Security Hacks

1567 Articles

Security System Gives You A Call When It Senses Intruders

September 8, 2011 by 13 Comments

gsm_motion_detector_alarm_system

[Dimitris] decided to build a homemade alarm system, but instead of triggering a siren, sending an SMS message, or Tweeting about an intrusion, he preferred that his system call him when there was trouble afoot. He says that he preferred a call over text messaging because there are no charges associated with the call if the recipient does not pick up the line, which is not the case with SMS.

The system is based around an off the shelf motion detector that was hacked to work with an old mobile phone. The motion detector originally triggered a siren, but he stripped out the speaker and wired it to a bare bones Arduino board he constructed. The Arduino was in turn connected to the serial port of an unused Ericssson T10s mobile phone. This allows the Arduino to call his mobile phone whenever the motion detector senses movement.

The system looks to be quite useful, and while [Dimitris] didn’t include all of the code he used, he says others should be able to replicate his work without too much trouble.

Intel’s New Way Of Creating Randomness From Digital Orderliness

September 2, 2011 by 43 Comments

Random number generation is a frequent topic of discussion in projects that involve encryption and security. Intel has just announced a new feature coming to many of their processors that affect random number generation.

The random number generator, which they call Bull Mountain, marks a departure from Intel’s traditional method of generating random number seeds from analog hardware. Bull Mountain relies on all-digital hardware, pitting two inverters against each other and letting thermal noise tip the hand in one direction or the other. The system is monitored at several steps along the way, tuning the hardware to ensure that the random digits are not falling more frequently in one direction or the other. Pairs of 256-bit sequences are then run through a mathematical process to further offset the chance of predictability, before they are then used as a pseudorandom number seed. Why go though all of this? Transitioning to an all-digital process makes it easier and cheaper to reduce the size of microchips.

A new instruction has been added to access this hardware module: RdRand. If it works as promised, this should remove the need for elaborate external hardware as a random number source.

[via Reddit]

Knock Lock With Logic Chips

August 30, 2011 by 13 Comments

[Eric] needed a project for his digital logic design class, and decided on a lock that open in response to a specific pattern of knocks. This is a fairly common project that we’ve seen a few builds with ‘knock locks,’ but this one doesn’t use a microcontroller. Instead, it uses individual logic chips.

The lock senses the knocks with a piezo, just like every other build we’ve seen. Unlike the other builds, the knock pattern is then digitized and stored in an EEPROM. [Eric] only used 12 chip for this build, a feat he could accomplish with a few digital tricks, like making an inverter by tying one XOR input high.

We’ve seen a 555-based knock lock before, but getting the timing right with that seems a little maddening. [Eric]’s build seems much more user-friendly, and has the added bonus of being programmed by knocking instead of turning potentiometers. Check out [Eric]’s knock lock after the break.

Continue reading “Knock Lock With Logic Chips”

Project 25 Digital Radios (law Enforcement Grade) Vulnerable To The IM-ME

August 18, 2011 by 73 Comments

Would you believe you can track, and even jam law enforcement radio communications using a pretty pink pager? It turns out the digital radios using the APCO-25 protocol can be jammed using the IM-ME hardware. We’ve seen this ‘toy’ so many times… yet it keeps on surprising us. Or rather, [Travis Goodspeed’s] ability to do amazing stuff with the hardware is what makes us perk up.

Details about this were presented in a paper at the USENIX conference a few weeks ago. Join us after the break where we’ve embedded the thirty-minute talk. There’s a lot of interesting stuff in there. The IM-ME can be used to decode the metadata that starts each radio communication. That means you can track who is talking to whom. But for us the most interesting part was starting at about 15:30 when the presenter, [Matt Blaze], talked about directed jamming that can be used to alter law enforcement behavior. A jammer can be set to only jam encrypted communications. This may prompt an officer to switch off encryption, allowing the attackers to listen in on everything being said to or from that radio.

Continue reading “Project 25 Digital Radios (law Enforcement Grade) Vulnerable To The IM-ME”

Gyroscope-based Smartphone Keylogging Attack

August 18, 2011 by 31 Comments

smartphone_keylogging_with_gyroscopes

A pair of security researchers have recently unveiled an interesting new keylogging method (PDF Research Paper) that makes use of a very unlikely smartphone component, your gyroscope.

Most smart phones now come equipped with gyroscopes, which can be accessed by any application at any time. [Hao Chen and Lian Cai] were able to use an Android phone’s orientation data to pin down what buttons were being pressed by the user. The attack is not perfect, as the researchers were only able to discern the correct keypress about 72% of the time, but it certainly is a good start.

This side channel attack works because it turns out that each button on a smart phone has a unique “signature”, in that the phone will consistently be tilted in a certain way with each keypress. The pair does admit that the software becomes far less accurate when working with a full qwerty keyboard due to button proximity, but a 10 digit pad and keypads found on tablets can be sniffed with relatively good results.

We don’t think this is anything you should really be worried about, but it’s an interesting attack nonetheless.

[Thanks, der_picknicker]

PS2 To USB Keyboard Converter Also Logs Your Keystrokes

August 16, 2011 by 15 Comments

[Shawn McCombs] is up to no good with his first Teensy project. The board you see above takes the input from a PS2 keyboard and converts it to a USB connection. Oh, and did we mention that it also keeps track of everything you type as well?

From the beginning the project was intended to be a keylogger. It’s a man-in-the-middle device that could be hidden inside the case of a keyboard, making it appear to be a stock USB keyboard. Data is stored to an SD card so an attacker would need to gain access to the hardware after the data he’s targeting has been typed.

It works mostly as [Shawn] expected. He is, however, having trouble handling the CTRL, ALT, Windows, and Caps Lock keys. If this were actually being used maliciously it would be a dead giveaway. Many secure Windows machine require a CRTL-ALT-DELETE keystroke to access the login screen.

Hacking QR Codes For Fun And Profit

August 9, 2011 by 45 Comments

QR codes are everywhere these days, from being printed onto receipts to chiseled into granite tombstones. [Will] came up with a way to modify existing QR codes, and his hack has the potential to cause quite a bit of harmless mischief.

[Will]’s hack involves a little photo editing, transparency film, and some white-out/Liquid Paper/Tippex. After the ‘target’ and ‘destination’ QR codes have been imported into Gimp, the differences are found and the result printed out on a transparency sheet. After that,  hang the transparency over the original and the QR code now goes to the URL of your choice.

Continue reading “Hacking QR Codes For Fun And Profit”