Super Game Boy Boot ROM Dumped

gameboy_boot_rom_dump_hardware

[Costis] managed to dump a copy of the boot ROM for the Nintendo Super Game Boy. This small piece of code (256 bytes) writes a graphic to the display at boot time as it loads the ROM on the game cartridge. He was able to dump the code by finding the exact point at which the device locks down the boot ROM. Just as that point approached he overclocked the device causing it operate so fast it couldn’t write the lockout bits into the register. Once past that single point of security, he executes a code that writes the boot rom out to a different address that he is able to read from. He’s got a copy of the dump along with the explanation up for your enjoyment.

[Thanks Anthony]

SecurityTube – A YouTube For Hacks

securitytube

SecurityTube is a site which has recently caught our attention. The site has quite a variety of videos from various sources related to security and hacking. Videos range from DEFCON talks, to documentaries, step by step how tos, and even proof of concept vulnerability videos. It’s certainly a great resource for anyone looking for something a bit more involved then a plain text writeup, and offers a way for you to catch those hacker conference talks you missed. Many of the videos come with a bit of a background information as well, so it’s far more informative then your regular YouTube videos. This site is certainly going to become a very valuable resource for many people, and is certainly a great way to kill an afternoon while still learning something.

Android App “tests” Windows Vulnerability

android_windows_vulnerability_checker

An Android App for “testing” the Windows SMB2 vulnerability we covered last week has been released. For testing? Yeah right! The availability of this kind of software makes it ridiculously easy for anybody to go out and cause some havoc. Go right now and double check that your machines that run Windows Vista or Windows Server 2008 are protected (see the “workarounds” section.)

[Thanks Tom101]

Disabling Your Cell Phone’s Mic For Security

reedswitch

[Dan] set up this simple cell phone hack to disable his microphone when he’s not using his cell phone. He had read that the government can listen to you using your cell phone, even when it is off. This concerned him enough to hack into his phone. He removed the expansion port and wired the microphone to a magnetic reed switch. A strong magnet located in the screen side of his flip phone opens the circuit when he closes the phone. He notes that you could always just pop the battery out of your phone, but then you are left completely disconnected. This mod allows you to still receive phone calls.

Blue Light Special: Earn $10 By Installing Spyware

sears

Ars technica is reporting on the ruling from the FTC about the software shenanigans of Kmart and Sears. The marketing geniuses behind the parent company of Sears and Kmart decided they needed more information about the users of their website. Their solution? Offering $10 to users who install their custom software which phones home with data on just about everything they do on their computer. Not content with just browsing habits of webites, the software apparently recorded everything the user did online, including secure sessions. Under the settlement (PDF) with the FTC, Sears says they will stop collecting data and promises to destroy any and all information they’ve collected so far. Selling what websites you’ve been to, how much money you have, which prescriptions you take and what products you’re interested in for the low low price of $10 seems like a bargain.

Windows 7 And Vista Crash Via SMB Exploit

vista_dx10_bsod

[Laurent Gaffié] has discovered an exploit that affects Windows Vista, Windows 7, and possibly Windows Server 2008 (unconfirmed). This method attacks via the NEGOTIATE PROTOCOL REQUEST which is the first SMB query sent. The vulnerability is present only on Windows versions that include Server Message Block 2.0 and have the protocol enabled. A successful attack requires no local access to the machine and results in a Blue Screen of Death.

[Laurent] has a proof of concept available with his writeup in the form of a python script (please, white hat use only). There is no patch for this vulnerability but disabling the SMB protocol will protect your system until one is available.

Update: According to the Microsoft advisory this vulnerability could lead to code execution, making it a bit worse than we thought. On the bright side, they claim that the final version of Windows 7 is not open to this attack, only Windows Vista and Windows Server 2008.

[via Full Disclosure]

[picture: Inquirer]

Firefox Master Password Recovery Tool

firemaster

It’s great in this day and age that browsers can remember our passwords for us, allowing us cross-site security without the hassle of memorizing a million different random passwords. It’s great, that is, until we forget our master password. Fret not, though; there is a solution. The folks over at Lifehacker show us how to use FireMaster to recover forgotten or misplaced Firefox master passwords. Perhaps a better solution is to just store those tricky passwords where nobody will find them.