Hasta La Gadget!

Admittedly, the headline is designed to get your dander up. You’re in no immediate danger of a technologically-gifted thief plugging a couple of wires into your hotel door and making off with your sack of souvenirs from the Mall of America. But that’s not to say it’s impossible. Cody Brocious, who was recently brought on by Mozilla to work on Boot to Gecko, is giving a presentation at the annual Black Hat conference in Vegas where he demonstrates a method for cracking open keycard locks with a homemade $50 device. The hack only works on locks made by Onity at the moment, and real life testing with a reporter from Forbes only succeeded in opening one of three hotel doors. Still, with between four and five million Onity locks installed across the country (according to the company), that is a lot of vulnerable rooms. The attack is possible thanks to a DC jack on the underside of the lock that’s used to reprogram the doors. This provides direct access to the lock’s memory, which is also home to the numeric key required to release the latch — a key that is protected by what Brocious described as “weak encryption.” Ultimately the source code and design for the Arduino-based unlocker will be published online alongside a research paper explaining how these locks work and why they’re inherently insecure. The hope is that manufacturers will take notice and improve the security of their wares before the world’s ne’er-do-wells perfect Brocious’ technique.

Filed under: Misc. Gadgets

Hacker finds flaw in hotel locks, can ruin your vacation with $50 DIY gadget originally appeared on Engadget on Tue, 24 Jul 2012 18:34:00 EDT. Please see our terms for use of feeds.

Permalink Ubergizmo  |  Forbes, Black Hat  | Email this | Comments

Call the Power Pwn the champion of white hat hacking. Underneath that Clark Kent power strip exterior, there’s a Superman of full-scale breach testing that can push the limits of just about any company network, whether it takes 3G, Ethernet or WiFi to get there. Pwnie Express’ stealthy sequel to the Pwn Plug ships with a Debian 6 instance of Linux whose handy hacking tools are as easy to launch as they are tough to detect. There’s just one step needed to create a snoop-friendly Evil AP WiFi hotspot, and the box dodges around low-level NAC/802.1x/RADIUS network authentication without any help; in the same breath, it can easily leap into stealth mode and keeps an ongoing encrypted link to give do-gooders a real challenge. The hacker doesn’t even need to be in the same ZIP code to crack a firewall or VPN — the 3G link lets the Power Pwn take bash command-line instructions through SMS messages and doles out some of its feedback the same way. While the $1,295 device can theoretically be used for nefarious purposes, DARPA’s blessing (and funding) should help keep the Power Pwn safely in the hands of security pros and thwart more than a few dastardly villains looking for weak networks.

Filed under: Networking, Internet

DARPA-backed Power Pwn is power strip by day, superhero hack machine by night originally appeared on Engadget on Sun, 22 Jul 2012 07:54:00 EDT. Please see our terms for use of feeds.

Permalink Wired  |  Pwnie Express  | Email this | Comments

Late last week, we caught wind of a hack that allows iPhone users to receive content from in-app purchases without actually paying for it. Obviously, this is no good, and Apple announced today that it plans to fix the hack in iOS 6, which should be arriving sometime later this year. Of course, saying that it will fix the vulnerabilities in the next release of iOS doesn’t help much when developers are stuck dealing with this hack now, so Apple has also issued a temporary fix that should suffice until iOS 6 is available.

To make sure that you get the money from the content you offer in-app, Apple recommends that developers make use of its receipt validation system, which will compare in-app purchases made with the company’s own records to make sure that nothing fraudulent is going on. By doing this, developers have an extra layer of defense against the vulnerabilities, and should be covered until an official fix is issued along with iOS 6. Apple’s new support documentation goes into further depth about what developers can do to make sure that they aren’t being taken for a ride.

The hack itself allows users to bypass Apple’s validation servers when making an in-app purchase, instead using a proxy to connect to a third-party server and send bogus validation back to the app. This lets users receive the content without any money ever changing hands. It’s unclear how many iOS developers have been affected by this workaround, but CNET says that the number of fraudulent in-app purchases could be as high as 30,000.

Apple offers temporary fix for in-app purchase hack is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Quite possibly the two greatest things in the world — beer and Arduino — have been married once again in a hack does them both justice. Accomplished maker and alcohol enthusiast Jeff Karpinski turned a spare Uno and an Ethernet shield into a gadget that automatically checks him in on Untappd. The build is connected to his kegerator through a hall-effect flow sensor that sits in his tap lines. Every time he pulls himself a pint of homebrew, the Aruino makes an API call to the so-called Foursquare for beer nerds, and updates his profile. Obviously, publishing to the site every time the keg is tapped could get messy, so there’s an automatic five minute time out to avoid getting repeat hits just for topping off. There’s also a button that manually engages the five minute lock out, allowing Jeff to pour his buddies a cold one without claiming the drink for himself on Untappd. And updating is a snap thanks to the simple web server that’s integrated. Changing what beer is on tap in the API call is as simple as opening a web browser. Interested in upgrading your own kegerator? Check out the source link for complete instructions and a parts list.

Filed under: Misc. Gadgets, Internet

Arduino Kegerator hack checks in your homebrews on Untappd originally appeared on Engadget on Wed, 18 Jul 2012 14:49:00 EDT. Please see our terms for use of feeds.

Permalink Hack a Day  |  Jeff Karpinski  | Email this | Comments

The Nexus Q hacks are coming fast and furious now, and inching closer to true usefulness with each one. The latest is easily the most exciting — a port of full-blown CyanogenMod 9 and XBMC for Android. While the hack was the work of the actual CM team, the Q is not an officially supported device. There are still plenty of quirks and bugs to iron out, but WiFi and Bluetooth are both up and running. If you’ve got one of the expertly crafted magnesium spheres, there’s nothing stopping you from blessing it with a little custom ROM love. Just know that there’s still lots of work to do, especially on the XBMC for Android front which is still very much in the experimental stage. To see CM9 in action check out the video after the break and hit up the more coverage link for install instructions.

Continue reading Nexus Q hacked to run CM9 and XBMC, inches closer to usefulness

Filed under: Software

Nexus Q hacked to run CM9 and XBMC, inches closer to usefulness originally appeared on Engadget on Mon, 16 Jul 2012 14:41:00 EDT. Please see our terms for use of feeds.

Permalink TechnoBuffalo, The Verge  |  CyanogenMod (Google+)  | Email this | Comments