Ask Hackaday: How are these thieves exploiting automotive keyless entry?

A new attack on automotive keyless entry systems is making headlines and we want to know how you think it’s being done. The Today Show reports that vehicles of different makes and models are being broken into using keyless entry on the passenger’s side of the car. It sounds like thieves steal items found inside rather than the vehicles themselves which makes these crimes distinctly different from the keyless ignition thefts of a year ago.

So how are they doing this? Here are the clues: The thieves have been filmed entering only the passenger side of the car. They hold a small device in their hand to unlock the doors and disable the alarm. And there is evidence that it doesn’t work on 100% of vehicles they try. Could it be some hidden manufacturer code reset? Has an encryption algorithm been hacked to sniff the keyfob identifier at a previous time? Or do you think we’re completely off track? Let us know your opinion by leaving a comment.

[Thanks Mom]

[Jimmy the torch] making blown glass

Skip to about 2:30 if you just want to see the action.

Blowing glass is always so pretty to watch. The warm glow of the glass mixed with the light playing through the cool parts makes for a stunning visual environment, especially when you stop to think about the fact that this is potentially a very dangerous thing as well.

In this video [Jimmy the torch] starts off very conversational. At about 2:30 things shift a bit. Some music starts up, the camera work gets a little more serious, and the real glass blowing begins.

Plex hack runs Apple TV without a Jailbreak

Apple has been keeping a tight leash on the third generation of their Apple TV hardware. Not only has it stood up to every attempt at a Jailbreak, but they don’t allow 3rd party applications through the app store like the other iOS hardware does. The second generation hardware was a popular platform for XBMC. It required a jailbreak to load the home media software which is why it can’t be done on the newest box. But here’s an alternative. This hack uses DNS redirects to make Apple TV 3 a Plex frontend.

Instead of putting new software on the Apple TV this uses a separate computer to intercept its web traffic. You aim your Apple TV DNS at the computer running the script, then use the native Movie Trailer app, which will be populated with movies and TV shows from your Plex backend. All other functionality will be retained, making for a near-perfect solution. For more info on the system check out this forum.

Continue reading “Plex hack runs Apple TV without a Jailbreak”

HANDMADE.hackaday: Celebrate Craftsmanship

Snap 2013-06-05 at 07.42.22

Today we are quite excited to announce HANDMADE.hackaday. HANDMADE is a place where we celebrate craftsmanship. Usually in the form of a stunning video, or a beautiful image gallery. We will also be sharing extremely detailed DIY projects as well as tutorials.  Hop on over and take a peek for yourself to see what you’re in for, but be prepared to clear your schedule, you’re not leaving any time soon.

We are also producing some videos of our own for this that we hope you’ll like.

A personal note:

I am personally so excited about HANDMADE. I’ve been wanting to put this together for a very very long time. I eagerly consume every video of this nature I stumble across, often putting them full screen, high def, and putting in headphones. Any of you who know me personally will attest that getting my full attention on any single thing ever is a daunting task. Also note that these videos usually last several entire minutes; a lifetime in my attention span.

Watching people make things, while applying a practiced and refined skill is almost a religious experience for me. This is creation. I hope some of you will enjoy this area as much as I do.

Retrotechtacular: How I wrote Pitfall for the Atari 2600

how-I-programmed-pitfall

This week we’re taking another departure from the ordinarily campy videos featured in the Retrotechtacular section. This time around the video is only two years old, but the subject matter is from the early 1980′s. [David Crane], designer of Pitfall for the Atari 2600 gave a talk at the 2011 Game Developer’s Conference. His 38-minute presentation rounds up to a full hour with the Q&A afterwards. It’s a bit dry to start, but he hits his stride about half way through and it’s chock-full of juicy morsels about the way things used to be.

[David] wrote the game for Activision, a company that was started after game designers left Atari having been told they were no more important  than assembly line workers that assembled the actual cartridges. We wonder if any heads rolled at Atari once Pitfall had spent 64-weeks as the number one worldwide selling game?

This was a developer’s panel so you can bet the video below digs deep into coding challenges. Frame buffer? No way! The 2600 could only pump out 160 pixels at once; a single TV scan line. The programs were hopelessly synced with the TV refresh rate, and were even limited on how many things could be drawn within a single scan line. For us the most interesting part is near the end when [David] describes how the set of game screens are nothing more than a pseudo-random number generator with a carefully chosen seed. But then again, the recollection of hand optimizating the code to fit a 6k game on a 4k ROM is equally compelling.

If you like this you should take a look at an effort to fix coding glitches in Atari games.

Continue reading “Retrotechtacular: How I wrote Pitfall for the Atari 2600″

Hacking high school exams and foiling them with statistics

graph

A few weeks ago, [Debarghya Das] had two friends eagerly awaiting the results of their High School exit exams, the ISC national examination, taken by 65,000 12th graders in India. This exam is vitally important for each student’s future; a few points determines which university will accept you and which will reject you. One of [Debraghya]‘s friends was a little anxious about his grade and asked if it was possible to hack into the board of education’s servers to see the grades before they were posted. [Debraghya] did just that, and was able to download the exam records of nearly every student that took the test.. Looking even closer at the data, he also found evidence these grades were changed in some way.

Getting the grades off the CISCE board of education’s servers was very simple; each school has a separate code, and each student is given an individual number. With the simplest javascript magic, [Debraghya] discovered that individual grades could be accessed by pointing a script to /[4 digit school ID]/[3 digit student ID] on the CISCE server. There was absolutely no security here, an impressive oversight indeed.

After writing a small script and running it on a few machines, [Debraghya] had the exam results, names, and national IDs of 65,000 students. Taking a closer look at the data, he plotted all the scores and came up with a very strange-looking graph (seen above). It looked like a hedgehog, when nearly any test with a population this large should be a continuous curve.

[Debraghya] is convinced he’s discovered evidence of grade tampering. Nearly a third of all possible scores aren’t represented in the data, but scores from 94 to 100 are accounted for, making the hedgehog shape of the graph statistically impossible. Of course [Debraghya] only has the raw scores, and doesn’t know exactly how the tests were scored or how they were manipulated. He does know the scores were altered, though, either through normalizing the raw scores or something stranger and more sinister.

While scraping data off an unencrypted server isn’t much of a hack, despite what the news will tell you, we’re awfully impressed with [Debraghya]‘s analysis of the data and his ability to blow the whistle and put this data out in the open. Without any information on how these scores were changed, it doesn’t really change anything, and we’ll welcome any speculation in the comments.