We dropped in on [Charlie Miller]’s fuzzing seminar at the end of the day yesterday. Fuzzing become a fairly popular topic in the last year and essentially involves giving a program garbage input, hoping that it will break. If it can’t handle the fake data and fails in a non-graceful fashion, you could have found a potentially exploitable bug. Fuzzing is a fairly simple idea, but as Charlie points out, without some thinking while you’re doing it it’s unlikely to be very productive.
Uncategorized355 Articles
OpenBeacon: Active RFID Platform
The OpenBeacon project is an open source hardware and software active RFID device. OpenBeacon tags consist of 2.4GHz transceivers and a PIC16F684. One use of the project was to create CCC Sputnik to show the downsides to information culled using data mining from large tracking systems. People who chose to participate and wear the Sputnik tags did so voluntarily to create a database of material for further study. The hardware schematics (PDF) for the first version tags as well as the firmware for all versions has been released. Further creative uses of the OpenBeacon project are strongly encouraged.
As a reminder, the 24C3, the 24th Chaos Communication Congress, call for participation ends on October 12th. The theme this year encompasses all hardware projects and more specifically, steampunk themed submissions. Check out the CCC events blog for more information.
I’m Gonna Die From 1000lbs Of Tile Extra
I spent most of my day laying nearly an actual ton of tile in my house. Right now it hurts to just to type. (And thanks to Marsha for the helping hand.)
[ironjungle] sent in his $20 kite cam project. (Same camera as the cat cam)
[Dan] sent along some pics of his and his friends shoverboard builds (leaf blower hover boards)
[fucter] sent along his take on my simple audio mixer how-to.
[B-Rock] sent along a little iphone sim testing performed by our buds over at tuaw.
If you’re trying to develop web content for the latest in geek swag, you might dig firebug for the iphone.
AA Powered Microcontrollers
[sprite_tm] sent in this nice little single AA battery micro-controller power hack. He’s using the uc to generate a PWM signal for a simple voltage step up circuit – the catch is that the controller has to start working before it can generate the signal. He came up with a nice little solution to this caveat – a push button start that gets things rolling once the coil charges up.
Thanks for the tips guys, keep em comin.
Blame Bluetooth
Saturday, somewhere in west virginia, the bluetooth card in my laptop keeled over. The result? No internet access in my car, so there was no Hack-a-day yesterday. I’m back online now, and I’ll try to dig up some extra stuff this week to get things back on track.
ToorCon Seattle Beta
I’m attending ToorCon Seattle Beta this weekend. Today was a single track made up of 20 minute talks. ToorCon is really best in breed when it comes to hacker conferences. Highlights follow:
Beetle, from the Shmoo, opened the conference with WiFight Club. Of course, by me mentioning that, you’re officially in WiFight Club. This will eventually become a competition that is summarized best with the phrase: “Faraday Cage Match”. He mentioned interesting projects like GNU Radio and others. I really want to see where this goes. It looks like a lot of fun.
Rodney Thayer’s talk on credit cards boiled down to this: everyone worries about internet security when doing online transactions, but that doesn’t really matter since the credit card company security policies are garbage.
Ham Radio Modding
I was pondering our archive and noticed that we’ve never given attention to some of the more interesting amateur radio hacks. I’d say that most of the amateur radios on the market are susceptible to modding. The mods generally result in a wider band of transmission or reception. I used to own an Icom 706MKII – a serious mobile rig that, after removing a diode or two, gains an extremely wide transmission band. You can find a range of mods here – most are just a quick google away. (The FCC won’t be happy if they find you using an unlicensed device, but there’s an argument for having the capability in case of emergency.)
