Careful! That Gas Pedal Is A Nexus One

Indeed, the gizmo above is meant to be used as a gas pedal. [Grant Skinner] came up with the idea to control slot cars using an Android phone as a gas pedal. He coded the software for the handset and a computer using Adobe AIR. Once connected, the computer is sent the accelerometer data from the phone, relaying the speed control to the slot car track with the aid of a Phidgets motor controller. See it ‘go’ after the break.

We’ve seen the Phidgets board used in several projects like the augmented vending machine and the plotter white board. What we haven’t seen is hacks that make use of AIR, a framework we looked at two years ago. If you’ve got hacks that make use of AIR we want to hear about them.

Continue reading “Careful! That Gas Pedal Is A Nexus One”

Lightning Rod: Keeps You Safe From Dirty Flashers

A new open source package called Lightning Rod will help to close security exploits in Adobe’s dirty Flash code. A presentation made at the 26th Chaos Communication Congress showed that the package does its job by reviewing incoming code before the browser executes it. Heise Online is reporting that this method can block over 20 different known attacks and can even be used to filter out malicious JPG attacks. As more vulnerabilities are discovered they can be added to Lightning Rod to close the breach. This amounts to a virus scanner for Flash code. It’s great to have this type of protection but why can’t Adobe handle its security problems?

[Photo Credit]

[Thanks das_coach]

PDF Redaction Still Not Working

facebook

Facebook’s internal valuation was revealed this week thanks to shoddy PDF redaction. Court documents from a settlement between Facebook and ConnectU showed that Facebook values itself at $3.7 billion, much less than the $15 billion that was speculated during the Microsoft investment. The AP uncovered this by cutting and pasting from the redacted court document. It’s the same thing we showed in our PDF redaction screencast last summer… and it will never cease to be funny.

[photo: Bryan Veloso]

Clickjacking Webcast Tomorrow

[Jeremiah Grossman] and [Eric Lawrence] will be presenting on clickjacking and browser security in an online seminar tomorrow. Clickjacking allows an attacker to transparently place links exactly where a user would be clicking, essentially forcing the user to perform actions without their knowledge. This method of attack has been known for a few years, but researchers have focused their attention on it lately because they feel the threat has been underestimated. Recently, Adobe patched a vulnerability specifically because of this issue. Tune in tomorrow for more info on the attack.