Security Hacks

1530 Articles

Knock Detecting Lock

November 4, 2009 by 18 Comments

[youtube=http://www.youtube.com/watch?v=zE5PGeh2K9k]

[Steve] shows us his version of the knock detecting lock system. The idea is pretty simple, knock in a certain pattern and the door unlocks. We’ve seen it before several times. This solution is somewhat cleaner than the others, not only in physical design, but also in how you reprogram it. Simply push the reprogram button and enter your new knock. We’re a bit surprised that the suction cups actually hold it on the door. Maybe it’s just us, but we can never seem to get those things to hold very well. There are lots of great pictures as well as the source code available on his site.

[via HacknMod]

FreeBOOT Gives The Xbox 360 JTAG Hack New Life

October 20, 2009 by 39 Comments

xbox360-freeBOOT-exploit

There has been another development in the never-ending battle that is Microsoft trying to keep its gaming system closed to unauthorized use. Xbox-scene reports that a new hack called freeBOOT v0.01 allows the Xbox 360 to upgrade to the newer kernels, but allows the option of rebooting to an older kernel in order use the JTAG exploit and gain access to the hardware.

In case you missed it, the JTAG hack is a way to run homebrew code on an Xbox 360. Exploiting this hack makes it possible to boot a Linux kernel in about five seconds. We’ve long been fans of the homebrew work done with XBMC on the original Xbox and hope that advances like this will lead to that end. We want this because the older hardware cannot handle high definition content at full resolution but the Xbox 360 certainly can.

This exploit is still far from perfect. It currently requires that the Cygnos360 mod chip be installed on the system. A resistor also needs to be removed from the board to prevent accidental kernel updating. That being said, this is still progress. If you’re interested in step-by-step details, take a look at the text file instructions provided.

[Thanks wdfowty]

Two-factor Authentication Using A Hardware Token

October 20, 2009 by 106 Comments

RSA-SecurID-hardware-token

We ran into a friend a while back who was logging into her employer’s Virtual Private Network on the weekend. She caught our attention by whipping out her keys and typing in some information from a key-fob. It turns out that her work uses an additional layer of protection for logging into the network. They have implemented a username, pin number, as well as a hardware token system called SecurID.

The hardware consists of a key-fob with an LCD screen on it.  A code is displayed on the screen and changes frequently, usually every 60 seconds. The device is generating keys based on a 128-bit encryption seed. When this number is fed to a server that has a copy of that seed, it is used as an additional verification to the other login data.

This seems like a tech trickle-down of the code generating device from GoldenEye. It does get us thinking: with the problems free email services have been having with account theft, why aren’t they offering a fee-based service that includes a security fob? With the right pricing structure this could be a nice stream of income for the provider. We’re also wondering if this can be implemented with a microcontroller and used in our home network. As always, leave comments below and let us know if you’ve already built your own system using these principles.

Update: Thanks to Andre for his comment that tells us this type of security is available for Apache servers. The distribution includes a server side authentication system and a Java based token generator that can run on any handheld that supports Java.

POV Fan EEPROM Hack

October 9, 2009 by 4 Comments

pov_fan_eeprom_hacking

Hacking with Gum got their hands on one of the persistence of vision display fans that Cenzic was giving away at Blackhat this year. It’s not the biggest fan-based POV display we’ve seen but it’s still a fun device to tinker with. They hacked into the EEPROM on the device in order to change the message the fan displayed.

This is very similar to the other EEPROM reading/writing we’ve seen recently. Hacking with Gum read the data off of the EEPROM and then disassembled it to discover how the message data is stored on the chip. This was made easier by noting the messages displayed when the fan is running. The first byte of data shows the number of words in the message, then each chunk of word data is preceded by one byte that represents the number of letters in that work. Data length was calculated based on the number of pixels in each display character. Once he knew the data-storage scheme, it was just a matter of formatting his own messages in the same way and overwriting the chip.

This is a great write-up if you’re looking for a primer on reverse engineering an unknown hardware system. If you had fun trying out our barcode challenges perhaps deciphering EEPROM data from a simple device should be your next quest.

[Thanks James]

Safelock: Biometric Typing Security

October 9, 2009 by 33 Comments

[youtube=http://www.youtube.com/watch?v=_vMb9JUhC1g]

We’ve seen some ways to bypass biometric security measures but here’s a new offering that we think will be hard to fool. The Safelock system is used in conjunction with a password to identify a specific user. This software records your typing style including the time between keystrokes, the time keys are held, and key pressure data. This information is then normalized and compared to the information stored about the user when the password was originally set. If you don’t fall within specifications that match the stored data, you won’t get in even with the right password.

The icing on the cake is that Safelock will look for malicious users. If you enter the wrong password, it will begin to record and analyze your typing style. If you make enough incorrect attempts you will be labeled as a security threat and locked out of the system altogether. We can only think of one reliable way to circumvent this and that’s using a man-in-the-middle method of recording the keyboard inputs of the legitimate user for playback later.

This is an innovative user identification system and we’re not the only ones that think so. [Jeff Allen] and [John Howard], students at SMU won first prize for the Student Innovation Contest at the 2009 User Interface Software and Technology Symposium.

Adding A Keypad To A Key Card Lock

October 9, 2009 by 19 Comments

keypad

[Colin Merkel] had a little problem: he was continually forgetting his electronic key card, locking himself out of his own dorm room. Like any normal Hack a Day reader, rather than getting in the habit of always carrying his card, the natural impulse of course is to build this elaborate rig of electronics and duct tape. Right?

The result is an additional keypad that can be used to gain access…not by altering the existing electronic lock, but with a secondary mechanism that operates the inside door handle. An 8-bit PIC microcontroller scans the outside keypad (connected by a thin ribbon cable), and when a correct access code is entered, engages a 12 volt DC motor to turn the handle. It’s a great little writeup that includes a parts list, source code, and explains the process of keypad scanning.

It’s similar to the RFID-based dorm hack we previously posted. By physically operating the handle, most any approach could be used: facial recognition, other biometrics, DDR pad, or whatever inspired lunacy you can dream up.

Robot Security Patrol Brings Skynet Closer

October 6, 2009 by 11 Comments

autonomous_atv

The students at the University of Oklahoma have put together a robot that will surely join the other drones in our future robot overlord regime. This autonomous vehicle was produced to replace human security patrols which can be both boring and dangerous. Intent on delivering surveillance to most locations, an all terrain vehicle was used as the base. It can navigate by itself through an obstacle avoidance system and communicate video and audio wirelessly. After the break we’ll take a look at the systems that make this work. Continue reading “Robot Security Patrol Brings Skynet Closer”