[Kyle McDonald] is up to a bit of no-good with a little piece of software he wrote. He’s been installing it on public computers all over New York City. It uses the webcam found in pretty much every new computer out there to detect when a face is in frame, then takes a picture and uploads it to the Internet.

We’ve embedded a video after the break that describes the process. From [Kyle's] comments about the video it seems that he asked a security guard at the Apple store if it was okay to take pictures and he encouraged it. We guess it could be worse, if this were a key logger you’d be sorry for checking your email (or, god forbid, banking) on a public machine. Instead of being malicious, [Kyle] took a string of the images, adjusted them so that the faces were all aligned and the same size, and then rolled them into the latter half of his video.

Read the rest of this entry »

[Timur Civan], with a beautiful merge of past and present, has taken a 102 year old camera lens (a 35mm F5.0 from hand cranked cinema cameras) and attached it to his Canon EOS 5D. While this is not the first time we’ve seen someone custom make a camera lens or attach a lens to a different camera, such as when we brought you plumbing tilt shift or iPhone camera SLR or Pringles can macro photography, the merge of old tech with new warms our empty chest cavities hearts. Catch some additional shots of 1908/2010 New York City after the jump.

Read the rest of this entry »

Just the other day we were thinking “You know what we need more of around here? Harmonographs!” And our requests were answered when [Paul] sent in his three pendulum harmonograph. For those unaware, it’s a mechanical device that draws Lissajous curves or “really cool circles” to quote some of our staff.

[Paul] includes all the plans necessary to make your own harmonograph and begin drawing today. If you can’t wait, there’s a video of the three pendulum harmonograph etching a masterpiece after the jump. Read the rest of this entry »

When [Justin Quinnell] sent in his beer can pinhole camera, we were just floored. The parts are easy to obtain, and the process for building and ‘shooting’ with the camera are near effortless.

The really impressive part of this hack is letting your camera sit for 6 months facing the sun. Yes, you read that correct, a 6 month exposure. Check out after the break for one of his astonishing shots, and trust us, its well worth the click. Read the rest of this entry »

Researchers at NGS Software have come up with a method to embed malicious code into a picture. When viewed, the picture could send the attacker the credentials of the viewer. Social sites like Facebook and Myspace are particularly at risk, but the researchers say that any site which includes log ins and user uploaded pictures could be vulnerable. This even includes some bank sites.

The attack is simply a mashup of a GIF picture and a JAR (Java applet). The malicious JAR is compiled and then combined with information from a GIF. The GIF part fools the browser into opening it as a picture and trusting the content. The reality is, the Java VM recognizes the JAR part and automatically runs it.

The researchers claim that there are multiple ways to deal with this vulnerability. Sun could restrict their Virtual Machine or web applications could continually check and filter these hybrid files, but they say it really needs to be addressed as an issue of browser security. They think that it is not only pictures at risk, but nearly all browser content.
More details on how to create these GIFARs will be presented at this week’s Black Hat conference in Las Vegas.