Team Hack-A-Day is now ranked #620 and climbing. Shouldn’t you be folding?

Music Thing has a couple cool videos featuring live looping. If you want a little history try Bassline Baseline, the story of the 303. It starts off slow, but is pretty interesting. [via Screenhead]

Screenhead also has the very humorous Massachusetts Turnpike hacking.

[John Tokash] has been poking around under the Micro’s faceplate. It has a 5V connection, but he hasn’t been able to get a reading. Nintendo is known for novel feedback systems so I’m guessing they’ll be releasing games that come with special faceplates that light up at appropriate times.

I wish I had seen OpenSourceCMS when set up my first website. It lets you test drive default installs of different CMS. [via Download Squad]

Treehugger needs you to vote on their DIY Eco-Tech Contest.

[Pat]’s fridge/freezer/speaker

Multiple weird projects (lacking details grr) [crowre]

[brainpilgrim]’s take on noise canceling headphones

Yet another laptop cooler [thanks Jeshii]

How-to reserve library books ASAP [Micah c.]

Continue reading “Hackaday Links” →

The Toorcon website now has all of the presentation materials posted. I’ve updated all of our Toorcon posts with the appropriate links (the WEP frag attack has code). They’ve added some more photo galleries, too.

Continue reading “Toorcon Slides Update” →

You may have heard that MasterCard is rolling out swipeless cards. I was alarmed by the quote: “point to the success of ExxonMobil’s SpeedPass system”. You mean the RFID system that was cracked and TI refused to acknowledge? There has been other RFID spoofing work that has proven that the action of reading the card makes it more insecure. What do you think of this new rollout and what percentage of your body will you be covering in tinfoil (freezer grade, shiny side out)?

Continue reading “Ask Hack-A-Day” →

It looks like the Folding@Home Team Hack-A-Day has broken into the top 800. EOC is now tracking the progress of team members. Great job team! If you want to join up, just follow [BillyTheImpaler]’s great how-to.

On that note: If you’ve got a topic you think other readers would be interested in, feel free to write it up and contribute.

[Ozmotear] has a photoset showing users cheating Digg. Hmm

Toorcon was a really a wonderful experience. I met lots of readers and other interesting people in a very social environment. It’s really cheap and I would encourage you too attend next year.

I’ve posted the few photos I have to Flickr. While you are over there you might as well join the Hack-A-Day photo pool. Quinn’s photos are much better than mine; I didn’t have to haul around a Canon EOS D30 though. Pictures of me: one, two. The guys from EVDO-Coverage also have a photostream. They provided EVDO to hackers in need at the conference and will probably be sending me some fun hardware to play with.

I’ll be updating the posts with slides as soon as they get posted.

Once again: I’d like to thank the organizers, speakers, and Hack-A-Day readers for making the conference such a fun time. I hope to see everyone again at REcon, Shmoocon, and Toorcon next year.

That’s it for Toorcon coverage. Back to business as usual tomorrow.

UPDATE: Slides

Dan Kaminsky was wondering most of the weekend what I would post about Toorcon. If there’s one thing I learned it is this: Dan Kaminsky is nuts. The future projects and other theory that comes out of his mouth is awesome. I had a great time hanging out with him. His talk was similar to the one from this year’s Blackhat (slides here).

Dan started by discussing the breaking of MD5. In ’96 MD5 was theoretically broken and in ’04 two example “vectors” were released with the same MD5. Many denied that this was a problem since it was just a “toy” case so Dan set out to implement it. Once there is a collision anything appended to the vectors will also collide. Browsers are really good about attempting to render anything they’re given no matter how full of crap it is, this is the Geocities feature. Dan’s demo takes two web pages, appends a bunch of crap to both and uses Javascript to maintain the look of the original. The end result is two webpages with the same MD5.

He also covered fragmentation attacks to bypass IDS, his massive scanning project and visualizing the resulting data.

Continue reading “TC7 Day 2 – Black Ops 2005” →

UPDATE: Slides

Major Malfunction’s infrared hacking is considered a “must-see” talk. His interest in IR was piqued when he bought a new car and could no longer replay the IR remote code with his Palm III to unlock the doors. So he started investigating rolling code remotes and other IR based devices. Modern hotels usually have the room services system built into the tv. Maintenance and house keeping can use specialized remotes to perform administrative functions. There is no security so you just need to find the specialized codes. He read one code and found out it was 14bits. It would take nine hours to check all possible codes by hand. Of course not all 16,384 possible codes do something. Major took the “ON” code, started flipping bits and testing to see if the code still worked. If it still works it means the bit is ignored. It turned out that only 10bits were actually being used. Testing that many codes only takes 35 minutes. Once completed you can do things like modifying your room bill or someone else’s even view all of the pay-per-view movies. The “read” link goes to a recent Wired interview.

Continue reading “TC7 Day 2 – Old Skewl Hacking – Infrared” →