Hasta La Gadget!

One of my favorite guns in the history of video games has to be the Gravity Gun from Half-Life 2. Perhaps my second favorite is the Aperture Science Handheld Portal Device, which admittedly is more of a tool than a gun. Now, the smart guys over at Hack-a-Day have combined them both – sorta, kinda.

How, you might ask? Caleb Kraft took his off-the-shelf model of the Portal gun, and added a levitation device to the front of it – currently capable of lifting a small model of the weighted companion cube. He achieved this by hacking his StellaNova magnetic levitating globe and tearing the magnetic coil from the desktop plaything (throwing the Earth off its axis and ripping a hole in it in the process.) He then attached the coil to one of the arms of the Portal gun, and attached the magnet from inside of the globe to a foam model of the companion cube.

Check it out in action in the video below:

Cool, no? Unfortunately, the magnetic levitation field doesn’t hold up well to movement, and can’t really lift anything very heavy. Too bad. I was really looking forward to picking up some circular saw blades and flinging them at zombies this Halloween.

[via Hack-a-Day (Thanks for the tip, Caleb!)]

ZTE has hit back at a US report blackballing it as a supplier, arguing that if the House Intelligence Committee really believes Chinese hack threats are so significant, all Chinese-made hardware should be rejected. Describing itself as “China’s most transparent, independent, globally focused, publicly traded telecom company,” ZTE takes no small amount of issue with the security report’s suggestions that US firms should look elsewhere for safe networking, telecoms, and other hardware. In fact, ZTE alleges, its inclusion in the investigation was based solely on its prominence as a known Chinese company, not because of “any pattern of unethical or illegal behavior.”

That blanket approach to security caution is unfeasible, ZTE argues, given the predominance of China-based production of equipment from so many vendors. “Particularly given the severity of the Committee’s recommendations,  ZTE recommends that the Committee’s investigation be extended to include every company making equipment  in China, including the Western vendors” the company counters. “That is the only way to truly protect US equipment and US national security.”

ZTE and Huawei were singled out by the US committee over concerns that the Chinese government could use backdoor loopholes in telecoms hardware to access trade secrets among American companies as well as to commit acts of cyberterrorism. In a series of recommendations, the bipartisan group suggested that US companies should look to other suppliers for safer equipment, and called for greater oversight into international hardware orders along with a block on acquisition and merger attempts by either Chinese firm.

“Given ZTE’s cooperation and the facts ZTE has presented to the Committee, ZTE is disappointed that the Committee chose to narrowly focus its review on just the two largest Chinese companies and to exclude Western telecom vendors and their Chinese joint venture partners. Given that virtually all US telecom equipment is produced in China, in some measure, the Committee’s narrow focus addresses the overall issue of risk to US telecom infrastructure so narrowly that it omits from the Committee’s inquiry the suppliers of the vast majority of equipment used in the US market. ZTE is a relatively small US telecom infrastructure equipment supplier in comparison with most of the Western vendors. Sales of ZTE’s telecom infrastructure equipment in the US comprised less than $30 million in revenue last year. Two Western vendors, alone, last year provided the US market with $14 billion worth of equipment” ZTE

Huawei has already voiced its protest, accusing the committee of being “committed to a predetermined outcome” despite its best efforts at openness. ZTE has taken a slightly different approach, highlighting its existing work with the so-called “Trusted Delivery Model” that sees the company’s hardware, software, and firmware all reviewed “by a highly respected independent US threat assessment laboratory.”

You can find ZTE’s full statement here.

ZTE on hack allegations: Ban every Chinese-made device for 100% security is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

If you’ve been intrigued by the Raspberry Pi but were hesitant to get one because you’re new to Linux, Adafruit has a solution for you. The team that brought us the Raspberry Pi Education Linux Distro has come up with a special WebIDE (Web Integrated Development Environment) designed to run on the affordable barebones computer. It’s entirely web-based so there’s no need to install any software — just launch a browser, hook up your Pi, and you’re ready to go. To make life easier for coders, the platform has a terminal built in, plus there’s an automatic updater included to keep folks running only the freshest version of WebIDE. It’s currently at the alpha stage, so only experienced users should install it for now, but Adafruit’s hoping to roll out a stable release suitable for programmers of all levels sometime soon.

Filed under: Misc, Software

Adafruit releases WebIDE alpha for Raspberry Pi, eases beginners into coding originally appeared on Engadget on Fri, 05 Oct 2012 20:19:00 EDT. Please see our terms for use of feeds.

Permalink   |  Adafruit (1), (2)  | Email this | Comments

Security flaws are nothing new and the past few months has been a time of many security breaches and hacks into big company names. So, when you hear about a security flaw that’s been discovered on Twitter, it’s certainly alarming, but most people aren’t surprised by it. However, this story about one Twitter user is about as interesting as it gets.

Over the weekend, multimedia producer and Twitter user Daniel Dennis Jones (@blanket) received an email saying that his Twitter password had been changed. He quickly found out that he was not able to log into his account, but was still able to access it on his phone. To his surprise, his tweet and follow counts were at zero.

Jones was eventually able to log into the account, but found that his username was changed to @FuckMyAssHoleLO, with the name of the account being “Cracked by n0rth”. His Twitter profile was now being operated by someone else and was even put up for sale on an online message board called ForumKorner, a place where people buy and sell usernames for online gaming. The forum included other hacked single-word usernames that were inevitably created in Twitter’s early days and are now hard to get. And the selling prices for these usernames are surprisingly low, most of which sell for under $100.

So how are these hackers able to break into Twitter accounts so easily? In turns out that Twitter only prevents a large number of login attempts based on the IP address, rather than on a per-account basis. So, the hackers simply use a program that constantly attempts to log in with different common passwords using different IP addresses after every several attempts.

Obviously, changing your password to something more complex will definitely help to prevent this from happening to you. Even using a service like LastPass will help out a lot, but creating a long and random string of numbers and letters will do the trick. Just make sure you can remember it if you’re logging into a computer that doesn’t have your passwords saved.

We’ve heard other interesting stories of hacks and breaches in the past, like the iCloud fiasco that happened to technology writer Mat Honan, but this about the most interesting Twitter hack we’ve seen yet. Hopefully all goes well for Jones and that he gets his original username back. And hopefully Twitter responds to this security flaw and patches it up before even more usernames become victim.

[via BuzzFeed]

Security flaw allows hackers to steal Twitter accounts and sell them is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Galaxy S III owners running the latest software are not susceptible to a factory-reset hack that could maliciously wipe the phone, Samsung says, with a recent patch blocking the exploit. Security researchers identified a flaw in how Samsung TouchWiz devices handled so-called USSD codes, with the potential for rogue websites to push a factory-reset code to the smartphone which required no user-confirmation to enact.

The fear, the researchers argued, was that a QR or NFC reader app set to automatically load URLs could automatically take the Samsung device to a page hosting the USSD trigger, should the user inadvertently scan it. A more complex variation of the attack could also include remotely blocking the SIM card in the handset.

However, testing of the exploit revealed mixed results, with some able to replicate the researchers’ findings on the Galaxy S III, but others unable to. That appears to be down to what version of the phone’s firmware you’re running, with Samsung recently filling in the security gap with an OTA update.

“We would like to assure our customers that the recent security issue concerning the GALAXY S III
has already been resolved through a software update” Samsung told SlashGear today. “We recommend all GALAXY S III customers to download the latest software update, which can be done
quickly and easily via the Over-The-Air (OTA) service.”

It’s not clear whether other Samsung devices using TouchWiz have also been patched; we’re waiting on clarification from Samsung. However, the advice as always is to be wary of clicking on unknown links, and consider using a browser other than Android’s default, as Chrome and others proved to be not susceptible to the USSD exploit.

Samsung: Galaxy S III remote wipe flaw is already patched is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.