[Nils Pipenbrinck] has been working on a very interesting problem. The SIM card in your cellphone talks to the contactless near-field communication (NFC) chip through a cool protocol that we’d never hear of until reading his blog: single wire protocol (SWP).
The SIM card in your cellphone has only a limited number of physical connections — and by the time NFC technology came on the scene all but one of them was in use. But the NFC controller and the SIM need full-duplex communications. So the SWP works bi-directionally on just one wire; one device modulates the voltage on the line, while the other modulates the current, essentially by switching a load in and out.
This signalling protocol makes snooping on this data line tricky. So to start off his explorations with SWP, [Nils] built his own transceiver. That lead [Nils] to some very sensitive analog sniffer circuit design that he’s just come up with.
If you get interested in SWP, you’ll find the slides from this fantastic presentation (PDF) helpful, and they propose a solution very similar to the one that [Nils] ended up implementing. That’s not taking anything away from [Nils]’s amazing work: with tricky high-speed analog circuitry like this, the implementation can be more than half of the battle! And we’ll surely be following [Nils]’s blog to see where he takes this.
Banner image: An old version and a new version of the transceiver prototype.
Thanks to [Tim Riemann] for the tip!
[Robert] has been snooping around Naenara in order to learn more about how North Korea’s intranet might work. Naenara is the web browser that comes bundled with North Korea’s official Linux-based operating system known as Red Star OS. [Robert] once saw a screenshot of the browser and found it interesting that the browser seemed to automatically load a non-routable IP address immediately upon start-up. This made him curious about what other oddities one might uncover from the software.
Upon start-up, the browser tries to load a page located at IP address 10.76.1.11, which is a reserved IP address for private use. This indicated that North Korea’s “Internet” is actually more of in intranet. [Robert] suspects that the entire country may be running in private address space, similar to how your home or business likely runs.
[Robert’s] next thoughts were that the browser looks like a very old version of Mozilla Firefox, but with some default configuration changes. For one, all crashes are automatically transmitted to “the mothership”, as [Robert] calls it. He suspects this is to fix not only bugs, but also to find and repair any security vulnerabilities that may allow users more control.
There are some other interesting changes as well, such as the supported security certificates. The Naenara browser only accepts certificates issued by the DPRK, which would make it very easy for them to snoop on encrypted HTTPS traffic. there is also evidence suggesting that all traffic for the entire country is routed through a single government controlled proxy server.
None of these findings are all that surprising, but it’s still interesting to see what kind of information can be gleamed from poking around the browser and operating system. [Robert] has found more than just these few findings. You can check out the rest of his findings on his blog.
Most tech savvy individuals are well aware of the vast amounts of data that social networking companies collect on us. Some take steps to avoid this data collection, others consider it a trade-off for using free tools to stay in touch with friends and family. Sometimes these ads can get a bit… creepy. Have you ever noticed an ad in the sidebar and thought to yourself, “I just searched for that…” It can be rather unsettling.
[Brian] was looking for ways to get back at his new roommate in retaliation of prank that was pulled at [Brian’s] expense. [Brian] is no novice to Internet marketing. One day, he realized that he could create a Facebook ad group with only one member. Playing off of his roommate’s natural paranoia, he decided to serve up some of the most eerily targeted Facebook ads ever seen.
Creating extremely targeted ads without giving away the prank is trickier than you might think. The ad can’t be targeted solely for one person. It needs to be targeted to something that seems like a legitimate niche market, albeit a strange one. [Brian’s] roommate happens to be a professional sword swallower (seriously). He also happens to ironically have a difficult time swallowing pills. naturally, [Brian] created an ad directed specifically towards that market.
The roommate thought this was a bit creepy, but mostly humorous. Slowly over the course of three weeks, [Brian] served more and more ads. Each one was more targeted than the last. He almost gave himself away at one point, but he managed to salvage the prank. Meanwhile, the roommate grew more and more paranoid. He started to think that perhaps Facebook was actually listening in on his phone calls. How else could they have received some of this information? As a happy coincidence, all of this happened at the same time as the [Edward Snowden] leaks. Not only was the roommate now concerned about Facebook’s snooping, but he also had the NSA to worry about.
Eventually, [Brian] turned himself in using another custom Facebook ad as the reveal. The jig was up and no permanent damage was done. You might be wondering how much it cost [Brian] for this elaborate prank? The total cost came to $1.70. Facebook has since changed their ad system so you can only target a minimum of 20 users. [Brian] provides an example of how you can get around the limitation, though. If you want to target a male friend, you can simply add 19 females to the group and then target only males within your group of 20 users. A pretty simple workaround
This prank brings up some interesting social questions. [Brian’s] roommate seemed to actually start believing that Facebook might be listening in on his personal calls for the purposes of better ad targeting. How many other people would believe the same thing? Is it really that far-fetched to think that these companies might move in this direction? If we found out they were already doing this type of snooping, would it really come as a shock to us?
Researchers at the University of Utah have been able to detect movement in a room based on variations in wireless signals. Accurate to about a meter, they are using a 34 node wireless network to do their sensing. As a person moves, they change the signals, and can therefore be detected. They state one possible application being rescue workers deploying multiple wireless nodes around a building to find people located inside.
Our wallets are filling up with SIM and RFID cards that contain hidden information. Using our latest project, the Bus Pirate universal serial interface, we can dump the memory from many common smart cards. In today’s How-to, we show you how to interface common smart cards, and walk you through the data stored on a FedEx Kinko’s prepaid value card.
Continue reading “How-to: Read a FedEx Kinko’s smart card (SLE4442)”