Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

February 13 2014

Silk Road 2 Hacked, 88,000 Bitcoin Allegedly Stolen
Silk RoadSilk Road 2 moderator Defcon reported in a forum post that hackers have used a transaction malleability exploit to hack the marketplace. The hackers stole over 88,000 bitcoins worth $41,474,415, emptying the site's escrow account.

February 11 2014

If You Watch One Video Of A Robot Playing Air Hockey Today, Make It This One
mesaAs a fan of robots, videos, and pucks, I was mesmerized by this video of a cool 3D printer hack that allows you to play a robot in a rousing game of air hockey. The system uses a computer vision component to see where the pucks is, send it back to the opponent, and even set up shots when it loses.

February 06 2014

New Ransomware Blocks Your DNS Connection And Forces Your Computer To Mine Bitcoins
clvrgrlA new bit of malware, Linkup, is a clever girl. First it takes control of the DNS servers your computer pings to connect to the Internet and, while you're wondering how to delete it, begins mining bitcoins on the sly. Anti-virus purveyors Emisoft identified the ransomware in the wild.

December 29 2013

SD Cards Aren’t As Secure As We Think
sd cardThe hardware hacker Bunnie Huang gave a talk at the Chaos Compute Club Congress where he offered some good news and some bad news. The good news? SD cards contain powerful, handy micro controllers that are useful to hackers and hobbyists. The bad news? SD cards are woefully insecure.

December 19 2013

Target Confirms Point-Of-Sale Data Breach, Announces It Exposed 40 Million Credit Card Numbers
target logoToday retailer Target announced that between November 27 and December 15 its point-of-sale systems - the cash registers mounted at the check-out areas of its stores - suffered an attack that exposed an estimated 40 million credit and debit card numbers. The company announced that it has "alerted authorities and financial institutions immediately after it was made aware of the unauthorized access, and is putting all appropriate resources behind these efforts." It said it has hired outside support to investigate the source and method breach.
Tags: TC Target hacks

December 04 2013

Sugru To Offer A Kit To Attach Anything To Anything
While attaching one thing to another is a fairly basic process - epoxy is still a thing, after all - what do you use if you want to occasionally remove that thing from the other thing? The answer? Magnets. And Sugru.
New Card Skimmer Attaches To A Real POS Card Reader Like A Nasty Succubus
Brian Krebs has found a fascinating example of a card skimmer - essentially a machine that steals your credit card number - that masquerades as a real POS terminal. The skimmer fits over the ubiquitous Verifone POS reader and even reads key-presses. It is virtually indistinguishable from the actual POS card reader and can be slipped on and off without the retailer's knowledge - or, more chillingly, with the retailer's consent.

August 19 2013

Personal Security Startup MyPermissions Adds Real-Time Protection For Twitter
MyPermissions, a startup offering a suite of security protection and privacy tools, is today becoming the first service to offer live protection for users' Twitter accounts. What that means is MyPermissions will now be able to alert you in real-time as new Twitter applications access your personal information, tweets, direct messages or gain the ability to post tweets in your name.

June 11 2013

This Mechanical, 3D-Printed Entabulator Is An Amazing Tribute To The Power Of Clockwork
As a lover of all things mechanical, I'm in awe of Chris Fenton's Entabulator. Using an old book on mechanical loom-making, a 3D printer, and some serious patience he engineered a computer that can read a program off of punch cards and, in this case, calculate the Fibonacci sequence. The machine runs using a hand crank (Fenton notes you can overclock it by cranking faster) and it is quite finicky but also quite beautiful in its own way.

May 28 2013

This DIY Super Laser Can Cut Through A Ping Pong Ball
There are few things as satisfying - and dangerous - as burning through stuff with a laser. Drake Anthony AKA Sytropyro is a young man who enjoys making DIY lasers out of things and he recently completed a 3000mW laser made from the diode of an old DLP projector that can blow out a beam so hot that it burns paper, plastic, and electric tape in seconds.

April 08 2013

iMaze Lets You Turn Your Photos Into A Maze And Race Your Friends To The Finish
While visiting, and judging, the Photo Hack Day at Facebook headquarters yesterday, one of the more than 60 hacks presented in a two-minute format was iMaze. The team that put it together in just a little over a day was comprised of developers, some of whom were high-school students, and it ended up being one of the most polished apps coming out of the hackathon. With Aviary and Facebook putting on the event, some really cool things came out of it, but iMaze is one that just flat-out stuck with me. It’s simple: It turns your favorite photos into a maze. Once the maze is created, you can either make your way through it yourself or challenge your friend over the web in a real-time speed-test. Before we get to the app itself, the team geekily put together some stats on what went into making iMaze: 5 People 24 Hours 1304mg of Caffine 1,492 Lines of Code 194 GitHub Commits 12,920 Calories 3 APIs Impressive. Now to iMaze. Since you probably have a ton of photos on your computer or tossed about all over the web, iMaze uses to let you pull in photos from Dropbox, Facebook, Flickr, Google Drive, Google Photos, Instagram or of course your machine. Once you upload the photo, you can use Aviary to edit it down before it’s turned into an interactive maze game that changes each time you upload a photo. Pick single player or invite a friend, and then compete with them in real-time. Now you’re ready to compete in getting all the way through this ZuckMaze by dragging the line with your mouse: Considering that this was a hack put together in a day, it’s pretty fun and well-designed. The iMaze team won third place overall, but I hope that they keep working on it, because it would be a fun Facebook game and app. Once in a while, I enjoy playing hangman or Tic Tac Toe, not because I’m a gamer, but because I like doing something while I chat with my friends. Considering that these mazes are built on top of your photos, it’s a nice way to reuse images from the past and start a fun discussion with your closest pals.

August 23 2012

TechCrunch PSA: Mute Spotify Advertisements If You Can’t Buy A Pro Subscription
Friend of TC Nik Cubrilovic posted this clever hack that allows you to listen to the free version of Spotify without having to listen to advertisements. He recommends that it only be used by people who, for reasons of geographic control, cannot pay for a pro account (which is totally worth the cash).

April 06 2012

Now You Know: Hotels Inject Banner Ads Into The Wi-Fi They Charge You For
This story made the rounds a few days ago but I think generally it's something more people should know. During a visit to the very expensive and not very nice Times Square Marriott, Justin Watt noticed a strange bar at the top of his blog's home page. He had recently dealt with a PHP hack and so was alert for changes on the site and when he dug further he found some strange Javascript embedded into the page. Noting that nothing changed on his server, he posted on the experience and thought little more about it - until a commenter noted that the behavior he noticed was coming from an RXG A8 or "Revenue Extraction Hotspot Gateway." In short, this box, which sits between the access point and the Internet, injects ads into Wi-Fi streams.

February 10 2012


Android Hack Exposes Google Wallet PIN On Demand

Like most hacks, this discovery of a way to find an Android phone’s Google Wallet PIN requires a lot of initial access but is disturbing nonetheless. Google knows about the hack and is repairing it. Discovered by Joshua Rubin of Zvelo, the hack is one of the most interesting attacks on Google Wallet so far.

In short, this hack allows access to credit card data and purchase history and could, in theory, allow a hacker to use a Google Wallet freely in the wild. However, it does require the hacker to have unfettered root access to the phone. Using a small program, the exploit simply brute-forces a file found in the phone, thereby revealing the PIN and unlocking the wallet.

Again, the hack requires a rooted Android phone – a state that is trivial to achieve if your phone is stolen – and a bit of know how. Rubin recommends:

Do Not “Root” the Cell Phone – Doing so will be one less step for a thief.
Enable Lock Screens – “Face Unlock,” “Pattern,” “PIN” and “Password” all increase physical security to the device. “Slide,” however, does not.
Disable USB Debugging – When enabled, the data on mobile devices can be accessed without first passing a lock screen challenge unless Full Disk Encryption is also enabled.
Enable Full Disk Encryption – This will prevent even USB Debugging from bypassing the lock screen.
Maintain Device Up-To-Date – Ensure the device is current with the latest official software. Unfortunately, users are largely at the behest of their carrier and cell phone manufacturer for this. Using only official software and keeping devices up-to-date is the best way to minimize vulnerabilities and increase security overall.

Google recommends that anyone with Google Wallet call their toll-free support line at 855-492-5538 to ask that their prepaid card be disabled. They also recommend setting a lock screen.

October 30 2011


Siri Ported To iPhone 4 and iPod Touch 4G

In a moment as historic as Alexander Bell’s call to his assistant, an iPhone hacker wrote on Twitter that he had successfully ported Siri to the iPhone 4 and iPod Touch. He wrote “Actually, it just worked,” informing the world that he had completely ported Siri to the iPhone 4 and that more versions are on the way.

The hack requires a jailbroken device. By copying the app onto the device, the iPhone 4 can call up Siri and, more important, connect to the Siri servers. You can follow these instructions to install the app yourself and it seems to currently also work with the iPod Touch 4G although those instructions are forthcoming.

Mark Gurman at 9to5mac interviewed Steven Troughton-Smith, another iPod Touch/iPhone 4 hacker, answering a few questions about the feat:

Mark: Do you ever see Siri showing up in Cydia (or another jailbreak store) for non natively supported devices?

Steven: No, I could not be a part of that. I have no doubts that others will package this up and distribute it quasi-illegally, or try and sell it to people. I am only interested in the technology and making it work; proving that it works and works well on the iPhone 4 and other devices

Mark: So, you also got Siri working on the fourth-generation iPod touch, how is that working out?

Steven: We got chpwn’s iPod touch up and running with Siri after proving it works on my iPhone 4. Unfortunately the microphone on the iPod is nowhere near as good as the iPhone – you will notice that the Siri level meter hardly moves when you talk to it. While it does work, you have to speak loudly and clearly to the iPod

We’ll give it a try this weekend and report back.

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!