Posted Aug 15th 2008 5:00PM by Strom Carlson
Filed under: misc hacks, transportation hacks, security hacks
Picture this scenario: it's 2 AM, you're stuck somewhere you'd rather not be, and you've lost your car keys. If you can't call the Auto Club, what do you do? Hotwire your own car, of course.
Wired.com has a wiki article detailing all the things you need to do to get that car running: how to identify which wires to connect, potential pitfalls of newer cars that require an RFID chip in the key, and so on. Of course, hotwiring a car that doesn't belong to you is illegal, but this is one of those skills-like lockpicking-which just might come in handy in an emergency.
[Photo:
D.B. Blas]
Posted Aug 15th 2008 4:30PM by Kimberly Lau
Filed under: news, security hacks
Many computer users rely on
antivirus software from McAfee and Symantec to protect their computers from
malware, worms, and viruses. Since the creation of viruses outpaces the protection abilities of the software, antivirus protection lags behind and may not be as secure as you think. [Gary Warner] provides some examples of current malware making the rounds that
continue to be unaddressed by anti-virus vendors, including the recent "CNN Alerts: Breaking News" spam, which
morphed into MSNBC alert spoofs. Our advice? Keep your antivirus software updated, but don't believe that it will catch everything for you. Only open files from sources you know and trust.
[via
Waxy]
Posted Aug 15th 2008 3:50PM by Strom Carlson
Filed under: wireless hacks, news, security hacks
A federal grand jury in Boston has
charged eleven people with the theft of more than 41 million credit and debit card numbers from retail stores. What makes this case interesting is that, although the defendants stole the data from retail establishments, they did so without ever having to leave their cars; they stole the numbers while wardriving. While the report doesn't make it clear whether the targeted networks used weak encryption or were simply unsecured, it's obvious that the security of your data is still not a top priority for many companies.
[photo:
Mujitra]
Posted Aug 15th 2008 10:31AM by Caleb Kraft
Filed under: home hacks, daily, security hacks
In the same vein as our recent
Defcon article on
biometric cloning, White Wolf Security has released this article about turning a
biometric door lock into a trojan. They note that there are many common ways to break into one, from harvesting fingerprints to using gummy bears to fake a finger. This hack involves having full access to the unit so you can disassemble it.
The unit has a system built-in where you can touch a 9-volt battery to some connectors on the bottom to power it in case of a building power failure. The researchers simply routed some wires from the motorized lock to the plates used for the 9-volt and then reassembled the lock. The door can then be opened at any time without verification, even if the software on the unit is reset.
[Thanks, dwight]
Posted Aug 14th 2008 9:40PM by Eliot Phillips
Filed under: news, security hacks
One of the more novel talks we saw at
Defcon was [Zac Franken]
presenting on access control systems. He covered several different types, but the real fun was his live demo of bypassing a hand geometry scanners like the one pictured above. With the help of two assistants, 4 pounds of chromatic dental alginate, and 5 liters of water, he made a mold of his hand. The box he placed his hand in had markings to show where the pegs on the scanner are located. After 2 minutes he could remove his hand from the cavity. They then filled the mold with vinylpolysiloxane, making sure to remove all bubbles. 20 minutes later the hand was solid and passed the scanner's test. This may not be a completely practical attack, but it does defeat the overall idea of biometrics; biometrics are built on the assumption that every person is unique and can't have their features reproduced.
[Zac] also showed an interesting magnetic card spoofer that emulated all three tracks using coils of magnet wire. We hope to see more about that in the future.
[photo:
morgan.davis]
Posted Aug 13th 2008 11:15AM by Eliot Phillips
Filed under: cons, security hacks
While
Black Hat and
Defcon have both concluded, we're going to post a few more talks that we think deserve attention. [Sherri Sparks] and [Shawn Embleton] from
Clear Hat presented Deeper Door, exploiting the NIC chipset. Windows machines use
NDIS, the Network Driver Interface Specification, to communicate between the OS and the actual NIC. NDIS is an API that lets programmers talk to network hardware in a general fashion. Most firewalls and
intrusion detection systems monitor packets at the NDIS level. The team took a novel approach to bypassing machine security by hooking directly to the network card, below the NDIS level.
The team targeted the Intel 8255x chipset because of its open documentation and availability of compatible cards like the Intel PRO/100B. They found that sending data was very easy: Write a UDP packet to a specific memory address, check to make sure the card is idle, and then tell it to send. The receive side was slightly more difficult, because you have to intercept all inbound traffic and filter out the replies you want from the legitimate packets. Even though they were writing low level chipset specific code, they said it was much easier to implement than writing an NDIS driver. While a certainly a clever way to implement a covert channel, it will only bypass an IDS or firewall on the same host and not one on the network.
[photo:
Big Fat Rat]
Posted Aug 13th 2008 10:30AM by Nick Caiello
Filed under: news, security hacks
While we're sure that just about everyone has heard about the conflict between Russia and Georgia, few have probably heard about the role of
cyber attacks in the conflict. Shortly before Russia's armed response, Georgian state web servers were attacked by individuals assumed to be Russian hackers. This attack almost completely obliterated Georgia's online presence by shutting down the website for the
Ministry of Defense, and the
Central Government's main site. The Russian attackers seem to be using some form of sustained
DDoS to keep many Georgian sites offline. In an effort to preserve some web presence, the Georgian Government transferred
[President Mikheil Saakashvili]'s site to a US hosting provider in Atlanta. The
Ministry of Foreign Affairs even created a
BlogSpot page after their website initially went down. While
politically motivated DDoS attacks have not been rare in past months, this seems to be the first time where the attacking party can be clearly identified. This seems to be the start of a trend where the unconventional methods of cyber warfare are used to gain an advantage over the enemy.
[photo:
somefool]
Posted Aug 13th 2008 8:03AM by Kimberly Lau
Filed under: news, security hacks
[Brian Salcedo] made headlines a few years ago as a hacker who attempted to break into Lowe's corporate network. He is currently serving a
nine-year prison sentence, one of the longest sentences for a computer hacking offense. Recent events surrounding a different hacking case have revealed that the buyer he worked for, [Albert "Segvec" Gonzalez],
was a Secret Service informant. [Salcedo] claims that were it not for [Gonzalez]'s threats, he would not have committed the hacking offense. While the
Secret Service may not have even been aware of [Gonzalez's] activity with other hackers, [Salcedo] could make a case of entrapment by arguing that [Gonzalez] threatened him as a government agent in order to make him plant the sniffer in Lowe's network.
Posted Aug 9th 2008 8:45PM by Patrick Lokken
Filed under: transportation hacks, cons, security hacks
[
Zack Anderson], [
RJ Ryan], and [
Alessandro Chiesa] were sued by the Massachusetts Bay Transit Authority for an alleged violation of the Computer Fraud and Abuse Act after copies of their presentation slides were circulated at Defcon 16. The slides give an eye widening glimpse into the massive security holes present in the Boston subway system. There are at least 4 major security flaws in the subway, which allowed them to get free subway rides by finding unlocked, back door routes into the subway, spoofing magnetic and RFID cards, and attacking the MTBA's network. Judge Douglas P. Woodlock has issued a gag order, stopping the trio from giving the presentation at Defcon or disclosing sensitive information for ten days. However, the MIT school newspaper,
The Tech, has
published a PDF of the slides online. The research culminated in the trio
warcarting the MTBA's headquarters and being driven off by police.
Posted Aug 8th 2008 6:30PM by Kimberly Lau
Filed under: news, security hacks
Mozilla security chief [Window Snyder] made some
surprising announcements about Firefox Next, Mozilla's next major browser overhaul. In her chat at the
Black Hat security conference, she introduced three new initiatives that focused on threat modeling, training, and vulnerability metrics. For the threat modeling initiative, she's hired
Matasano Security consultants to review Firefox's code for weaknesses and recommend mitigation tactics to protect the browser from hacker attacks. This isn't inherently unusual; what is abnormal is that the information, once the work is done, will be revealed to the public. The training initiative will have
IOActive trainers working with Mozilla engineers on secure computer programming practices. At the end, according to [Snyder], online versions of the classes will be released to the public, along with the class materials. The last initiative revolves around security metrics, and is already in progress. Essentially, the project will ideally take the focus off of patch-counting and provide a better assessment of security and vulnerability issues. [Snyder] says "We're in the early phase, working on incorporating feedback from the rest of the industry." She also reveals some more Firefox developments, including possibly incorporating
NoScript into the core browser and implementing protected mode, but they're still a long way from becoming standard features.
Posted Aug 8th 2008 5:30PM by Patrick Lokken
Filed under: misc hacks, security hacks
French reporters at Black Hat crossed the line when they
sniffed fellow reporters' login info on the designated "safe" wired network. Proud of their handiwork, they were nabbed when they tried to get their spoils posted on the
wall of sheep, which is used to publicly post attendees credintials. It turns out that monitoring communications without informing one of the parties involved is a felony, so although it is legal to sniff convention goers' login info with their knowledge, hacking reporters covering the event is a no-no. An FBI agent we ran into commented that in his experience, they'd probably just turn it over to the local US attorney's office to see if they wanted to proceed with an investigation.
We're in the
Defcon press room today and there's still a buzz about these "sleazy" French reporters. We're tunneling through our cell connection like any sane person at a security conference.
Posted Aug 7th 2008 2:50PM by Nick Caiello
Filed under: news, security hacks
The US Department of Homeland Security recently disclosed a new policy
that allows agents to seize laptops, or anything capable of storing information, "for a reasonable period of time". Okay, so this seems normal; A government agency is declaring they may confiscate personal property. However, the strange part of this story is that under this policy, federal agents can confiscate these things without any suspicion of wrong doing or any reason what so ever. So what happens to your personal data after they seize your laptop? Apparently they share the data with federal agencies, and in some cases the private sector, as additional services such as file decryption or translation are needed. While this may seem like a major violation of privacy, it is important to note that this policy only applies to people entering the United States. However given the direction that our federal government is moving in the area of security, it wouldn't surprise me if this policy will soon apply for domestic flights as well.
[photo:
postmodern sleaze]
[via
eff.org]
Posted Aug 6th 2008 4:05PM by Jimmie Rodgers
Filed under: news, security hacks
The EFF has just announce the creation of the
Coders' Rights Project website at the
Black Hat conference. The sites' main goal is to centralize legal information for coders, and to help protect important security work from legal actions that may be taken against them with the DMCA and other legal black holes. While this is in no way a fully comprehensive list of everything you need to know, it looks like a good place to start, and provides a few FAQs for suggestions on how to stay in the legal clear as much as possible. At numerous points the documents suggest you speak with a lawyer, if you have any deeper questions, which you absolutely should. This can be very helpful if a person or group finds a security risk, and wants to publish it, or just wants to start looking into possible security risks.
Next Page >
hack a day serves up a fresh hack each day, every day from around the web and a special how-to hack each week.
send us your hacks
have a hack you'd like to see here? tell us about it
Most Commented On (60 days)
Recent Comments
