In the course of a career, you may run up against projects that get cancelled, especially those that are interesting, but deemed unprofitable in the eyes of the corporate overlords. Most people would move, but [Ron Avitzur] just couldn’t let it go.
In 1993, in the midst of the transition to PowerPC, [Avitzur]’s employer let him go as the project they were contracted to perform for Apple was canceled. He had been working on a graphing calculator to show off the capabilities of the new system. Finding his badge still allowed him access to the building, he “just kept showing up.”
[Avitzur] continued working until Apple Facilities caught onto his use of an abandoned office with another former contractor, [Greg Robbins], and their badges were removed from the system. Not the type to give up, they tailgated other engineers into the building to a different empty office to continue their work. (If you’ve read Kevin Mitnick‘s Ghost in the Wires, you’ll remember this is one of the most effective ways to gain unauthorized access to a building.)
We’ll let [Avitzur] tell you the rest, but suffice it to say, this story has a number of twists and turns to it. We suspect it certainly isn’t the typical way a piece of software gets included on the device from the factory.
If there was one question we heard most often this week, it was “Did you see it?” With “it” referring to the stunning display of aurora borealis — and australis, we assume — on and off for several days. The major outburst here in North America was actually late last week, with aurora extending as far south as Puerto Rico on the night of the tenth. We here in North Idaho were well-situated for prime viewing, but alas, light pollution made things a bit tame without a short drive from the city lights. Totally worth it:
Hat tip to Tom Maloney for the pics. That last one is very reminiscent of what we saw back in 1989 with the geomagnetic storm that knocked Québec’s grid offline, except then the colors were shifted much more toward the red end of the spectrum back then.
We all know the Hollywood trope of picking a lock with a paperclip, and while it certainly is doable, most reputable locks require slightly more sophisticated tools to pick effectively. That’s not to say that wire is off the table for locksports, though, as this cool lock-picking robot demonstrates.
The basics behind [Sparks and Code]’s design are pretty simple. Locks are picked by pushing pins up inside the cylinder until they line up with the shear plane, allowing the cylinder to turn. Normally this is done a pin at a time with a specialized tool and with a slight bit of torque on the cylinder. Here, tough, thin, stiff wires passing through tiny holes in a blade shaped to fit the keyway are used to push all the pins up at once, eliminating the need to keep tension on the cylinder to hold pins in place.
Sounds simple, but in practice, this looks like it was a nightmare. Getting five wires to fit into the keyway and guiding them to each pin wasn’t easy, nor was powering the linear actuators that slide the wires in and out. Applying torque to the lock was a chore too; even though tension isn’t needed to retain picked pins, the cylinder still needs to rotate, which means moving the whole picking assembly. But the biggest problem by far seems to be the fragility of the blade that goes into the keyway. SLA might not be the best choice here; perhaps the blade could be made from two thin pieces of aluminum with channels milled on their faces and then assembled face-to-face.
The robot works, albeit very slowly. This isn’t [Sparks and Code]’s first foray into robot lock picking. His previous version attempted to mimic how a human would pick a lock, so this is really thinking outside the box.
Who’d have thought that $30 doorbell cameras would end up being security liabilities? That’s the somewhat obvious conclusion reached by Consumer Reports after looking at some entry-level doorbell cameras available through the usual outfits and finding glaring security gaps which are totally not intentional in any way.
All these cameras appear to be the same basic hardware inside different enclosures, most supporting the same mobile app. Our favorite “exploit” for these cameras is the ability to put them into a pairing mode with the app, sometimes by pressing a public-facing button. Slightly more technically challenging would be accessing images from the app using the camera’s serial number, or finding file names being passed in plain text while sniffing network traffic. And that’s just the problems CR identified; who knows what else lurks under the covers? Some retailers have stopped offering these things, others have yet to, so buyer beware.
Speaking of our techno-dystopian surveillance state, if you’ve had it with the frustrations and expense of printers, has Hewlett-Packard got a deal for you. They want you to never own a printer again, preferring that you rent it from them instead. Their “All-In Plan” launched this week, which for $6.99 a month will set up up with an HP Envy inkjet printer, ink deliveries, and 24/7 tech support. It doesn’t appear that paper is included in the deal, so you’re on your own for that, but fear not — you won’t go through much since the entry-level plan only allows 20 prints per month. Plans scale up to 700 prints per month from an OfficeJet Pro for the low, low price of $36. The kicker, of course, is that your their printer has to be connected to the Internet, and HP can pretty much brick the thing anytime they want to. The terms of service also explicitly state that they’ll be sending your information to advertising partners, so that’ll be fun. This scheme hearkens back to the old pre-breakup days of AT&T, where you rented your phone from the phone company. That model made a lot more sense when the phone (probably) wasn’t listening in on everything you do. This just seems like asking for trouble.
It’s been a while since Ingenuity‘s final rough landing on Mars permanently grounded the overachieving helicopter, long enough that it’s time for the post-mortem analyses to begin. The first photographic evidence we had was a shadowgram from one of the helicopter’s navigational cameras, showing damage to at least one of the rotor tips, presumably from contact with the ground. Then we were treated to a long-distance shot from Ingenuity‘s rover buddy Perseverance, which trained its MASTCAM instruments on the crash zone and gave us a wide view of its lonely resting place.
Now, geovisual design student [Simeon Schmauβ] has taken long shots made with the rover’s SuperCam instrument and processed them into amazingly detailed closeups, which show just how extensive the damage really is. One rotor blade sheared clean off on contact, flying 15 meters before gouging a hole in the regolith. Another blade looks to be about half gone, while the remaining two blades show the damaged tips we’ve already seen. That the helicopter is still on its feet given the obvious violence of the crash is amazing, as well as an incredible piece of luck, since it means the craft’s solar panel is pointing in roughly the right direction to keep it powered up.
A growing number of manufacturers are locking perfectly good hardware behind arbitrary software restrictions. While this ought to be a bigger controversy, people seem to keep paying for things like printers with ink subscriptions, cameras with features disabled in firmware, or routers with speed restrictions, ensuring that this practice continues. Perhaps the most blatant is car manufacturers that lock features such as heated seats or even performance upgrades in the hopes of securing a higher price for their vehicles. This might be a thing of the past for Teslas, whose software has been recently unlocked by Berlin IT researchers.
Researchers from Technische Universität Berlin were able to unlock Tesla’s driving assistant by inducing a two-microsecond voltage drop on the processor which allowed root access to the Autopilot software. Referring to this as “Elon mode” since it drops the requirement for the driver to keep their hands on the steering wheel, they were able to access the full self-driving mode allowing autonomous driving without driver input. Although this might be a bad idea based on the performance of “full self-driving” in the real world, the hack at least demonstrates a functional attack point and similar methods could provide free access to other premium features.
While the attack requires physical access to the vehicle’s computer and a well-equipped workbench, in the short term this method might allow for owners of vehicles to use hardware they own however they would like, and in the long term perhaps may make strides towards convincing manufacturers that “features as a service” isn’t a profitable strategy. Perhaps that’s optimistic, but at least for Teslas it’s been shown that they’re not exactly the most secured system on four wheels.
By this point, we probably all know that most AI chatbots will decline a request to do something even marginally nefarious. But it turns out that you just might be able to get a chatbot to solve a CAPTCHA puzzle (Nitter), if you make up a good enough “dead grandma” story.
Right up front, we’re going to warn that fabricating a story about a dead or dying relative is a really bad idea; call us superstitious, but karma has a way of balancing things out in ways you might not like. But that didn’t stop X user [Denis Shiryaev] from trying to trick Microsoft’s Bing Chat. As a control, [Denis] first uploaded the image of a CAPTCHA to the chatbot with a simple prompt: “What is the text in this image?” In most cases, a chatbot will gladly pull text from an image, or at least attempt to do so, but Bing Chat has a filter that recognizes obfuscating lines and squiggles of a CAPTCHA, and wisely refuses to comply with the prompt.
On the second try, [Denis] did a quick-and-dirty Photoshop of the CAPTCHA image onto a stock photo of a locket, and changed the prompt to a cock-and-bull story about how his recently deceased grandmother left behind this locket with a bit of their “special love code” inside, and would you be so kind as to translate it, pretty please? Surprisingly, the story worked; Bing Chat not only solved the puzzle, but also gave [Denis] some kind words and a virtual hug.
Now, a couple of things stand out about this. First, we’d like to see this replicated — maybe other chatbots won’t fall for something like this, and it may be the case that Bing Chat has since been patched against this exploit. If [Denis]’ experience stands up, we’d like to see how far this goes; perhaps this is even a new, more practical definition of the Turing Test — a machine whose gullibility is indistinguishable from a human’s.
This talk at Chaos Communications Camp 2023 is probably everything you want to know about eSIM technology, in just under an hour. And it’s surprisingly complicated. If you’ve never dug into SIMs before, you should check out our intro to eSIMs first to get your feet wet, but once you’re done, come back and watch [LaForge]’s talk.
In short, the “e” stands for “embedded”, and the eSIM is a self-contained computer that virtualises everything that goes on inside your plain-old SIM card and more. All of the secrets that used to be in a SIM card are stored as data on an eSIM. This flexibility means that there are three different types of eSIM, for machine-to-machine, consumer, and IoT purposes. Because the secret data inside the eSIM is in the end just data, it needs to be cryptographically signed, and the relevant difference between the three flavors boils down to three different chains of trust.
Whichever eSIM you use, it has to be signed by the GSM Alliance at the end of the day, and that takes up the bulk of the talk time in the end, and in the excellent Q&A period at the end where the hackers who’ve obviously been listening hard start trying to poke holes in the authentication chain. If you’re into device security, or telephony, or both, this talk will open your eyes to a whole new, tremendously complex, playground.
