Category Archives: security hacks

Foreshadow: The Sky Is Falling Again for Intel Chips

It’s been at least a month or two since the last vulnerability in Intel CPUs was released, but this time it’s serious. Foreshadow is the latest speculative execution attack that allows balaclava-wearing hackers to steal your sensitive information. You know it’s a real 0-day because it already has a domain, a logo, and this time, there’s a video explaining in simple terms anyone can understand why the sky is falling. The video uses ukuleles in the sound track, meaning it’s very well produced.

The Foreshadow attack relies on Intel’s Software Guard Extension (SGX) instructions that allow user code to allocate …read more

Continue reading

Posted in cpu, foreshadow, intel, intel CPU, Meltdown, news, security, security hacks, Spectre | Leave a comment

Screaming Channels Attack RF Security

As long as there has been radio, people have wanted to eavesdrop on radio transmissions. In many cases, it is just a hobby activity like listening to a scanner or monitoring a local repeater. But in some cases, it is spy agencies or cyberhackers. [Giovanni Camurati] and his colleagues have been working on a slightly different way to attack Bluetooth radio communications using a technique that could apply to other radio types, too. The attack relies on the ubiquitous use of mixed-signal ICs to make cheap radios like Bluetooth dongles. They call it “Screaming Channels” and — in a nutshell …read more

Continue reading

Posted in bluetooth, cybersecurity, security hacks, tempest, wireless hacks, wireless security | Leave a comment

Ask Hackaday: What Is The Future Of Implanted Electronics?

Biohacking is the new frontier. In just a few years, millions of people will have implanted RFID chips under the skin between their thumb and index finger. Already, thousands of people in Sweden have chipped themselves to make their daily lives easier. With a tiny electronic implant, Swedish rail passengers can pay their train ticket, and it goes without saying how convenient opening an RFID lock is without having to pull out your wallet.

That said, embedding RFID chips under the skin has been around for decades; my thirteen-year-old cat has had a chip since he was a kitten. Despite …read more

Continue reading

Posted in Interest, Medical hacks, Original Art, rfid, security hacks, Wearables | Leave a comment

“Watch Dogs” Inspired Hacking Drone Takes Flight

They say that life imitates art, which in modern parlance basically means if you see something cool in a video game, movie or TV show, you might be inclined to try and build your own version. Naturally, such things generally come in the form of simple props, perhaps with the occasional embedded LED or noise making circuit. It’s not as if you can really build a phaser from Star Trek or a phone booth that’s bigger on the inside.

But after seeing the hacking quadcopter featured in the video game Watch Dogs 2, [Glytch] was inspired to start work …read more

Continue reading

Posted in penetration testing, pineapple, quadcopter, security hacks | Leave a comment

Explaining Efail and Why It Isn’t the End of Email Privacy

Last week the PGPocalipse was all over the news… Except that, well, it wasn’t an apocalypse.

A team of researchers published a paper(PDF) where they describe how to decrypt a PGP encrypted email via a targeted attack. The research itself is pretty well documented and, from a security researcher perspective, it’s a good paper to read, especially the cryptography parts.

But we here at Hackaday were skeptical about media claims that Efail had broken PGP. Some media reports went as far as recommending everyone turn off PGP encryption on all email clients., but they weren’t able to back this recommendation …read more

Continue reading

Posted in html, news, Original Art, PGP, security hacks, vulnerabilities, vulnerability | Leave a comment

DIY Pi Zero Pentesting Tool Keeps it Cheap

It’s a story as old as time: hacker sees cool tool, hacker recoils in horror at the price of said tool, hacker builds their own version for a fraction of the price. It’s the kind of story that we love here at Hackaday, and has been the impetus for countless projects we’ve covered. One could probably argue that, if hackers had more disposable income, we’d have a much harder time finding content to deliver to our beloved readers.

[ Alex Jensen] writes in to tell us of his own tale of sticker shock induced hacking, where he builds his own …read more

Continue reading

Posted in key injection, pentesting, PiBunny, Raspberry Pi, rspiducky, security hacks, tool hacks | Leave a comment

A Home Network, Security System, And A Hidden Room Behind A Bookcase

Ok, now this is something special. This is a home network and security system that would make just about anyone stop, and with jaw hanging agape, stare, impressed at the “several months of effort” it took [timekillerjay] to install their dream setup. Just. Wow.

Want a brief rundown of the diverse skill set needed to pull this off? Networking, home security, home automation, woodworking, running two thousand feet(!) of cat 6a cable, a fair hand at drywall work for the dozens upon dozens of patches, painting, staining, and — while not a skill, but is definitely necessary — an amazingly …read more

Continue reading

Posted in home, home hacks, magnetic lock, Network Hacks, Raspberry Pi, security, security hacks, ups, woodworking | Leave a comment

Battery Backup Conceals a Pentesting Pi

Over the last few years one thing has become abundantly clear: hackers love cramming the Raspberry Pi into stuff. From classic game systems to mirrors, there’s few places that haven’t been invaded by everyone’s favorite Linux SBC. From the inspired to the bizarre, we’ve brought such projects to your attention with minimal editorialization. As we’ve said before: it’s not the job of Hackaday to ask why, we’re here to examine how.

That said, some builds do stand out from the crowd. One such project is the “Pentesting BBU Dropbox” which [b1tbang3r] has recently posted to Hackaday.io. Noticing the battery …read more

Continue reading

Posted in pentesting, Raspberry Pi, security hacks, TRENDnet, ups | Leave a comment

Fix Your Insecure Amazon Fire TV Stick

I recently spent a largely sleepless night at a hotel, and out of equal parts curiosity and boredom, decided to kill some time scanning the guest network to see what my fellow travelers might be up to. As you’d probably expect, I saw a veritable sea of Samsung and Apple devices. But buried among the seemingly endless number of smartphones charging next to their sleeping owners, I found something rather interesting. I was as picking up a number of Amazon-made devices, all of which had port 5555 open.

As a habitual Android tinkerer, this struck me as very odd. Port …read more

Continue reading

Posted in home entertainment hacks, security hacks, streaming | Leave a comment

Hide Secret Messages In Plain Sight With Zero-Width Characters

Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you don’t know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text — the classic canary trap.

Here’s a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, …read more

Continue reading

Posted in security hacks, software hacks, text, zero width, zwfp | Leave a comment