PSP 3000 Hacked

November 19, 2008 by Eliot 63 Comments

Peripheral manufacturer Datel has been hard at work attempting to crack the PSP 3000 since its release. They’ve developed the Lite Blue Tool battery to force the PSP into service mode so hackers can run any arbitrary code they want. According to MaxConsole, Datel performed a silicon level investigation of the PSP’s chips to determine how to break into service mode. This means they decapsulated the the chips and reverse engineered any cryptographic protections. We’d love to hear exactly what chips were being used since some are fundamentally flawed.

Silicon hacking has always been a favorite topic of ours and we suggest you check out [Chris Tarnovsky]’s decapsulation technique to learn more about it.

Iphone-dev Team 3G Soft Unlock Coming Soon

November 19, 2008 by Eliot 11 Comments

[vimeo 2291914]

The iphone-dev team has officially stated “all that remains is implementation“. They’ve developed all the pieces they need to perform a software unlock for the iPhone 3G, now it’s just a matter of putting them together in user friendly fashion. They’ve managed to run unsigned code on the baseband, developed custom AT tools, and are now showing injection of a background task. They will combine all of these techniques to override the carrier lock baseband code. As usual, they warn against performing any official firmware updates to the phone.

Clickjacking Webcast Tomorrow

November 19, 2008 by Eliot 2 Comments

[Jeremiah Grossman] and [Eric Lawrence] will be presenting on clickjacking and browser security in an online seminar tomorrow. Clickjacking allows an attacker to transparently place links exactly where a user would be clicking, essentially forcing the user to perform actions without their knowledge. This method of attack has been known for a few years, but researchers have focused their attention on it lately because they feel the threat has been underestimated. Recently, Adobe patched a vulnerability specifically because of this issue. Tune in tomorrow for more info on the attack.

Hacking At Random 2009 Dates Announced

November 18, 2008 by Eliot 3 Comments

Hacking at Random, an international technology and security conference, has just announced the dates for their 2009 event. The four day outdoor technology camp will be held August 13-16 near Vierhouten, Netherlands. HAR2009 is brought to you by the same people who held What the Hack, which we covered in 2005. They’ve done this every four years for the last 20. We’ll be sure to attend. We loved CCCamp in Germany last year and plan on attending ToorCamp in Seattle this year too.

[photo: mark]

Google Explains Android Patches

November 13, 2008 by Eliot 6 Comments

g11

Google has been trickling out info about what they’re actually fixing in the G1 firmware updates. Before RC29, users were able to bypass the phone lock using safe mode. RC29 also brought WebKit up to date, presumably patching the bug [Charlie Miller] found. RC30 takes care of root console problem. Unfortunately there are very few details as to what or how particular items were broken. This release method leaves much to be desired; having the official Android Security Announcements group be the absolute last place to get security news is asinine.

[photo: tnkgrl]

Recovering Photos With PhotoRec

November 12, 2008 by Eliot 17 Comments

photorec

A coworker approached us today with a corrupted SD card. It was out of her digital camera, and when plugged in, it wasn’t recognized. This looked like the perfect opportunity to try out [Christophe Grenier]’s PhotoRec. PhotoRec is designed to recover lost files from many different types of storage media. We used it from the command line on OSX, but it works on many different platforms.

It’s a fairly simple program to use. We plugged in the card and launched PhotoRec. We were prompted to select which volume we wanted to recover. We selected “Intel” as the partition table. PhotoRec didn’t find any partitions, so we opted to search the “Whole disk”. We kept the default filetypes. It then asked for filesystem type where we chose “Other” because flash is formatted FAT by default. We then chose a directory for the recovered files and started the process. PhotoRec scans the entire disk looking for known file headers. It uses these to find the lost image data. The 1GB card took approximately 15 minutes to scan and recovered all photos. This is really a great piece of free software, but hopefully you’ll never have to use it.

Company Shutdown Causes 2/3rds Drop In All Spam

November 12, 2008 by Eliot 26 Comments

The Washington Post is reporting that the shutdown of one hosting company has caused the total volume of spam to drop by 2/3rds. The company in question is McColo Corp. Both Hurricane Electric and Global Crossing pulled the plug today after a damning report revealed a number of illegal activities happening on McColo’s servers. McColo already had a reputation with the security community. When contacted about abuse, the company would often shift servers to new IP ranges instead of shutting them down. Although not the main source of spam, the company was host to many botnet control servers and phishing sites.

[photo: mattdork]

[via Waxy]