible. There’s a pretty interesting discussion going on in the thread running at Slashdot.

[Photo credit]
- Tags:
- security hacks
- digital
- frame
- vulnerability
- kodak
January 11 2010, 1:00pm | More »
I posted to hackaday.com

Spy on your office

http://hackaday.com/2010/01/07/spy-on-your-office/

[Garagedeveloper] sent us his custom surveillance system, part 1, part 2, and part 3 after needing a way to find out why some cables at work were becoming unplugged (spoiler, the cleaners were messing up the wiring). At the base of the system is a web cam glued to a stepper motor. However, it gets much more in depth with a web front-end that allows the user to stream the feed and control the position of the stepper. We’re not particularly fond of how many different parts the project takes, while it all could be accomplished under C# with ASP.NET and parallel port library instead of including Arduino and excess code, but to each their own and the project turned out a success anyway.
- Tags:
- security hacks
- arduino
- arduino hacks
- stepper motor
- c++
- web front end
January 7 2010, 2:00pm | More »
I posted to hackaday.com

Arduino security with frickin’ laser

http://hackaday.com/2010/01/03/arduino-security-with-frickin-laser/

[over9k] used his Arduino to set up a laser trip wire. The laser is mounted along side the Arduino, reflects off of a mirror, and shines on a photoresistor that interfaces via a voltage divider. The signal from the voltage divider is monitored for a change when the laser beam is broken. [over9k] set things up so that a webcam snaps a picture of the intruder and Twitters the event for easy notification. Video after the break walks through each of these steps.

This build is a bit rough around the edges but unlike other laser trip wires this keeps all the electronics in one place. The laser interface could be a bit more eloquent, and we’re wondering just how much current it is pulling off of the Arduino pins. But if you’re bored and have this stuff on hand it will be fun to play around with it.
- Tags:
- security hacks
- webcam
- security
- laser
- twitter
- laser hacks
- arduino hacks
- trip wire
January 3 2010, 10:00am | More »
I posted to hackaday.com

GSM Cracked

http://hackaday.com/2009/12/30/gsm-cracked/

[Karsten Nohl], with a group of security researchers has broken the A5/1 Stream Cipher behind GSM. Their project web site discusses their work and provides slides(pdf) presented at 26C3. A5/1 has had known vulnerabilities for some time now and is scheduled to be phased out for the newer KASUMI or A5/3 block cipher. This should be an interesting time in the cell phone business.

Thanks to [Tyco] and [MashupMark] for pointing us to this story.

http://online.wsj.com/article/SB10001424052748703510304574626451948722542.html?mod=rss_Today%27s_Most_Popular
- Tags:
- cellphones hacks
- news
- security hacks
- wireless hacks
- security
- gsm
- cell phone
- A5/1
- Cipher
December 30 2009, 12:00pm | More »
I posted to hackaday.com

Bluetooth based Psuedorandom Number Generation

http://hackaday.com/2009/12/19/bluetooth-based-psuedorandom-number-generation/

[MS3FGX] has done an interesting study about using Bluetooth adapters as a source for Psuedorandom Number Generation (PRNG). As it turns out, the Bluez package has a function that calls a remote Bluetooth adapter to return a random number. He picked up 10 compatible adapters for about $30 from DealExtreme and set about assembling some numbers to see how this compares to an OS-based PRNG.

Because millions of samples are needed for an accurate comparison, time became a problem. The adapters are a little bit slow responding to a request, sending just 4800 numbers in the first 30-second test. This can be overcome with multiple adapters being accessed by multiple computers for hours at a time. What can this be used for? Your guess is as good as ours, but [MS3FGX] has done a great job of writing up his tests. He’s also made a set of 20.7 million randomly generated values available if you want to generate your own statistical analysis.
- Tags:
- random
- security hacks
- bluetooth
- DealExtreme
- prng
December 19 2009, 2:27pm | More »
I posted to hackaday.com

How to root a Nook

http://hackaday.com/2009/12/17/how-to-root-a-nook/

Here’s the latest in rooted consumer devices, nookdevs.com has rooted the Barnes & Noble Nook eBook reader. The process is extremely easy, as the operating system is stored on a 2GB SD card inside the device. In fact, once you have the case open the hard part is over. From there, the card should be backed up for safe keeping. Now mount the card, enable the Android Debug Bridge and reassemble. The Android SDK can then be used to log into a shell on the Nook wirelessly.

We’re not sure there’s much that can be done past this point yet. It’s up to you to get Doom running!
- Tags:
- android
- security hacks
- handhelds hacks
- root
- Barnes & Noble
- Nook
- sdk
December 17 2009, 12:08pm | More »
I posted to hackaday.com

GSM enabled security door

http://hackaday.com/2009/11/28/gsm-enabled-security-door/

The security door at the front of [Oliver's] building uses an intercom system to let in guests remotely. Each unit has an intercom handset with a button that unlocks the door. [Oliver] wanted a way to enter without carrying any extra items so he built a system to unlock the door with his cell phone.

He patched into the intercom and attached a GSM module. The module runs python so he wrote a script that will monitor the entryway buzzer, then wait for an approved cell phone connection to unlock it. He went through a couple of different iterations for the final project. The first attempt used XBee modules to communicate between the intercom handset and the GSM module. For the final version, he snaked cable through his wall using rare-earth magnets (creative!) in order to forgo the use of a battery in the handset.

Who doesn’t carry a cell phone with them? Because of this, the use of GSM modules in automation is a trend we think will continue to gain popularity.
- Tags:
- cellphones hacks
- security hacks
- lock
- security
- gsm
- xbee
November 28 2009, 1:31pm | More »
I posted to hackaday.com

Recover borked HDD after Xbox 360 ban

http://hackaday.com/2009/11/25/recover-borked-hdd-after-xbox-360-ban/

[Incudie] tipped us off about a method to fix a borked HDD in your Xbox 360. Many of the one million consoles banned earlier in the month also had the hard disks scrambled making off-line gaming impossible as well. It turns out that this is caused by having a ban flag in the NAND chip on the motherboard. It has been discovered that because of wear levelling, the NAND will have two copies of the “secdata.bin” file which stores the ban flag. Please note, this will NOT allow the console to use Xbox Live, it just re-enables the HDD.

The quick and dirty of the fix is as follows: First the NAND is dumped from your Xbox 360 to a computer. After verifying the file, it can be opened in a HEX editor and the two copies of “secdata.bin” located. Once identified by date, the older version is injected on top of the newer to overwrite the ban flag.

Looks like this is not for the faint of heart, but if you got banned for modding in the first place this should be easy to pull off.
- Tags:
- security hacks
- xbox hacks
- hdd
- xbox 360
- hex
- ban
- banned
November 25 2009, 2:20pm | More »
I posted to hackaday.com

Knock detecting lock

http://hackaday.com/2009/11/04/knock-detecting-lock/

[Steve] shows us his version of the knock detecting lock system. The idea is pretty simple, knock in a certain pattern and the door unlocks. We’ve seen it before several times. This solution is somewhat cleaner than the others, not only in physical design, but also in how you reprogram it. Simply push the reprogram button and enter your new knock. We’re a bit surprised that the suction cups actually hold it on the door. Maybe it’s just us, but we can never seem to get those things to hold very well. There are lots of great pictures as well as the source code available on his site.

[via HacknMod]
- Tags:
- security hacks
- arduino
- lock
- arduino hacks
- knock
November 4 2009, 9:00am | More »
I posted to hackaday.com

freeBOOT gives the Xbox 360 JTAG hack new life

http://hackaday.com/2009/10/20/freeboot-gives-the-xbox-360-jtag-hack-new-life/

There has been another development in the never-ending battle that is Microsoft trying to keep its gaming system closed to unauthorized use. Xbox-scene reports that a new hack called freeBOOT v0.01 allows the Xbox 360 to upgrade to the newer kernels, but allows the option of rebooting to an older kernel in order use the JTAG exploit and gain access to the hardware.

In case you missed it, the JTAG hack is a way to run homebrew code on an Xbox 360. Exploiting this hack makes it possible to boot a Linux kernel in about five seconds. We’ve long been fans of the homebrew work done with XBMC on the original Xbox and hope that advances like this will lead to that end. We want this because the older hardware cannot handle high definition content at full resolution but the Xbox 360 certainly can.

This exploit is still far from perfect. It currently requires that the Cygnos360 mod chip be installed on the system. A resistor also needs to be removed from the board to prevent accidental kernel updating. That being said, this is still progress. If you’re interested in step-by-step details, take a look at the text file instructions provided.

[Thanks wdfowty]
- Tags:
- security hacks
- microsoft
- xbox 360
- jtag
- exploit
- cygnos360
- freeBoot
- mod chip
October 20 2009, 3:00pm | More »

1 2 3 4

Make Club Ideastream
This site shows the latest, greatest, and most random articles on DIY projects. Consider it inspiration.

Popular Tags

Search