Spoofing LIDAR Could Blind Autonomous Vehicles To Obstacles

November 22, 2022 by 74 Comments

Humans manage to drive in an acceptable fashion using just two eyes and two ears to sense the world around them. Autonomous vehicles are kitted out with sensor packages altogether more complex. They typically rely on radar, lidar, ultrasonic sensors, or cameras all working in concert to detect the road conditions ahead.

While humans are pretty wily and difficult to fool, our robot driving friends are less robust. Some researchers are concerned that LiDAR sensors could be spoofed, hiding obstacles and tricking driverless cars into crashes, or worse.

Continue reading “Spoofing LIDAR Could Blind Autonomous Vehicles To Obstacles”

“Borrow” Payment Cards With NFC Proxy Hardware

July 31, 2017 by 31 Comments

Contactless payments are growing in popularity. Often the term will bring to mind the ability to pay by holding your phone over a reader, but the system can also use NFC tags embedded in credit cards, ID card, passports, and the like. NFC is a reasonably secure method of validating payments as it employs encryption and the functional distance between client and reader is in the tens of centimeters, and often much less. [Haoqi Shan] and the Unicorn team have reduced the security of the distance component by using a hardware proxy to relay NFC interactions over longer distances.

The talk, give on Sunday at DEF CON, outlined some incredibly simple hardware: an NFC antenna connected to a PN7462AU, an NRF24L01 wireless transceiver, and some power regulation. The exploit works by using a pair of these hardware modules. A master interfaces with the NFC reader, and a slave reads the card. The scenario goes something like this: a victim NFC card is placed near the slave hardware. The master hardware is placed over a payment kiosk as if making a normal payment. As the payment kiosk reader begins the process to read an NFC card, all of the communications between it and the actual card are forwarded over the 24L01 wireless connection.

The demo video during the talk showed a fast-food purchase made on the Apple Pay network while the card was still at a table out in the dining area (resting on the slave hardware module). The card used was a QuickPass contactless payment card from China UnionPay. According to a 2016 press release from the company, over two billion of these cards had been issued at the time. With that kind of adoption rate there is a huge incentive to find and patch any vulnerabilities in the system.

The hardware components in this build aren’t really anything special. We’ve seen these Nordic wireless modules used in numerous projects over they years, and the NXP chip is just NFC build around an ARM core. The leaps that tie this together are the speed-ups to make it work. NFC has tight timing and a delay between the master and slave would invalidate the handshake and subsequent interactions. The Unicorn team found some speedups by ensuring the chip was waking from suspend mode (150 µS) and not a deeper sleep. Furthermore, [Haoqi] mentioned they are only transmitting “I/S/R Block Data” and not the entirety of the interaction to save on time transmitting over the 24L01 wireless link. He didn’t expand on that so if you have details about what those blocks actually consist of please let us know in the comments below.

To the card reader, the emulated payment card is valid and the payment goes through. But one caveat to the system is that [Haoqi] was unable to alter the UID of the emulator — it doesn’t spoof the UID of the payment card being exploited. Current readers don’t check the UID and this could be one possible defense against this exploit. But to be honest, since you need close physical proximity of the master to the reader and the slave to the payment card simultaneously, we don’t see mayhem in the future. It’s more likely that we’ll see hacker cred when someone builds a long-range link that lets you leave your NFC cards at home and take one emulator with you for wireless door access or contactless payments in a single device. If you want to get working on this, check out the talk slides for program flow and some sourcecode hints.

Magnetic Card Stripe Spoofer

November 2, 2010 by 26 Comments

This hodge-podge of components is capable of spoofing the magnetic stripe on a credit card. [Sk3tch] built an electromagnet using a ferrous metal shim wrapped in enameled magnet wire. While he was doing the windings [Sk3tch] connected his multimeter to the metal shim and one end of the wire, setting it to test continuity. This way, if he accidentally scraps the enamel coating and grounds the wire on the metal the meter will sound and alarm and he’ll know about the short immediately. An Arduino takes over from here, actuating the coil to simulate the different data sections of a magnetic stripe.

From his schematic we see that the electromagnet is directly connected to two pins of the Arduino. We haven’t looked into the code but is seems there should be either some current limiting, or the use of a transistor to protect the microcontroller pins (we could be wrong about this).

[Sk3tch’s] realization of this spoofer can be made quickly with just a few parts. Card data must be written in the code and flashed to the Arduino. If you want to see what a more feature-rich version would entail take a look at this spoofer that has a keypad for changing data on the go.

[via Lifehacker]

Universal Credit Card In The Palm Of Your Hand

September 23, 2009 by 38 Comments

universal_credit_card

Do you remember the magnetic card spoofer in Terminator 2? It was a bit farfetched because apparently the device could be swiped through a reader and magically come up with working account numbers and pin numbers. We’re getting close to that kind of magic with [Jaroslaw’s] card spoofer that is button-programmable.

Building off of a project that allows spoofing via an iPod and electromagnet, [Jaroslaw] wanted something that doesn’t require a computer to put together the card code. He accomplished this by interfacing a 16-button keyboard and a character LCD with an AVR ATmega168 microcontroller. Card codes can be entered with the buttons and verified on the LCD. Of course this is still dependent on you knowing the code in the first place.

As you know, credit cards use this technology. We don’t think Walmart is going to be OK with you pulling this out in the checkout line, not to mention local five-oh. This technology is also used for building access in Universities, businesses, and hotels. If used in conjunction with some other spy technology you’ll be on your way to becoming a secret-agent-man.

EV Chargers Could Be A Serious Target For Hackers

November 28, 2022 by 56 Comments

Computers! They’re in everything these days. Everything from thermostats to fridges and even window blinds are now on the Internet, and that makes them all ripe for hacking.

Electric vehicle chargers are becoming a part of regular life. They too are connected devices, and thus pose a security risk if not designed and maintained properly. As with so many other devices on the Internet of Things, the truth is anything but. 

Continue reading “EV Chargers Could Be A Serious Target For Hackers”

Privacy Report: What Android Does In The Background

November 18, 2021 by 76 Comments

We’ve come a long way from the Internet of the 90s and early 00s. Not just in terms of technology, capabilities, and culture, but in the attitude most of us take when accessing the ‘net. In those early days most users had a militant drive to keep any personal or identifying information to themselves beyond the occasional (and often completely fictional) a/s/l, and before eBay and Amazon normalized online shopping it was unheard of to even type in a credit card number. On today’s internet we do all of these things with reckless abandon, and to make matters worse most of us carry around a device which not only holds all of our personal information but also reports everything about us, from our browsing habits to our locations, back to databases to be stored indefinitely.

It was always known that both popular mobile operating systems for these devices, iOS and Android, “phone home” or report data about us back to various servers. But just how much the operating systems themselves did was largely a matter of speculation, especially for Apple devices which are doing things that only Apple can really know for sure. While Apple keeps their mysteries to themselves and thus can’t be fully trusted, Android is much more open which paradoxically makes it easier for companies (and malicious users) to spy on users but also makes it easier for those users to secure their privacy on their own. Thanks to this recent privacy report on several different flavors of Android (PDF warning) we know a little bit more on specifically what the system apps are doing, what information they’re gathering and where they’re sending it, and exactly which versions of Android are best for those of us who take privacy seriously.

Continue reading “Privacy Report: What Android Does In The Background”

Before Google, There Was The Reference Librarian

January 27, 2021 by 75 Comments

I know it is a common stereotype for an old guy to complain about how good the kids have it today. I, however, will take a little different approach: We have it so much better today when it comes to access to information than we did even a few decades ago. Imagine if I asked you the following questions:

  • Where can you have a custom Peltier device built?
  • What is the safest chemical to use when etching glass?
  • What does an LM1812 IC do?
  • Who sells AWG 12 wire with Teflon insulation?

You could probably answer all of these trivially with a quick query on your favorite search engine. But it hasn’t always been that way. In the old days, we had to make friends with three key people: the reference librarian, the vendor representative, and the old guy who seemed to know everything. In roughly that order. Continue reading “Before Google, There Was The Reference Librarian”