Sslstrip, Hijacking SSL In Network

Last week at Black Hat DC, [Moxie Marlinspike] presented a novel way to hijack SSL. You can read about it in this Forbes article, but we highly recommend you watch the video. sslstrip can rewrite all https links as http, but it goes far beyond that. Using unicode characters that look similar to / and ? it can construct URLs with a valid certificate and then redirect the user to the original site after stealing their credentials. The attack can be very difficult for even above average users to notice. This attack requires access to the client’s network, but [Moxie] successfully ran it on a Tor exit node.

4 Or More Servos On An Arduino


The latest version of the Arduino software allows you to use more than two servos at a time. Curious Inventor has posted a demo showing how to run 4 servos from a keyboard input. The code should also work just fine on Arduino clones, like the Roboduino pictured above. They point out that if you are running version 12 of the software, some manual additions will be necessary.

False Theremin


[vilxes91] sent in this cool little false-theremin (translated). Its a pretty simple circuit, that can fit in really small places. It isn’t a true theremen because it uses the amount of light coming in around the lid for the modulation. To play it, you turn it on and open it up, the more open the lid, the higher the pitch. You can see a video of it in action after the break.

Continue reading “False Theremin”