News

3651 Articles

Crystal radios from Jeri Ellsworth's museum tour

Jeri Ellsworth Tours A Radio And Tech Museum

October 27, 2017 by 12 Comments

[Jeri Ellsworth] has done some YouTubing again (yes, that’s a word, just like YouTuber) after a four-year hiatus. She’s recently uploaded a very enjoyable four-part series touring the Museum of Radio and Technology in Huntington, West Virginia.

Part one contains radios spanning the ages, starting with a spark gap transmitter, some wonderful crystal sets, pocket radios from the 1940s, commercially available amateur radio transmitters and receivers from the 1930s to the 1950s, and more. There’s even a lovely hack of a transmitter built into an old refrigerator. Part two contains educational toys, three covers television sets and cameras, and four is about all types of record players and hi-fi. Each contains equipment as old as the spark gap transmitters in part one.

You may know of [Jeri] as co-founder of castAR, an augmented reality startup that recently shut its doors, but before that she was famous among hackers for her numerous projects ranging from a flexible electroluminescent display,  a centimeter wave scanner using hacked feed horns, to yours truly’s personal favorite, a Commodore 64 bass keytar.

So nuke some popcorn, sit back, and enjoy the tour following the break.

Continue reading “Jeri Ellsworth Tours A Radio And Tech Museum”

DUHK: Don’t Use Hard-Coded Keys

October 25, 2017 by 31 Comments

The title reads like the name of a lecture in cryptography 101 or the first rule of Crypto Club. ‘DUHK‘ is in fact neither of those but the name of a recently disclosed vulnerability in a pseudorandom number generating algorithm (PNRG) that was until recently part of the federal standard X9.31.

Random numbers are essential to viable cryptography. They are also hard to obtain leading to solutions like using the physical properties of semiconductors or decaying matter, that are governed by quantum effects. The next best solution is to log events that are hard to predict like the timing of strokes on a keyboard. The weakest source of randomness is math, which makes sense, because one of maths most popular features is its predictability. Mathematical solutions have the one redeeming quality of being able to produce a lot of numbers that look random to a human in a short time.

PNRGs require a starting point from which they begin to produce their output. Once this seed is known the produced sequence becomes predictable.

The X9.31 PNRG is an algorithm that is used in various cryptographic algorithms and has been certified in the Federal Information Processing Standards for decades until it was dropped from the list of approved standards in 2016. The researchers behind DUHK found out that the standard allowed the seed to be stored in the source code of its implementation. The next step was to look for software that did this and they found X9.31 in an older version of FortiOS running on VPN gateways.

Should I be Worried?

Probably, maybe not. The analysis (PDF) published by the team behind DUHK notes that the vulnerability is limited to legacy implementations and doesn’t allow to takeover the device running them, only to eavesdrop on ‘secure’ connections. The scope of this is much more limited than exploits like remote code execution via bluetooth. It is on the other hand providing a strong case for handling standards and technical certifications with extreme scrutiny. The teams conduct also gives insight into the best practises for white-hat hacking which are frequently discussed around here. And they have a great theme song.

MakerBot Really Wants You To Like Them Again

October 23, 2017 by 76 Comments

For the last couple years, a MakerBot press release has generally signaled that more pink slips were going to be heading out to the already shell-shocked employees at their NYC factory. But just last week something that could almost pass as good news came out of the once mighty 3D printer manufacturer, the unveiling of “MakerBot Labs”. A number of mainstream tech sites heralded this as MakerBot’s first steps back into the open source community that launched it nearly a decade ago; signs of a newer and more thoughtful MakerBot.

Reading the announcement for “MakerBot Labs”, you can almost believe it. All the buzz words are there, at least. In fact, if this announcement came from anyone else, in any other field, I’d probably be on board. Sharing knowledge and listening to the community is essential if you want to connect with hackers and makers. But this is MakerBot, and they’ve dug themselves into a very deep hole over the years.

The spectacular fall from grace that MakerBot has experienced, from industry leader to afterthought, makes this hat-in-hand peace offering hard to take seriously. It reads like a company making a last ditch effort to win back the users they were so sure they didn’t need just a few years ago. There is now a whole new generation of 3D printer owners who likely have never even seen a MakerBot printer, and it’s hard to imagine there’s still enough innovation and life in the company to turn that around before they completely fade into obscurity.

Continue reading “MakerBot Really Wants You To Like Them Again”

Artificial Intelligence At The Top Of A Professional Sport

October 20, 2017 by 20 Comments

The lights dim and the music swells as an elite competitor in a silk robe passes through a cheering crowd to take the ring. It’s a blueprint familiar to boxing, only this pugilist won’t be throwing punches.

OpenAI created an AI bot that has beaten the best players in the world at this year’s International championship. The International is an esports competition held annually for Dota 2, one of the most competitive multiplayer online battle arena (MOBA) games.

Each match of the International consists of two 5-player teams competing against each other for 35-45 minutes. In layman’s terms, it is an online version of capture the flag. While the premise may sound simple, it is actually one of the most complicated and detailed competitive games out there. The top teams are required to practice together daily, but this level of play is nothing new to them. To reach a professional level, individual players would practice obscenely late, go to sleep, and then repeat the process. For years. So how long did the AI bot have to prepare for this competition compared to these seasoned pros? A couple of months.

Continue reading “Artificial Intelligence At The Top Of A Professional Sport”

About That Giant Robot Battle Last Night

October 18, 2017 by 61 Comments

Two years ago we wrote about a giant robot battle between the USA and Japan. After two years in the making, MegaBots (team USA) and Suidobashi (team Japan) were finally ready for the first giant robot fight. If you are into battle bots, you probably did not miss the fight that happened around 7:00 pm PST. If you missed it, you can watch the whole thing here.

There were two duels. First it was Iron Glory (MkII) vs. Kuratas, and after that it was Eagle Prime (MkIII) vs. Kuratas.

Be warned, spoilers ahead.

Continue reading “About That Giant Robot Battle Last Night”

Microsoft Bug Tracking Hacked

October 17, 2017 by 15 Comments

It seems that the database containing descriptions of critical and unfixed bugs and/or vulnerabilities in some of the most widely used software in the world, including the Windows operating system, was hacked back in 2013. This database is basically gold for any security researcher, regardless of the color of their hat. To know which programs fail and the preconditions for that to happen is half an exploit right there.

Microsoft discovered the database breach in early 2013 after the highly skilled hacking group Morpho a.k.a. Butterfly a.k.a. Wild Neutron broke into computers at a number of major tech companies, including Apple, Facebook, and Twitter. The group exploited a flaw in the Java programming language to penetrate employees’ Apple Macintosh computers and then use them as pivots into the company internal network.

Official sources say that the Microsoft bug database was poorly protected, with access possible via little more than a password. Four years later, we have official confirmation that it happened. To measure the breach impact, Microsoft started a study to correlate the potential flaws in their databases and subsequent attacks. The study found that the flaws in the stolen database were actually used in cyber attacks, but Microsoft argued the hackers could have obtained the information elsewhere, and that there’s “no evidence that the stolen information had been used in those breaches.”

There is really no way to know besides asking the actual hacking group, which will most likely not happen… unless they are HaD readers, in this case they can feel free to comment.

[via Reuters]

Bad RSA Library Leaves Millions Of Keys Vulnerable

October 17, 2017 by 20 Comments

So, erm… good news everyone! A vulnerability has been found in a software library responsible for generating RSA key pairs used in hardware chips manufactured by Infineon Technologies AG. The vulnerability, dubbed ROCA, allows for an attacker, via a Coppersmith’s attack, to compute the private key starting with nothing more than the public key, which pretty much defeats the purpose of asymmetric encryption altogether.

Affected hardware includes cryptographic smart cards, security tokens, and other secure hardware chips produced by Infineon Technologies AG. The library with the vulnerability is also integrated in authentication, signature, and encryption tokens of other vendors and chips used for Trusted Boot of operating systems. Major vendors including Microsoft, Google, HP, Lenovo, and Fujitsu already released software updates and guidelines for mitigation.

The researchers found and analysed vulnerable keys in various domains including electronic citizen documents (750,000 Estonian identity cards), authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP. The currently confirmed number of vulnerable keys found is about 760,000 but could be up to two to three orders of magnitude higher.

Devices dating back to at least 2012 are affected, despite being NIST FIPS 140-2 and CC EAL 5+ certified.. The vulnerable chips were not necessarily sold directly by Infineon Technologies AG, as the chips can be embedded inside devices of other manufacturers.

Continue reading “Bad RSA Library Leaves Millions Of Keys Vulnerable”