Year: 2008

Magnetic Stripe Card Spoofer

August 4, 2008 by 25 Comments

After building a USB magnetic stripe reader, [David Cranor] has found a way to fool a magnetic stripe reader using a hand-wound electromagnet and an iPod. The data on a card is read and stored on a computer, then encoded as a WAV file using a C++ program. The iPod plays the WAV file with the data through a single-stage opamp amplifier connected to the headphone jack. The amplifier is used to drive the electromagnet. Video embedded after the jump.

By no means is this a new idea. There have been a lot of mangetic stripe projects and software. This project in particular references the 1992 Phrack article “A Day in the Life of a Flux reversal” by [Count Zero].

Don’t get your hopes up just yet on strolling through high security installations using this little device. It can only replay the data from a card that has been recorded. If you don’t have a known working card, it won’t get you very far.

Continue reading “Magnetic Stripe Card Spoofer”

The GIFAR Image Vulnerability

August 4, 2008 by 7 Comments


Researchers at NGS Software have come up with a method to embed malicious code into a picture. When viewed, the picture could send the attacker the credentials of the viewer. Social sites like Facebook and Myspace are particularly at risk, but the researchers say that any site which includes log ins and user uploaded pictures could be vulnerable. This even includes some bank sites.

The attack is simply a mashup of a GIF picture and a JAR (Java applet). The malicious JAR is compiled and then combined with information from a GIF. The GIF part fools the browser into opening it as a picture and trusting the content. The reality is, the Java VM recognizes the JAR part and automatically runs it.

The researchers claim that there are multiple ways to deal with this vulnerability. Sun could restrict their Virtual Machine or web applications could continually check and filter these hybrid files, but they say it really needs to be addressed as an issue of browser security. They think that it is not only pictures at risk, but nearly all browser content.
More details on how to create these GIFARs will be presented at this week’s Black Hat conference in Las Vegas.

Make: Television

August 4, 2008 by 2 Comments

Make Magazine, famous for the Maker Faire, among other things, has announced a new project called Make: television. The show will be coming to public television stations throughout the USA starting early 2009. The big news is that you can submit 2 minute long videos of your projects to be included in the show’s Maker Channel segment. The bigger news is that if your video is selected, they’ll send you a $50 gift certificate from the Maker Shed and a free year of Make Magazine.

Build A Simple Bat Detector

August 4, 2008 by 8 Comments


[Tony Messina] had been fascinated with bat’s echolocation since he was a kid. After he retired, he decided to act on this fascination and built a simple bat detector.

The simple bat detector uses frequency division to lower the bat’s chirping to a frequency we can hear. For example, if a bat is calling at 91kHz the system will divide it by 16 and put out 5.7kHz. The system is digital, so all amplitude is lost. You’ll just hear clicks like a Geiger counter. Being digital has its advantages though. Unlike similar analog devices that have to be tuned to a small frequency range, the simple bat detector can detect a much wider window.

Continue reading “Build A Simple Bat Detector”

CNC Wood Router

August 3, 2008 by 16 Comments


[GlacialWanderer] has published the first pictures from his CNC machine build. It’s a three axis gantry style machine that he intends to route and engrave wood with. He’s posted a detailed cost breakdown: $1800. He estimates spending 30 hours researching on sites like CNCzone. The build time for the mechanical side was around 50 hours. The electrical system hasn’t been hoooked up yet, so look for that in a future post. It looks like an incredible machine already, so we can’t wait to see what’s next.

New From SparkFun

August 3, 2008 by 3 Comments


SparkFun is rolling out interesting things to play with every week. They’ve added a NanoMuscle actuator that uses a shape memory alloy to lift nearly 70 times its own weight. Their LilyPad collection has expanded to include small momentary switches and a thermistor type temperature sensor. Lastly, they’ve got an FM receiver module. It just needs an antenna and uses I2C or SPI for control.

About:config Hacks For Firefox 3

August 3, 2008 by 9 Comments

Blogs DNA has some great suggestions for tweaking the Firefox 3 about:config file. Customize Firefox 3 to your particular preferences with hacks to reduce the number of auto-complete list in your URL bar, extend spell check to forms, and disable blinking text. All it takes is a few simple modifications to the about:config file. By editing the about:config file, you can have a Firefox 3 that is faster, less bloated, and more tailored to your browsing habits. Do you have any suggestions for tweaks to Firefox 3?

[via Digg]