Security Hacks

1522 Articles

Laptop Containing 33,000 Clear Users Information Stolen

August 6, 2008 by 17 Comments

Security 101: Never put unencrypted sensitive information on a laptop and expect that it’s safe. Especially if you are the TSA. Recently, the TSA announced that a laptop was stolen from San Francisco International Airport containing “pre-enrollment records of approximately 33,000 customers” for the Clear Trusted Traveler Program. For $100 per year, the Clear Program enables travelers to get through airport security faster by showing TSA officers their Clear Registered Traveler Card and going through a special security line. While this program has no doubt saved many people valuable time getting through security, there are about 33,000 people who are now asking the question “Who has my personal information?”

[via schneier on security]

Edit: It looks like the laptop was found, however it is still unclear if the information on the laptop was compromised. In addition to basic personal information (Name, Address, Birthday, etc.), the laptop also contained drivers license, passport, green card information about clear users. You can check out the story here. Credits to [AudioCraz-Z] for the link.

Defcon 16: Badge Details Released

August 5, 2008 by 16 Comments


Defcon will once again be one-upping the sophistication of the conference attendee badges. Wired has just published a preview of this year’s badge. The core is a Freescale Flexis MC9S08JM60 processor. The badge has an IR transmitter and receiver on the front plus eight status LEDs. On the back (pictured below), there is a mode select button, CR123A battery, Data Matrix barcode, and an SD card slot. You can add a USB port to the badge and upload code to it using the built in USB bootloader. All the dev tools needed will be included on the conference CD or you can download the IDE in advance. The low barrier to entry should lead to some interesting hacks. In previous years, you needed a special dongle to program the hardware. There is no indication as to what the badge does out of the box. Releasing the badge early is a first for Defcon and the one pictured isn’t the attendee color, but we’re sure someone will still come up with a clone.

Now comes the fun part: What do you think the best use of this badge will be? Would Defcon be so cavalier as to equip everyone in the conference with a TV-B-Gone? I think our favorite possibility is if someone finds a security hole and manages to write an IR based worm to take over all the badges.

Defcon 14 introduced the first electronic badge which blinked in different patterns. Defcon 15 had a 95 LED scrolling marquee. [Joe Grand] will be posting more specific Defcon 16 badge details to his site after the opening ceremony. Check out more high resolution photos on Wired.

Continue reading “Defcon 16: Badge Details Released”

Magnetic Stripe Card Spoofer

August 4, 2008 by 25 Comments

After building a USB magnetic stripe reader, [David Cranor] has found a way to fool a magnetic stripe reader using a hand-wound electromagnet and an iPod. The data on a card is read and stored on a computer, then encoded as a WAV file using a C++ program. The iPod plays the WAV file with the data through a single-stage opamp amplifier connected to the headphone jack. The amplifier is used to drive the electromagnet. Video embedded after the jump.

By no means is this a new idea. There have been a lot of mangetic stripe projects and software. This project in particular references the 1992 Phrack article “A Day in the Life of a Flux reversal” by [Count Zero].

Don’t get your hopes up just yet on strolling through high security installations using this little device. It can only replay the data from a card that has been recorded. If you don’t have a known working card, it won’t get you very far.

Continue reading “Magnetic Stripe Card Spoofer”

The GIFAR Image Vulnerability

August 4, 2008 by 7 Comments


Researchers at NGS Software have come up with a method to embed malicious code into a picture. When viewed, the picture could send the attacker the credentials of the viewer. Social sites like Facebook and Myspace are particularly at risk, but the researchers say that any site which includes log ins and user uploaded pictures could be vulnerable. This even includes some bank sites.

The attack is simply a mashup of a GIF picture and a JAR (Java applet). The malicious JAR is compiled and then combined with information from a GIF. The GIF part fools the browser into opening it as a picture and trusting the content. The reality is, the Java VM recognizes the JAR part and automatically runs it.

The researchers claim that there are multiple ways to deal with this vulnerability. Sun could restrict their Virtual Machine or web applications could continually check and filter these hybrid files, but they say it really needs to be addressed as an issue of browser security. They think that it is not only pictures at risk, but nearly all browser content.
More details on how to create these GIFARs will be presented at this week’s Black Hat conference in Las Vegas.

Getting Around The Great Firewall Of China

August 3, 2008 by 15 Comments

[Zach Honig] is a photographer in Beijing covering the Olympics. In light of recent allegations of the Chinese government installing monitoring software and hardware in foreign-owned hotels, the necessity of protecting one’s information has become vital and urgent, especially for journalists and photographers. [Honig] provides some suggestions for circumventing the infamous Great Firewall of China; surfing the internet through a secure VPN connection and using a proxy such as PHProxy will allow users to visit websites that have been banned within China. Such simple tricks could mean the difference between not being able to find necessary information, and the ability to surf the internet freely and openly.

[via Digg]

Exposing Poorly Redacted PDFs

August 1, 2008 by 19 Comments


Privacy watchdog group, National Legal and Policy Center has released a PDF detailing Google founder Larry Page’s home (dowload PDF here). They used Google’s Maps and Street View to assemble all of the information. Google is currently involved in a lawsuit resulting from a Street View vehicle traveling and documenting a private road. This PDF was released in response to Google stating that “complete privacy does not exist”.

For some reason the PDF is redacted with black boxes. We threw together a simple screencast (click through for HiDef) to show how to easily bypass the boxes using free tools. You can simply cut and paste the hidden text and images can be copied as well-no need to break out Illustrator. This sort of redaction may seem trivial, but the US military has fallen victim to it in the past.

Essential Bluetooth Hacking Tools

August 1, 2008 by 9 Comments

Security-Hacks has a great roundup of essential Bluetooth hacking tools. As they point out, Bluetooth technology is very useful for communication with mobile devices. However, it is also vulnerable to privacy and security invasions. Learning the ins and outs of these tools will allow you to familiarize yourself with Bluetooth vulnerabilities and strengths, and enable you to protect yourself from attackers. The list is separated into two parts – tools to detect Bluetooth devices, and tools to hack into Bluetooth devices. Check out BlueScanner, which will detect Bluetooth-enabled devices, and will extract as much information as possible from those devices. Other great tools to explore include BTCrawler, which scans for Windows Mobile devices, or Bluediving, which is a Bluetooth penetration suite, and offers some unique features like the ability to spoof Bluetooth addresses, and an L2CAP packet generator. Most of the tools are available for use with Linux platforms, but there are a few you can also use with Windows.

[via Digg]