Photographic Key Duplication

September 22, 2009 by Mike Szczys 49 Comments

[Ben] and his associates over at the University of California at San Diego came up with a way to duplicate keys using a picture of them. They developed an algorithm that uses measurements from known key blanks to extrapolate the bitting code. Because the software is measuring multiple points it can correct the perspective of the photo when the key is not photographed on a flat surface, but from an angle.

They went so far as to test with cell phone cameras and using a telephoto lens from 195 feet away. In most cases, correct keys were produced within four guesses. Don’t miss their wonderful writeup (PDF) detailing how key bitting works, traditional covert duplication methods, and all the details of their process. The lack of available code prevents us all from playing secret agent (or felon) with this idea but [Ben] did mention that if there is sufficient interest he might release it.

Lock bumping showed us how weak our security is, but this is a bit scary.

[Thanks Mike]

TI Lashes Out At Their Biggest Fans

September 22, 2009 by Caleb Kraft 44 Comments

Texas Instruments has issued a DMCA notice to United TI, a group of enthusiasts. They had been cracking the keys that sign the operating system binaries in an attempt to gain access and possibly expand on the features. This seems, at least a little counter productive to us. Texas Instruments doesn’t sell the operating system separately do they? These people were buying their product and expanding on it. There is no difference in their income, except possibly a gain as people flock to the one they can modify. Maybe they are charging more for an expanded feature set that is crippled in the OS.

[via slashdot]

Super Game Boy Boot ROM Dumped

September 18, 2009 by Mike Szczys 31 Comments

gameboy_boot_rom_dump_hardware

[Costis] managed to dump a copy of the boot ROM for the Nintendo Super Game Boy. This small piece of code (256 bytes) writes a graphic to the display at boot time as it loads the ROM on the game cartridge. He was able to dump the code by finding the exact point at which the device locks down the boot ROM. Just as that point approached he overclocked the device causing it operate so fast it couldn’t write the lockout bits into the register. Once past that single point of security, he executes a code that writes the boot rom out to a different address that he is able to read from. He’s got a copy of the dump along with the explanation up for your enjoyment.

[Thanks Anthony]

SecurityTube – A YouTube For Hacks

September 15, 2009 by Brett Haddock 19 Comments

securitytube

SecurityTube is a site which has recently caught our attention. The site has quite a variety of videos from various sources related to security and hacking. Videos range from DEFCON talks, to documentaries, step by step how tos, and even proof of concept vulnerability videos. It’s certainly a great resource for anyone looking for something a bit more involved then a plain text writeup, and offers a way for you to catch those hacker conference talks you missed. Many of the videos come with a bit of a background information as well, so it’s far more informative then your regular YouTube videos. This site is certainly going to become a very valuable resource for many people, and is certainly a great way to kill an afternoon while still learning something.

Android App “tests” Windows Vulnerability

September 14, 2009 by Mike Szczys 48 Comments

android_windows_vulnerability_checker

An Android App for “testing” the Windows SMB2 vulnerability we covered last week has been released. For testing? Yeah right! The availability of this kind of software makes it ridiculously easy for anybody to go out and cause some havoc. Go right now and double check that your machines that run Windows Vista or Windows Server 2008 are protected (see the “workarounds” section.)

[Thanks Tom101]

Disabling Your Cell Phone’s Mic For Security

September 14, 2009 by Caleb Kraft 115 Comments

reedswitch

[Dan] set up this simple cell phone hack to disable his microphone when he’s not using his cell phone. He had read that the government can listen to you using your cell phone, even when it is off. This concerned him enough to hack into his phone. He removed the expansion port and wired the microphone to a magnetic reed switch. A strong magnet located in the screen side of his flip phone opens the circuit when he closes the phone. He notes that you could always just pop the battery out of your phone, but then you are left completely disconnected. This mod allows you to still receive phone calls.

Blue Light Special: Earn $10 By Installing Spyware

September 13, 2009 by Brett Haddock 28 Comments

sears

Ars technica is reporting on the ruling from the FTC about the software shenanigans of Kmart and Sears. The marketing geniuses behind the parent company of Sears and Kmart decided they needed more information about the users of their website. Their solution? Offering $10 to users who install their custom software which phones home with data on just about everything they do on their computer. Not content with just browsing habits of webites, the software apparently recorded everything the user did online, including secure sessions. Under the settlement (PDF) with the FTC, Sears says they will stop collecting data and promises to destroy any and all information they’ve collected so far. Selling what websites you’ve been to, how much money you have, which prescriptions you take and what products you’re interested in for the low low price of $10 seems like a bargain.