Defcon 16: Biometric Cloning

August 14, 2008 by Eliot 7 Comments

One of the more novel talks we saw at Defcon was [Zac Franken] presenting on access control systems. He covered several different types, but the real fun was his live demo of bypassing a hand geometry scanners like the one pictured above. With the help of two assistants, 4 pounds of chromatic dental alginate, and 5 liters of water, he made a mold of his hand. The box he placed his hand in had markings to show where the pegs on the scanner are located. After 2 minutes he could remove his hand from the cavity. They then filled the mold with vinylpolysiloxane, making sure to remove all bubbles. 20 minutes later the hand was solid and passed the scanner’s test. This may not be a completely practical attack, but it does defeat the overall idea of biometrics; biometrics are built on the assumption that every person is unique and can’t have their features reproduced.

[Zac] also showed an interesting magnetic card spoofer that emulated all three tracks using coils of magnet wire. We hope to see more about that in the future.

[photo: morgan.davis]

RIAA Pays Out $108,000 To P2P Lawsuit Defendant

August 14, 2008 by rossfairgrieve 13 Comments

[Tanya Andersen], the defendant in Atlantic v. Andersen, has finally been paid $107,951 for reimbursement of legal fees. RIAA lawyers had appealed to get the amount reduced and originally offered $30,000 then $60,000, but [Andersen]’s lawyers convinced the judge to uphold the six-figure sum.

This is a significant setback for industry lawyers who often use illegal discovery techniques and have been criticized for using overly-litigious legal strategies to force defendants to settle. Sadly though, the payout only covers [Andersen]’s legal fees and doesn’t offer any compensation for damages, but a counter-suit filed in Portland, Oregon seeks exactly that. Here’s hoping her lawyers [Lory Lybeck] and [Ben Justus] continue to set favorable legal precedents for defendants of these lawsuits.

As far as the technical side of the discovery methods go, there are many ways to keep the RIAA off your back. The simplest is to disable your P2P client’s available file listing or turning off outbound traffic altogether. Other ways are to use encryption (although this is usually to get around ISP blocks) or download to an offsite machine. Hopefully, though, this judgment and eventual payout will make the recording companies reconsider the amount of lawsuits they file and to use less aggressive legal tactics.

New Discovery Channel Show Starring Hackers

August 14, 2008 by Kimberly Lau 15 Comments

A new Discovery Channel show titled Prototype This! will debut on October 15, 2008. Hoping to capture the same demographic as Mythbusters‘ audience, the show is about designing and creating robots, gadgets, and other things that nerds will love. Prototype This! is hosted by four wide-ranging experts: [Zoz Brooks], who’s got a PhD in robotics, [Mike North], who also has a PhD, in material sciences, [Terry Sandin], a special effects veteran of the Hollywood film industry, and [Joe Grand], who we’ve covered recently for his Defcon badge work. [Daniel Terdiman]’s glimpse behind the scenes reveals some interesting projects, from a stair-climbing robot to the creation of a pyro pack. We’ll be sure to set our DVRs to record.

[via Zero Day]

LED Floor Captures Digital Footprints

August 14, 2008 by Kimberly Lau 7 Comments

[youtube=http://www.youtube.com/watch?v=NpRE6CM3oOY&hl=en&fs=1&rel=0&color1=0x3a3a3a&color2=0x999999]
Sensacell created a unique interactive flooring system for the 2008 World Expo in Zaragoza, Spain. Comprised of 1000 LED panels, the 250 foot installation is covered in architectural glass and lights up in response to pressure. We like what different people are doing in this clip; from walking in a line to dragging a mop over the floor, the results are undeniably captivating and ultimately irresistible.

[via Gizmodo]

Burning In The Siftables

August 13, 2008 by Caleb Kraft 5 Comments

[Curiouslee] put up some pictures of his Siftables burn in. He got them in the mail with all their accessories and decided to make a special box to carry it all. He started with an ArtBin parts box and cut out dividers where necessary to make everything fit nice and tidy.

The Siftables are quite interesting. They are an information interface that is supposed to be more physical and natural. The analogy they use is a container of nuts and bolts can be sifted through quite easily using your hands. They envision us being able to sift through data similarly. They also mention that it could be used as a gestural interface as well.

Continue reading “Burning In The Siftables” →

Russia Vs Georgia, The Online Front

August 13, 2008 by Nick Caiello 19 Comments

While we’re sure that just about everyone has heard about the conflict between Russia and Georgia, few have probably heard about the role of cyber attacks in the conflict. Shortly before Russia’s armed response, Georgian state web servers were attacked by individuals assumed to be Russian hackers. This attack almost completely obliterated Georgia’s online presence by shutting down the website for the Ministry of Defense, and the Central Government’s main site. The Russian attackers seem to be using some form of sustained DDoS to keep many Georgian sites offline. In an effort to preserve some web presence, the Georgian Government transferred [President Mikheil Saakashvili]’s site to a US hosting provider in Atlanta. The Ministry of Foreign Affairs even created a BlogSpot page after their website initially went down. While politically motivated DDoS attacks have not been rare in past months, this seems to be the first time where the attacking party can be clearly identified. This seems to be the start of a trend where the unconventional methods of cyber warfare are used to gain an advantage over the enemy.

[photo: somefool]

Possible Entrapment Scenario In Hacking Case

August 13, 2008 by Kimberly Lau 3 Comments

[Brian Salcedo] made headlines a few years ago as a hacker who attempted to break into Lowe’s corporate network. He is currently serving a nine-year prison sentence, one of the longest sentences for a computer hacking offense. Recent events surrounding a different hacking case have revealed that the buyer he worked for, [Albert “Segvec” Gonzalez], was a Secret Service informant. [Salcedo] claims that were it not for [Gonzalez]’s threats, he would not have committed the hacking offense. While the Secret Service may not have even been aware of [Gonzalez’s] activity with other hackers, [Salcedo] could make a case of entrapment by arguing that [Gonzalez] threatened him as a government agent in order to make him plant the sniffer in Lowe’s network.

Hackaday

News

3657 Articles

Defcon 16: Biometric Cloning

RIAA Pays Out $108,000 To P2P Lawsuit Defendant

New Discovery Channel Show Starring Hackers

LED Floor Captures Digital Footprints

Burning In The Siftables

Russia Vs Georgia, The Online Front

Possible Entrapment Scenario In Hacking Case

Search

Never miss a hack

If you missed it

Hacking The System In A Moral Panic: We Need To Talk

Fictional Moon: Reality TV And SciFi Don’t Mix

How I 3D Printed My Own Lego-Compatible Train Bridges

Pokemon Go Had Players Capturing More Than They Realized

German Fireball’s 15 Minutes Of Fame

Our Columns

Ask Hackaday: Wired Or Wireless Headphones?

Hackaday Links: March 15, 2026

What Is A Computer?

Hackaday Podcast Episode 361: Hackaday Podcast Mailbag, A Phone Is Not A Computer, 3D Printing History Is New Again

This Week In Security: Plenty Of Patches, Replacing Old Gear, And Phrack Calls For Papers

Search

Never miss a hack

Subscribe

If you missed it

Our Columns