jm + hacking   68

Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
RUSSIAN MILITARY INTELLIGENCE [GRU] executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.

The top-secret National Security Agency document, which was provided anonymously to The Intercept and independently authenticated, analyzes intelligence very recently acquired by the agency about a months-long Russian intelligence cyber effort against elements of the U.S. election and voting infrastructure. The report, dated May 5, 2017, is the most detailed U.S. government account of Russian interference in the election that has yet come to light.
politics  russia  nsa  leaks  us-politics  cyberattacks  gru  hacking  elections  spear-phishing  phishing  e-voting 
6 weeks ago by jm
Capturing all the flags in BSidesSF CTF by pwning Kubernetes/Google Cloud
good exploration of the issues with running a CTF challenge (or any other secure infrastructure!) atop Kubernetes and a cloud platform like GCE
gce  google-cloud  kubernetes  security  docker  containers  gke  ctf  hacking  exploits 
12 weeks ago by jm
American Snoper – Medium
The grugq on Putin vs France:
How modern conflicts play out in the informatics sphere, what I mean when I talk about cyber war, is happening in France. After France there will be Germany, then the Scandinavian countries have their elections. There is no chance that Putin attempting to shape the world to best suit Russian interests will abate. Currently, the strongest area that he can contend in is the informatics sphere, the cyber realm, where human perception of reality is shaped.
putin  france  elections  russia  cyber-war  hacking  security  wikileaks 
march 2017 by jm
Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware
DRM working as expected:
To avoid the draconian locks that John Deere puts on the tractors they buy, farmers throughout America's heartland have started hacking their equipment with firmware that's cracked in Eastern Europe and traded on invite-only, paid online forums. Tractor hacking is growing increasingly popular because John Deere and other manufacturers have made it impossible to perform "unauthorized" repair on farm equipment, which farmers see as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time.

(via etienneshrdlu)
hacking  farming  drm  john-deere  tractors  firmware  right-to-repair  repair 
march 2017 by jm
GitHub's new Balanced Employee IP Agreement (BEIPA) lets workers keep the IP when they use company resources for personal projects — Quartz
Huh, interesting development:
If it’s on company time, it’s the company’s dime. That’s the usual rule in the tech industry—that if employees use company resources to work on projects unrelated to their jobs, their employer can claim ownership of any intellectual property (IP) they create.
But GitHub is throwing that out the window. Today the code-sharing platform announced a new policy, the Balanced Employee IP Agreement (BEIPA). This allows its employees to use company equipment to work on personal projects in their free time, which can occur during work hours, without fear of being sued for the IP. As long as the work isn’t related to GitHub’s own “existing or prospective” products and services, the employee owns it.
github  law  tech  jobs  work  day-job  side-projects  hacking  ip  copyright 
march 2017 by jm
St. Petersburg team operated a PRNG hack against Vegas slots
According to Willy Allison, a Las Vegas–based casino security consultant who has been tracking the Russian scam for years, the operatives use their phones to record about two dozen spins on a game they aim to cheat. They upload that footage to a technical staff in St. Petersburg, who analyze the video and calculate the machine’s pattern based on what they know about the model’s pseudorandom number generator. Finally, the St. Petersburg team transmits a list of timing markers to a custom app on the operative’s phone; those markers cause the handset to vibrate roughly 0.25 seconds before the operative should press the spin button.

“The normal reaction time for a human is about a quarter of a second, which is why they do that,” says Allison, who is also the founder of the annual World Game Protection Conference. The timed spins are not always successful, but they result in far more payouts than a machine normally awards: Individual scammers typically win more than $10,000 per day. (Allison notes that those operatives try to keep their winnings on each machine to less than $1,000, to avoid arousing suspicion.) A four-person team working multiple casinos can earn upwards of $250,000 in a single week.
prng  hacking  security  exploits  randomness  gambling  las-vegas  casinos  slot-machines 
february 2017 by jm
Did the Russians “hack” the election? A look at the established facts | Ars Technica
solid roundup. There's a whole lot of evidence pointing Russia's way, basically
usa  russia  hacking  politics  security  us-politics  trump 
december 2016 by jm
Live Streaming Security Games
Rapid Fire is a special event we started hosting at our own in-person CTFs in 2014. The idea is pretty simple:

Create several CTF challenges that can be solved in a few minutes each.
Set up the challenges on 4 identical computers with some basic tools.
Mirror the player’s screens so the audience can watch their actions.
Whoever solves the most challenges the fastest wins.

This event is interesting for a number of reasons: the players are under intense pressure, as everything they do is being watched by several people; the audience can watch several different approaches to the same problems; and people can follow along fairly easily with what is going on with the challenges.


With e-sports-style video!
gaming  hacking  security  e-sports  streaming  twitch  ctf 
may 2016 by jm
How I Hacked Facebook, and Found Someone's Backdoor Script
Great writeup of a practical pen test. Those crappy proprietary appliances that get set up "so the CEO can read his email on the road" etc. are always a weak spot
facebook  hacking  security  exploits  pen-tests  backdoors 
april 2016 by jm
SmartThings Presence Detection using DD-WRT Router Script
neat trick -- using DD-WRT's arp tables and a cron job to detect presence of wifi devices (e.g. phones) and take action based on that. By using https://ifttt.com/maker , it should be feasible to wire up any IFTTT action when a device connects to my home wifi...
wifi  make  hacking  home  ifttt  dd-wrt 
march 2016 by jm
US Lottery insider accused of stealing millions by hacking lottery machines across the US
Prosecutors believe that Tipton, 52, used his access to the machines to surreptitiously install software programs that let him know the winning numbers in advance before disappearing without a trace. They say he worked with associates such as his brother Tommy Tipton — a Texas judge — and Texas businessman Robert Rhodes to play those numbers and collect prizes dating back to 2005.
us  lotteries  prng  randomness  exploits  hacking  insider-attacks  lottery 
january 2016 by jm
Big Brother Watch on Twitter: "Anyone can legally have their phone or computer hacked by the police, intelligence agencies, HMRC and others #IPBill https://t.co/3ZS610srCJ"
As Glynn Moody noted, if UK police, intelligence agencies, HMRC and others call all legally hack phones and computers, that also means that digital evidence can be easily and invisibly planted. This will undermine future court cases in the UK, which seems like a significant own goal...
hmrc  police  gchq  uk  hacking  security  law-enforcement  evidence  law 
december 2015 by jm
Dr TJ McIntyre: Fight against cybercrime needs funding, not more words - Independent.ie
Is the Irish policing system capable of tackling computer crime? A report this week from the Garda Inspectorate makes it clear that the answer is no. There is no Garda cybercrime unit, which is of serious concern given the threat posed by cybercrime to key national infrastructure such as energy, transport and telecommunications systems. [...]

A combination of inadequate resources and increased workload have swamped the [Computer Crime Investigation Unit]. Today, almost every crime is a computer crime, in the sense that mobile phones, laptops and even devices such as game consoles are likely to contain evidence. The need to forensically inspect all these devices - using outdated equipment - has resulted in several-year delays and seem to have forced the unit into a position where it is running to stand still rather than responding to new developments.
via:tjmcintyre  ireland  cybercrime  law  policing  hacking 
december 2015 by jm
Three quarters of cars stolen in France 'electronically hacked' - Telegraph
The astonishing figures come two months after computer scientists in the UK warned that thousands of cars – including high-end brands such as Porsches and Maseratis - are at risk of electronic hacking. Their research was suppressed for two years by a court injunction for fear it would help thieves steal vehicles to order. The kit required to carry out such “mouse jacking”, as the French have coined the practice, can be freely purchased on the internet for around £700 and the theft of a range of models can be pulled off “within minutes,” motor experts warn.
hacking  security  security-through-obscurity  mouse-jacking  cars  safety  theft  crime  france  smart-cars 
november 2015 by jm
How a criminal ring defeated the secure chip-and-PIN credit cards | Ars Technica
Ingenious --
The stolen cards were still considered evidence, so the researchers couldn’t do a full tear-down or run any tests that would alter the data on the card, so they used X-ray scans to look at where the chip cards had been tampered with. They also analyzed the way the chips distributed electricity when in use and used read-only programs to see what information the cards sent to a Point of Sale (POS) terminal.

According to the paper, the fraudsters were able to perform a man-in-the-middle attack by programming a second hobbyist chip called a FUN card to accept any PIN entry, and soldering that chip onto the card’s original chip. This increased the thickness of the chip from 0.4mm to 0.7mm, "making insertion into a PoS somewhat uneasy but perfectly feasible,” the researchers write. [....]

The researchers explain that a typical EMV transaction involves three steps: card authentication, cardholder verification, and then transaction authorization. During a transaction using one of the altered cards, the original chip was allowed to respond with the card authentication as normal. Then, during card holder authentication, the POS system would ask for a user’s PIN, the thief would respond with any PIN, and the FUN card would step in and send the POS the code indicating that it was ok to proceed with the transaction because the PIN checked out. During the final transaction authentication phase, the FUN card would relay the transaction data between the POS and the original chip, sending the issuing bank an authorization request cryptogram which the card issuer uses to tell the POS system whether to accept the transaction or not.
security  chip-and-pin  hacking  pos  emv  transactions  credit-cards  debit-cards  hardware  chips  pin  fun-cards  smartcards 
october 2015 by jm
Analysis of PS4's security and the state of hacking
FreeBSD jails and Return-Oriented Programming:
Think of [Return-Oriented Programming] as writing a new chapter to a book, using only words that have appeared at the end of sentences in the previous chapters.
ps4  freebsd  jails  security  exploits  hacking  sony  rop  return-oriented-programming 
august 2015 by jm
HACKERS REMOTELY KILL A JEEP ON THE HIGHWAY—WITH ME IN IT
Jaysus, this is terrifying.
Miller and Valasek’s full arsenal includes functions that at lower speeds fully kill the engine, abruptly engage the brakes, or disable them altogether. The most disturbing maneuver came when they cut the Jeep’s brakes, leaving me frantically pumping the pedal as the 2-ton SUV slid uncontrollably into a ditch.


Avoid any car which supports this staggeringly-badly-conceived Uconnect feature:

All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot.


:facepalm:

Also, Chrysler's response sucks: "Chrysler’s patch must be manually implemented via a USB stick or by a dealership mechanic."
hacking  security  cars  driving  safety  brakes  jeeps  chrysler  fiat  uconnect  can-bus  can 
july 2015 by jm
Security theatre at Allied Irish Banks
Allied Irish Banks's web and mobile banking portals are ludicrously insecure. Vast numbers of accounts have easily-guessable registration numbers and are thus 'protected' by a level of security that is twice as easy to crack as would be provided by a single password containing only two lowercase letters.
A person of malicious intent could easily gain access to hundreds, possibly thousands, of accounts as well as completely overwhelm the branch network by locking an estimated several 100,000s of people out of their online banking.
Both AIB and the Irish Financial Services Ombudsman have refused to respond meaningfully to multiple communications each in which these concerns were raised privately.
aib  banking  security  ireland  hacking  ifso  online-banking 
june 2015 by jm
China’s Spies Hit the Blackmail Jackpot With Data on 4 Million Federal Workers
The Daily Beast is scathing re the OPM hack:
Here’s where things start to get scary. Whoever has OPM’s records knows an astonishing amount about millions of federal workers, members of the military, and security clearance holders. They can now target those Americans for recruitment or influence. After all, they know their vices, every last one—the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side—since all that is recorded in security clearance paperwork. (To get an idea of how detailed this gets, you can see the form, called an SF86, here.) Speaking as a former counterintelligence officer, it really doesn’t get much worse than this.
daily-beast  sf86  clearance  us-government  america  china  cyberwar  hacking  opm  privacy 
june 2015 by jm
A Piece of Apple II History Cracks Open — May 24, 2015
Lovely description of cracking (ie. copy-protection removal) in the Apple-II era. Very reminiscent of the equivalent in the C=64 scene, from my experience. ;)
history  c=64  apple-ii  personal-computers  archive  cracks  copy-protection  hacking 
may 2015 by jm
Sony PSN hacking horror story
My account got hacked, running up over $600 in charges. Here's the conclusion after running through the Sony support gauntlet.
They can only refund up to $150.
I can dispute the charges with my bank, but that will result in my account being banned.
I cannot unban my account, and will thus lose my purchases ("but you only have the Last of Us and some of our free games, so it's not a big deal")
Whomever hacked my account deactivated my PS4, and activated their own. Customer support will only permit one activation every 6 months. I'm locked out of logging into my own account on my PS4 for six months.
games  sony  psn  playstation  fail  ps4  hacking  security  customer-support  horror-stories 
march 2015 by jm
Anatomy of a Hack
Authy doesn't come off well here:

'Authy should have been harder to break. It's an app, like Authenticator, and it never left Davis' phone. But Eve simply reset the app on her phone using a mail.com address and a new confirmation code, again sent by a voice call. A few minutes after 3AM, the Authy account moved under Eve's control.'
authy  security  hacking  mfa  authentication  google  apps  exploits 
march 2015 by jm
Extracting the SuperFish certificate
not exactly the most challenging reverse I've ever seen ;)
reverse-engineering  security  crypto  hacking  tls  ssl  superfish  lenovo 
february 2015 by jm
How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last
'"Equation Group" ran the most advanced hacking operation ever uncovered.' Mad stuff. The security industry totally failed here
nsa  privacy  security  surveillance  hacking  keyloggers  malware 
february 2015 by jm
ODROID-C1 - Multicore credit card computer
Pretty amazing specs for a 33 quid SBC.
Amlogic ARM® Cortex®-A5(ARMv7) 1.5Ghz quad core CPUs 

* Mali™-450 MP2 GPU (OpenGL ES 2.0/1.1 enabled for Linux and Android)

* 1Gbyte DDR3 SDRAM

* Gigabit Ethernet

* 40pin GPIOs

* eMMC4.5 HS200 Flash Storage slot / UHS-1 SDR50 MicroSD Card slot

* USB 2.0 Host x 4, USB OTG x 1,

* Infrared(IR) Receiver

* Uses Ubuntu 14.04 or Android KitKat operating systems


Includes HDMI out. (via Conor O'Neill)
via:conoro  uk  sbc  hacking  linux  hardware  odroid  gadgets 
january 2015 by jm
Wired on "Regin"
The researchers have no doubt that Regin is a nation-state tool and are calling it the most sophisticated espionage machine uncovered to date—more complex even than the massive Flame platform, uncovered by Kaspersky and Symantec in 2012 and crafted by the same team who created Stuxnet.

“In the world of malware threats, only a few rare examples can truly be considered groundbreaking and almost peerless,” writes Symantec in its report about Regin.

Though no one is willing to speculate on the record about Regin’s source, news reports about the Belgacom and Quisquater hacks pointed a finger at GCHQ and the NSA. Kaspersky confirms that Quisqater was infected with Regin, and other researchers familiar with the Belgacom attack have told WIRED that the description of Regin fits the malware that targeted the telecom, though the malicious files used in that attack were given a different name, based on something investigators found inside the platform’s main file.
regin  malware  security  hacking  exploits  nsa  gchq  symantec  espionage 
november 2014 by jm
Stupid Projects From The Stupid Hackathon
Amazing.
iPad On A Face by Cheryl Wu is a telepresence robot, except it’s a human with an iPad on his or her face.
funny  hacking  stupid  hackathons  ipad-on-a-face  telepresence  hacks  via:hn 
november 2014 by jm
Need To Know 1999-11-05
15 years ago today -- Sitescooper appeared in NTK!
Official NTK policy is that if you're not reading this in
its definitive, non-proportional e-mail form, you're a
fricking girl. And all the best fricking girls these days
have a Palm, so JUSTIN MASON has been kindly running the Web
page through his brilliant sitescooper (aka snarfnews)
program, and dumping the results for download at his site.
NTK is available in DOC and iSilo formats, as are all kinds
of other girlish, lavender-smelling Websites you may want to
read, like The Register and the Linux Weekly News. And "Dr
Koop's Health News".
ntk  history  hacking  sitescooper  palm-pilot  open-source  1999 
november 2014 by jm
UK police to investigate alleged Bahraini hacking of exiles’ computers
Criminal complaints have been filed in the UK against Gamma "acting as an accessory to Bahrain's illegal targeting of activists" using the FinFisher spyware
finfisher  spyware  malware  gamma  bahrain  law  surveillance  privacy  germany  hacking 
october 2014 by jm
Shellshock
An _extremely_ detailed resource about the bash bug
bash  hacking  security  shell  exploits  reference  shellshock 
october 2014 by jm
Nik Cubrilovic - Notes on the Celebrity Data Theft
tl;dr: a lot of people are spending a lot of time stealing nudie pics from celebrities. See also http://www.zdziarski.com/blog/?p=3783 for more details on the probable approaches used. Grim.
apple  privacy  security  celebrities  pics  hacking  iphone  ipad  ios  exploits  brute-force  passwords  2fa  mfa  find-my-iphone  icloud  backups 
september 2014 by jm
Revisiting How We Put Together Linux Systems
Building a running OS out of layered btrfs filesystems. This sounds awesome.
Instantiating a new system or OS container (which is exactly the same in this scheme) just consists of creating a new appropriately named root sub-volume. Completely naturally you can share one vendor OS copy in one specific version with a multitude of container instances.

Everything is double-buffered (or actually, n-fold-buffered), because usr, runtime, framework, app sub-volumes can exist in multiple versions. Of course, by default the execution logic should always pick the newest release of each sub-volume, but it is up to the user keep multiple versions around, and possibly execute older versions, if he desires to do so. In fact, like on ChromeOS this could even be handled automatically: if a system fails to boot with a newer snapshot, the boot loader can automatically revert back to an older version of the OS.


(via Tony Finch)
via:fanf  linux  docker  btrfs  filesystems  unionfs  copy-on-write  os  hacking  unix 
september 2014 by jm
Cloudwash – Creating the Technical Prototype
This is a lovely demo of integrating modern IoT connectivity functionality (remote app control, etc.) with a washing machine using Bergcloud's hardware and backend, and a little logic-analyzer reverse engineering.
arduino  diy  washing-machines  iot  bergcloud  hacking  reversing  logic-analyzers  hardware 
august 2014 by jm
Syria's 2012 internet disconnection wasn't on purpose
According to Edward Snowden, it was a side-effect of the NSA attempting to install an exploit in one of the core routers at a major Syrian ISP, and accidentally bricking the router
routers  exploits  hacking  software  tao  nsa  edward-snowden  syria  internet  privacy 
august 2014 by jm
Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins | Threat Level | WIRED
'The attacker specifically targeted a collection of bitcoin mining “pools”–bitcoin-producing cooperatives in which users contribute their computers’ processing power and are rewarded with a cut of the resulting cryptocurrency the pool produces. The redirection technique tricked the pools’ participants into continuing to devote their processors to bitcoin mining while allowing the hacker to keep the proceeds. At its peak, according to the researchers’ measurements, the hacker’s scam was pocketing a flow of bitcoins and other digital currencies including dogecoin and worldcoin worth close to $9,000 a day. “With this kind of hijacking, you can quite easily grab a large collection of clients,” says Pat Litke, one of the Dell researchers. “It takes less than a minute, and you end up with a lot of mining traffic under your control.”'

'In total, Stewart and Litke were able to measure $83,000 worth of cryptocurrency stolen in the BGP attack [...] but the total haul could be larger'
bitcoin  mining  fraud  internet  bgp  routing  security  attacks  hacking 
august 2014 by jm
Keyes New Starter Kit for Arduino Fans
$53 for a reasonable-looking Arduino starter kit, from DealExtreme. cheap cheap! In the inimitable DX style:
Keyes new beginner starter kit, pay more attention to beginners learning. Users can get rid of the difficult technological learning, from module used to quick start production.
learning  arduino  hardware  hacking  robotics  toys  dealextreme  tobuy 
july 2014 by jm
All at sea: global shipping fleet exposed to hacking threat | Reuters
Hackers recently shut down a floating oil rig by tilting it, while another rig was so riddled with computer malware that it took 19 days to make it seaworthy again; Somali pirates help choose their targets by viewing navigational data online, prompting ships to either turn off their navigational devices, or fake the data so it looks like they're somewhere else; and hackers infiltrated computers connected to the Belgian port of Antwerp, located specific containers, made off with their smuggled drugs and deleted the records.


(via Mikko Hypponen)
via:mikko  security  hacking  oilrigs  shipping  ships  maritime  antwerp  piracy  malware 
april 2014 by jm
LastPass Sentry Warns You When Your Online Accounts Have Been Breached
This is a brilliant feature. It just sent a warning to a friend about an old account he was no longer using
lastpass  security  passwords  hacking  accounts 
april 2014 by jm
GCHQ slide claiming that they DDoS'd anonymous' IRC servers
Mikko Hypponen: "This makes British Government the only Western government known to have launched DDoS attacks."
ddos  history  security  gchq  dos  anonymous  irc  hacking 
february 2014 by jm
More than 50% of Irish companies have "suffered a data breach" in 2013
The research, conducted among hundreds of Irish companies' IT managers by the Irish Computer Society, reveals that 51 per cent of Irish firms have suffered a data breach over the last year, a jump on 43 per cent recorded in 2012.


Wow, that's high.
hacking  security  ireland  ics  data-breaches 
january 2014 by jm
How an emulator-fueled robot reprogrammed Super Mario World on the fly
Suffice it to say that the first minute-and-a-half or so of this [speedrun] is merely an effort to spawn a specific set of sprites into the game's Object Attribute Memory (OAM) buffer in a specific order. The TAS runner then uses a stun glitch to spawn an unused sprite into the game, which in turn causes the system to treat the sprites in that OAM buffer as raw executable code. In this case, that code has been arranged to jump to the memory location for controller data, in essence letting the user insert whatever executable program he or she wants into memory by converting the binary data for precisely ordered button presses into assembly code (interestingly, this data is entered more quickly by simulating the inputs of eight controllers plugged in through simulated multitaps on each controller port).


oh. my. god. This is utterly bananas.
games  hacking  omgwtfbbq  hacks  buffer-overrun  super-mario  snes  security 
january 2014 by jm
On Hacking MicroSD Cards
incredible stuff from Bunnie Huang:
Today at the Chaos Computer Congress (30C3), xobs and I disclosed a finding that some SD cards contain vulnerabilities that allow arbitrary code execution — on the memory card itself. On the dark side, code execution on the memory card enables a class of MITM (man-in-the-middle) attacks, where the card seems to be behaving one way, but in fact it does something else. On the light side, it also enables the possibility for hardware enthusiasts to gain access to a very cheap and ubiquitous source of microcontrollers.
security  memory  hacking  hardware  ccc  sd-cards  memory-cards 
december 2013 by jm
SkyJack - autonomous drone hacking
Samy Kamkar strikes again. 'Using a Parrot AR.Drone 2, a Raspberry Pi, a USB battery, an Alfa AWUS036H wireless transmitter, aircrack-ng, node-ar-drone, node.js, and my SkyJack software, I developed a drone that flies around, seeks the wireless signal of any other drone in the area, forcefully disconnects the wireless connection of the true owner of the target drone, then authenticates with the target drone pretending to be its owner, then feeds commands to it and all other possessed zombie drones at my will.'
drones  amazon  hacking  security  samy-kamkar  aircrack  node  raspberry-pi  airborne-zombies 
december 2013 by jm
Rhizome | Occupy.here: A tiny, self-contained darknet
Occupy.here began two years ago as an experiment for the encampment at Zuccotti Park. It was a wifi router hacked to run OpenWrt Linux (an operating system mostly used for computer networking) and a small "captive portal" website. When users joined the wifi network and attempted to load any URL, they were redirected to http://occupy.here. The web software offered up a simple BBS-style message board providing its users with a space to share messages and files.


Nifty project from Dan Phiffer.
occupy.here  openwrt  hacking  wifi  network  community 
october 2013 by jm
To solve hard problems, you need to use bricolage
In a talk about a neat software component he designed, Bruce Haddon observed that there is no way that the final structure and algorithmic behavior of this component could have been predicted, designed, or otherwise anticipated.
Haddon observed that computer science serves as a source of core ideas: it provides the data structures and algorithms that are the building blocks. Meanwhile, he views software engineering as a useful set of methods to help design reliable software without losing your mind. Yet he points out that neither captures the whole experience.

That’s because much of the work is what Haddon calls hacking, but what others would call bricolage. Simply put, there is much trial and error: we put ideas to together and see where it goes.


This is a great post, and I agree (broadly). IMO, most software engineering requires little CS, but there are occasional moments where a single significant aspect of a project requires a particular algorithm, and would be kludgy, hacky, or over-complex to solve without it.
bricolage  hacking  cs  computer-science  work  algorithms 
september 2013 by jm
Ivan Ristić: Defending against the BREACH attack
One interesting response to this HTTPS compression-based MITM attack:
The award for least-intrusive and entirely painless mitigation proposal goes to Paul Querna who, on the httpd-dev mailing list, proposed to use the HTTP chunked encoding to randomize response length. Chunked encoding is a HTTP feature that is typically used when the size of the response body is not known in advance; only the size of the next chunk is known. Because chunks carry some additional information, they affect the size of the response, but not the content. By forcing more chunks than necessary, for example, you can increase the length of the response. To the attacker, who can see only the size of the response body, but not anything else, the chunks are invisible. (Assuming they're not sent in individual TCP packets or TLS records, of course.) This mitigation technique is very easy to implement at the web server level, which makes it the least expensive option. There is only a question about its effectiveness. No one has done the maths yet, but most seem to agree that response length randomization slows down the attacker, but does not prevent the attack entirely. But, if the attack can be slowed down significantly, perhaps it will be as good as prevented.
mitm  attacks  hacking  security  compression  http  https  protocols  tls  ssl  tcp  chunked-encoding  apache 
august 2013 by jm
There's a map for that
'Not long ago, we began rendering 3D models on GitHub. Today we're excited to announce the latest addition to the visualization family - geographic data. Any .geojson file in a GitHub repository will now be automatically rendered as an interactive, browsable map, annotated with your geodata.'

As this HN comment notes, https://news.ycombinator.com/item?id=5875693 -- 'I'd much rather Github cleaned up the UI for existing features than added these little flourishes that I can't imagine even 1% of users use.' Something is seriously wrong in how GitHub decides product direction if this kind of wankology (and that Judy-array crap) is what gets prioritised. :(

(via Marc O'Morain)
via:marc  github  mapping  maps  geojson  hacking  product-management  ui  pull-requests 
june 2013 by jm
Spamhaus victim of BGP route hijacking
Pretty major hi-jinks. Neil Schwartzman says it didn't go on for long, but still, this is crazy antics.

As can seen from the BGP output, we were using a /32 route going over AS 34109. This was highly suspicious for two reasons. First, a /32 route refers only to a single IP address. Except in special cases, routes are normally /24 (256 hosts) or larger. Second, the AS 34109 belongs to CB3ROB which is an Internet provider that has actually been in conflict with Spamhaus (see: spamhaus; allspammedup; theregister). Certainly they weren’t running a legitimate Spamhaus server. It seems clear that the CB3ROB network hijacked one (or more) of the IP addresses of Spamhaus, and installed a DNS server there which incorrectly returns positive results to every query. The result causes harm to Spamhaus users and their customers, making Spamhaus unusable for anyone unable to correct the problem as we did, and perhaps even undermining the credibility of Spamhaus itself.
spamhaus  security  bgp  peering  internet  routing  hacking  dns  dnsbls  cb3rob  as-34109 
march 2013 by jm
One of CloudFlare's upstream providers on the "death of the internet" scare-mongering
Having a bad day on the Internet is nothing new. These are the types
of events we deal with on a regular basis, and most large network
operators are very good at responding quickly to deal with situations like
this. In our case, we worked with Cloudflare to quickly identify the
attack profile, rolled out global filters on our network to limit the
attack traffic without adversely impacting legitimate users, and worked
with our other partner networks (like NTT) to do the same. If the attacks
had stopped here, nobody in the "mainstream media" would have noticed, and
it would have been just another fun day for a few geeks on the Internet.

The next part is where things got interesting, and is the part that nobody
outside of extremely technical circles has actually bothered to try and
understand yet. After attacking Cloudflare and their upstream Internet
providers directly stopped having the desired effect, the attackers turned
to any other interconnection point they could find, and stumbled upon
Internet Exchange Points like LINX (in London), AMS-IX (in Amsterdam), and
DEC-IX (in Frankfurt), three of the largest IXPs in the world. An IXP is
an "interconnection fabric", or essentially just a large switched LAN,
which acts as a common meeting point for different networks to connect and
exchange traffic with each other. One downside to the way this
architecture works is that there is a single big IP block used at each of
these IXPs, where every network who interconnects is given 1 IP address,
and this IP block CAN be globally routable. When the attackers stumbled
upon this, probably by accident, it resulted in a lot of bogus traffic
being injected into the IXP fabrics in an unusual way, until the IXP
operators were able to work with everyone to make certain the IXP IP
blocks weren't being globally re-advertised.

Note that the vast majority of global Internet traffic does NOT travel
over IXPs, but rather goes via direct private interconnections between
specific networks. The IXP traffic represents more of the "long tail" of
Internet traffic exchange, a larger number of smaller networks, which
collectively still adds up to be a pretty big chunk of traffic. So, what
you actually saw in this attack was a larger number of smaller networks
being affected by something which was an completely unrelated and
unintended side-effect of the actual attacks, and thus *poof* you have the
recipe for a lot of people talking about it. :)

Hopefully that clears up a bit of the situation.
bandwidth  internet  gizmodo  traffic  cloudflare  ddos  hacking 
march 2013 by jm
Bunnie Huang's "Hacking the Xbox" now available as a free PDF
'No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.

I agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox. You’ll also read about the crushing disappointment of receiving a letter from MIT legal repudiating any association with my work, effectively leaving me on my own to face Microsoft.

The difference was that the faculty of my lab, the AI laboratory, were outraged by this treatment. They openly defied MIT legal and vowed to publish my work as an official “AI Lab Memo,” thereby granting me greater negotiating leverage with Microsoft. Microsoft, mindful of the potential backlash from the court of public opinion over suing a legitimate academic researcher, came to a civil understanding with me over the issue.'

This is a classic text on hardware reverse-engineering and the freedom to tinker -- strongly recommended.
hacking  bunnie-huang  xbox  free  hardware  drm  freedom-to-tinker  books  reading  mit  microsoft  history 
march 2013 by jm
Conor’s 2012 Raspberry Pi Christmas Gift Guide
Ah, memories! Wish my kiddies were old enough for one of these...

I really think this Christmas could be a lovely replay of 1982 for a lot of people, like me, who got their first home computer that year. You could have so much fun on Christmas Day messing with the RPi rather than falling asleep in front of the fire. Just don’t fight over who gets the telly when Doctor Who is on.

Whilst the bare-bones nature of the Raspberry Pi is wonderful, it is unusable out of the box unless you are a house with smartphones, digital cameras and existing PCs already that you can raid for components. What you want to avoid is a repeat of me that December in 1982 with my brand-new 16K ZX Spectrum which didn’t work on our Nordmende TV until two weeks later when the RTV Rentals guy came and replaced the TV Tuner. Two weeks typing Beep 1,2 to make sure it wasn’t broken.
raspberry-pi  gifts  computers  kids  hacking  education  gadgets  christmas 
november 2012 by jm
Massive identity-theft breach in South Korea results in calls for national ID system to be abandoned
In South Korea, web users are required to provide their national ID number for "virtually every type of Internet activity, not only for encrypted communications like e-commerce, online banking and e-government services but also casual tasks like e-mail and blogging", apparently in an attempt to "curb cyber-bullying". The result is obvious -- those ID numbers being collected in giant databases at companies like "SK Communications, which runs top social networking service Cyworld and search site Nate", and those giant databases being tasty targets for black-hats. Now:

"In Korea’s biggest-ever case of data theft the recent hacking attack at SK Communications, which runs top social networking service Cyworld and search site Nate, breached 35 million accounts, a mind-boggling total for a country that has about 50 million people and an economically-active population of 25 million. The compromised information includes names, passwords, phone numbers, e-mail addresses, and most alarmingly, resident registration numbers, the country’s equivalent to social security numbers."

This is an identity-fraudster's dream: "In the hands of criminals, resident registration numbers could become master keys that open every door, allowing them to construct an entire identity based on the quality and breadth of data involved."
south-korea  identity  fraud  identity-theft  web  bullying  authentication  hacking 
june 2012 by jm
Black Hat: Insulin pumps can be hacked
"Everything has an embedded processor and computer in it," he said. "Every time you hide behind [security by] obscurity, it is going to fail."

Brad Smith, a researcher and Black Hat conference staffer who also is a registered nurse, said the medical field largely looks the other way when it comes to securing patient devices.

"I lecture at all the medical conferences," he said during the press conference. "They just hide it. Pay attention to what [Radcliffe] is saying. His life is in this pump." (via Risks Digest)
via:risks  insulin  pump  medicine  security  hacking  health  wireless 
september 2011 by jm
Irish Hackerspaces Week
hackerspaces in Dublin, Cork, Galway, Limerick and Belfast, running events all next week (08-14 - 08-22)
hackerspace  hacking  ireland  conferences  events  from delicious
august 2010 by jm
REPLs suck, I want something block oriented
good opinion piece; I agree, REPL isn't a usable approach for block-oriented languages
languages  repl  programming  ruby  hacking  coding  block-oriented  from delicious
july 2010 by jm
build a Yagi-Uda wifi booster from styrofoam and copper wire
nifty link from Heise; works for 802.11b and 11g. Unfortunately I think my own wifi issues are to do with dying AP hardware
wifi  802.11g  802.11b  wireless  yagi  antennas  diy  hacking  hardware  from delicious
june 2010 by jm
TrueType VT220 Font
this is incredible. Looking at this reminds me so much of hacking in the old TCD comp labs
hacking  fonts  terminal  typography  tty  vt220  monospace  truetype  fontforge  vt100  dec  via:jzawodny  from delicious
october 2009 by jm
The Duct Tape Programmer - Joel on Software
'He is the guy you want on your team building go-carts, because he has two favorite tools: duct tape and WD-40. And he will wield them elegantly even as your go-cart is careening down the hill at a mile a minute. This will happen while other programmers are still at the starting line arguing over whether to use titanium or some kind of space-age composite material that Boeing is using in the 787 Dreamliner.'
duct-tape  jwz  funny  joel-spolsky  hacking  coding  overengineering  architecture-astronauts  from delicious
september 2009 by jm
UK company selling "have you been phished" check using stolen data
according to this, a retired cop has set up a company called Lucid Intelligence with 'the records of four million Britons, and 40 million people worldwide, mostly Americans', and plans to 'charge members of the public for access to his database to check whether their data security has been breached.' How is this legal under Data Protection law? wtf
privacy  uk  law  hacking  phishing  fraud  crime  police  database  identity-theft  lucid-intelligence  data-protection  security  colin-holder 
july 2009 by jm

related tags

2fa  802.11b  802.11g  accounts  aib  airborne-zombies  aircrack  algorithms  amazon  america  android  annotations  anonymous  antennas  antwerp  apache  apis  apple  apple-ii  apps  architecture-astronauts  archive  arduino  as-34109  attacks  authentication  authy  backdoors  backups  bahrain  bandwidth  banking  bash  bergcloud  bgp  bitcoin  blackhat  block-oriented  books  brakes  bricolage  bruce-sterling  brute-force  btrfs  buffer-overrun  bullying  bunnie-huang  c=64  can  can-bus  cars  casinos  cb3rob  ccc  celebrities  china  chip-and-pin  chips  christmas  chrysler  chunked-encoding  clearance  cloudflare  coding  colin-holder  community  compression  computer-science  computers  conferences  consumer  containers  copy-on-write  copy-protection  copyright  cracks  credit-cards  crime  crypto  cs  ctf  customer-support  cyber-war  cyberattacks  cybercrime  cyberwar  daily-beast  data-breaches  data-protection  database  day-job  dd-wrt  ddos  dealextreme  debit-cards  dec  dessid  distribution  diy  dns  dnsbls  docker  dos  driving  drm  drones  dual-use  duct-tape  e-sports  e-voting  education  edward-snowden  eircom  elections  emv  espionage  eu  events  evidence  exploits  facebook  fail  farming  fiat  filesystems  find-my-iphone  finfisher  firmware  fontforge  fonts  france  fraud  free  freebsd  freedom-to-tinker  fun-cards  funny  gadgets  gambling  games  gaming  gamma  gardai  gce  gchq  geojson  germany  gifts  github  gizmodo  gke  google  google-cloud  gru  hackathons  hackers  hackerspace  hacking  hacks  hardware  health  heartbleed  history  hmrc  home  horror-stories  http  https  icloud  ics  identity  identity-theft  ifso  ifttt  insider-attacks  insulin  internet  ios  iot  ip  ipad  ipad-on-a-face  iphone  irc  ireland  jails  java  jeeps  jersey  jetty  jobs  joel-spolsky  john-deere  julian-assange  jwz  keyloggers  kids  kubernetes  languages  las-vegas  lastpass  law  law-enforcement  leaks  learning  lenovo  linux  llama  locale  location  logic-analyzers  lotteries  lottery  lucid-intelligence  make  malware  mapping  maps  maritime  medicine  memory  memory-cards  metrics  mfa  microsoft  mining  mit  mitm  mobile  monospace  mouse-jacking  network  node  nsa  ntk  occupy.here  odroid  oilrigs  omgwtfbbq  online-banking  open-source  openssl  openwrt  opm  os  overengineering  palm-pilot  passwords  peering  pen-tests  personal-computers  phishing  phones  pics  pin  piracy  planned-obsolescence  playstation  police  policing  politics  pos  privacy  private-keys  prng  product-management  programming  protocols  ps4  psn  pull-requests  pump  putin  randomness  raspberry-pi  reading  reference  regin  repair  repl  return-oriented-programming  reverse-engineering  reversing  right-to-repair  robin-xu  robotics  rop  routers  routing  rsa  ruby  russia  saas  safety  samy-kamkar  sbc  sd-cards  security  security-through-obscurity  services  sf86  shell  shellshock  shipping  ships  side-projects  sitescooper  slot-machines  smart-cars  smartcards  snes  software  sony  south-korea  spamhaus  spear-phishing  spyware  ssl  streaming  stupid  super-mario  superfish  surveillance  symantec  syria  tao  tcp  tech  telepresence  terminal  theft  tls  tobuy  tools  toys  tractors  traffic  transactions  truetype  trump  tty  twitch  typography  uconnect  ui  uk  unionfs  unix  us  us-government  us-politics  usa  via:conoro  via:fanf  via:hn  via:jzawodny  via:marc  via:mikko  via:risks  via:securitay  via:tjmcintyre  vt100  vt220  washing-machines  web  webhooks  wifi  wikileaks  wireless  work  xbox  yagi 

Copy this bookmark:



description:


tags: