Category Archives: security hacks

John McMaster Explains Crypto Ignition Phone Keys and How to Reproduce Them

When you’re a nation state, secure communications are key to protecting your sovereignty and keeping your best laid plans under wraps. For the USA, this requirement led to the development of a series of secure telephony networks over the years. John McMaster found himself interested in investigating the workings of …read more

Continue reading

Posted in 2019 Hackaday Superconference, CIK, cons, crypto, cryptography, security hacks, stu-iii, Supercon | Leave a comment

The ESP32, Laid Bare

Most readers will be familiar with the ESP32, Espressif’s dual-core processor with integrated WiFi and Bluetooth. Few of us though will have explored all of its features, including its built-in encryption facilities and secure booting capability. With these, a developer can protect and secure their code, and keep their devices …read more

Continue reading

Posted in ESP32, glitching, Microcontrollers, news, security, security hacks | Leave a comment

This Week in Security: Fuzzing Fixes, Foul Fonts, TPM Timing Attacks, and More!

An issue was discovered in libarchive through Google’s ClusterFuzz project. Libarchive is a compression and decompression library, widely used in utilities. The issue here is how the library recovers from a malformed archive. Hitting an invalid header causes the memory in use to be freed. The problem is that it’s …read more

Continue reading

Posted in bitlocker, fuzzing, Hackaday Columns, news, security hacks, This Week in Security, Zombieload | Leave a comment

File Compression By Steganography

In a world with finite storage and an infinite need for more storage space, data compression becomes a very necessary problem. Several algorithms for data compression may be more familiar – Huffman coding, LZW compression – and some a bit more arcane.

[Labunsky] decided to put to use his knowledge …read more

Continue reading

Posted in file compression, JPEG, security hacks, Software Development, software hacks, steganography | Leave a comment

᠎This sentence ​‌‌‍​​᠎​​​isn’t just a sentence

Some sentences have more than meets the eye, and we’re not talking about interpretive nonsense. Rather, some sentences may contain up to four paragraphs’ worth of hidden text, invisible to readers.

Thanks to Zero Width Obfuscation, it is possible to use Zero Width Characters – Unicode characters that are invisible …read more

Continue reading

Posted in browser extension, obfuscation, security hacks, software hacks, steganography | Leave a comment

This Week in Security: Is RSA Finally Broken? The Push for Cloud Accounts, Encrypted DNS, and More Mobile Mayhem

Ever wondered what “cyberwar” looks like? Apparently it’s a lot of guessing security questions and changing passwords. It’s an interesting read on its own, but there are some interesting clues if you read between the lines. A General in the know mentioned that Isis:

clicked on something or they did

…read more

Continue reading

Posted in dns, Hackaday Columns, microsoft, quantum computing, quantum supremacy, security hacks | Leave a comment

Keeping Kids in School the Smart Way

For institutions with high traffic, such as schools and movie theaters, it can be difficult to keep track of individuals moving in and out, especially without a critical mass of security. For schools especially, keeping track of student attendance and preventing kids from leaving campus in the middle of the …read more

Continue reading

Posted in 2019 Hackaday Prize, africa, fingerprint reader, Raspberry Pi, RFID card, schools, security hacks, The Hackaday Prize, Tunisia | Leave a comment

This Week in Security: Patch Monday Mysteries, CentOS 8 and CentOS Stream, Russian Surveillance, and CSRF

So first off this week is something of a mystery. Microsoft released an out-of-cycle patch for Internet Explorer. The exploitability assessment from Microsoft indicates that this bug is under active exploitation, but not many details are available. Let’s take a look at what information has been released, and see what …read more

Continue reading

Posted in CentOS, csrf, Hackaday Columns, security hacks, This Week in Security | Leave a comment

FIDO2: The Dream Of Password-Free Authentication On The WWW

Of all the things which are annoying about the modern World Wide Web, the need to create and remember countless passwords is on the top of most people’s lists. From dozens of passwords for everything from social media sites to shopping, company, and productivity-related platforms like Github, a large part …read more

Continue reading

Posted in authentication, biometrics, ctap, Featured, fido2, Interest, news, online security, Original Art, password-free, passwords, security hacks, two-factor authentication, U2F | Leave a comment

This Week in Security: Zeroconf Strikes Again, Lastpass Leaks your Last Password, And All Your Data is Belong to Us

VoIP cameras, DVRs, and other devices running the Web Services Dynamic Discovery (WSDD) protocol are being used in a new type of DDoS attack. This isn’t the first time a zeroconf service has been hijacked as part of a DDoS, as UPnP has also been abused in similar ways.

Feel …read more

Continue reading

Posted in ddos, elasticsearch, Hackaday Columns, lastpass, security hacks, This Week in Security | Leave a comment