On June 23rd, EFiX is planning on releasing a USB dongle that will let any PC boot and install OSX from a retail DVD. The commercial device is supposed to take care of all patching and other woes OSX86 enthusiasts have had to deal with. Very little information is provided other than a statement that the development process took a lot of time and that they overcame “sabotage”… so, it’s got that going for it. Major OSX86 contributor (and Psystar hater) [Netkas] received a device to test and was pleased with the results. We’re just going to wait and see what happens. Not that it matters; they have no plans of releasing it in the US.
The video above is ArcAttack! playing the classic “Popcorn” through their signature Tesla coils. Solid state Tesla coils (SSTC) can generate sound using what [Ed Ward] calls pulse repetition frequency (PRF) modulation. The heat generated by the plasma flame causes rapid expansion of the surrounding air and a resulting soundwave. An SSTC can be operated at just about any frequency, so you just need to build a controller to handle it. The task is made more difficult because very few electronics are stable in such an intense EM field. [Ed] constructed a small Faraday cage for his microcontroller and used optical interconnects to deliver the signals to the Tesla coils.
Guessing games are fun, especially when unnamed hardware and prizes are involved. [bunnie] holds a Name that Ware contest on his blog once a month; he posts an image of hardware components like the PCB above (which is May’s mystery ware) and asks visitors to try to guess the machine it came from or at least its function. Aside from the prizes he gives out, winners get the most coveted of all rewards: bragging rights. He’s been running the monthly contest for quite some time and it’s not always PCBs; past wares have included this micron thickness guage (internal) and an xray of a crystal oscillator.
[Hall] used an LCD with two 16 character rows and 8×5 pixels in each character. He displayed the image over 2×3 characters, which gave him 17×18 pixels (including the spaces between the characters) to work with. The first step after acquiring an image is to rasterize the image by hand onto graph paper. This won’t be scanned, it’s just a diagram to determine which pixels to light up.
Crafting isn’t really our thing, but just last week we were planning on doing this project. Thanks to the how-to singularity: the longer we wait, the more likely someone else will do our dirty work. The instructions are this:
In all seriousness, we do enjoy the idea of carrying an innocuous little book around that could be doing some covert WiFi scanning, acting as a mobile accesspoint, or live streaming our location to friends. Unfortunately, since it’s an iPhone, most of this isn’t possible yet; you can’t even voice dial from your headset, while leaving the notebook in your pocket. This case also blurs what is considered rude. Most people would be annoyed if you started txting mid conversation, but people taking notes in Moleskines don’t get the same treatment.
2600 editor [Emmanuel Goldstein], has decided to publish The Best of 2600. It features some of the best essays on lockpicking, phone phreaking, social engineering, and other topics that the hacker quarterly had to offer.
Founded in 1984, 2600 was one of the major catalysts that got the modern hacker scene going. They published controversial articles on topics like red boxing and spawned monthly meetings. This firsthand account of the development of hacker culture will be released in July at The Last HOPE in New York.
The Zlob trojan, also known as DNSChanger, has been around for a few years, but recent Zlob variants to appear in the wild attempt to log into routers using a list of default admin/password combos. If they succeed, they alter the DNS records on the router to reroute traffic through the attacker’s server.
Our friend [Dan Kaminisky] recently did a presentation warning against vulnerabilities in internet browser plugins that allow attackers to mount DNS rebinding attacks against routers with default passwords.. Though it achieves the same end, Zlob is different because it infects by the tried-and-true method of fooling users into downloading it inside a fake video codec. Once it is running on a client machine, it is free to attempt to use the default admin id and password of the router to log in and alter DNS settings. It even supports the DD-WRT firmware.
Even if a system is wiped clean of Zlob trojans, the router could still be compromised. The good news is that it is easy to fix and even easier to prevent. Fixing it takes no more than wiping all network clients clean, then resetting the router and restoring custom settings. Prevention is a simple matter of changing the router’s password.