235 posts tagged with hacking.
Displaying 1 through 50 of 235. Subscribe:

"I felt a little bit f'ed over after the last conference call with them"

In 2013 computer researcher David Kriesel discovered that certain Xerox scanners were altering numbers in the documents they scanned (MeFi post) At the recent FrOSCon, Kriesel gave an hour-long talk recounting his experiences discovering and reporting the problem, with lots of details on what it was like dealing with a large multi-national corporation like Xerox, and what the impacts and fall-out of his discovery have been. (SPOILER: Germany has eliminated JBIG2 as a legally admissible scan format.)
posted by benito.strauss on Aug 26, 2015 - 20 comments

Shhh

Following up on their promise last month to release the data they hacked from Ashley Madison (the online infidelity-enablement site) hackers have released a ship-load personal information on ASM users. The hackers claim it is more of an attack on the shady business practices of the corporation than the users. (Though in contrast to other hacks, it looks like ASM managed to do a better job of storing passwords semi-securely). But certainly a lot of people's private issues are now public, including 10,000 folks with government emails, and many writers are warning: "Don't be smug, this is only the beginning. And Wired has some useful advice on checking out if you or a loved one is among the hacked data: Don't.
posted by Potomac Avenue on Aug 19, 2015 - 389 comments

Blackhat 2015 Keynote

End of the Internet Dream? - by Jennifer Granick This field should be in the lead in evolving a race, class, age, and religiously open society, but it hasn’t been. We could conscientiously try to do this better. We could, and in my opinion should, commit to cultivating talent in unconventional places.

Today, the physical design and the business models that fund the communications networks we use have changed in ways that facilitate rather than defeat censorship and control.
posted by CrystalDave on Aug 18, 2015 - 49 comments

Notoriety and Wassenaar

Hacking Team: A Zero-Day Market Case Study
posted by alby on Jul 25, 2015 - 13 comments

Hackers Remotely Control Jeep Cherokee

Security researchers Charlie Miller (@0xcharlie) and Christopher Valasek (@nudehaberdasher) have found an exploit for Chrysler's Uconnect infotainment system allowing for remote control of many vehicle functions including climate control, audio, braking, and under certain conditions, steering. They plan to release details during a talk at next month's DEFCON 23 hacking conference. Chrysler has already issued a patch for the vulnerability, but it requires a manual update.
posted by Small Dollar on Jul 21, 2015 - 133 comments

Ashley Madison has been hacked.

Cheating website AshleyMadison has reportedly been hacked. Besides snippets of account data apparently sampled at random from among some 40 million users across ALM’s trio of properties, the hackers leaked maps of internal company servers, employee network account information, company bank account data and salary information. They want the site taken down, not because of the cheating, but because the company offers a "total delete" function and charges for it, but doesn't actually do it.
posted by nevercalm on Jul 20, 2015 - 98 comments

"Mr. The Plague, he's around, and one of my friends hollers at him"

Hackers was a financial flop, but its hilariously over-the-top early CGI visuals, oddly prescient view on technology, and glam-cyberpunk aesthetic rendered it a cult classic. To honor its 20th anniversary—at a time dogged by newfound fears about what the future of technology holds—we thought it would be fitting to bring together a group of actual hackers to screen and discuss the film. - Hackers watch "Hackers"
posted by Artw on Jun 26, 2015 - 89 comments

Cardinals vs. Astros: Information Security Edition

Last summer, ten months worth of the Houston Astros' confidential notes on trades and acquisitions leaked onto the web. The FBI now thinks the St. Louis Cardinals were behind the breach. [more inside]
posted by DirtyOldTown on Jun 16, 2015 - 64 comments

Have you turned it off and on again?

FAA (pdf link): A Boeing Model 787 airplane that has been powered continuously for 248 days can lose all AC electrical power due to the generator control units (GCUs) simultaneously going into failsafe mode. This condition is caused by a software counter internal to the GCUs that will overflow after 248 days of continuous power. We are issuing this airworthiness directive to prevent loss of all AC electrical power, which could result in loss of control of the airplane. Guardian article: "In the latest of a long line of problems plaguing Boeing’s 787 Dreamliner, which saw the company’s fleet grounded over battery issues and concerns raised over possible hacking vulnerabilities, the new software bug was found in plane’s generator-control units." [more inside]
posted by RedOrGreen on May 1, 2015 - 77 comments

People Who Could Really Break the Internet

People Who Could Really Break the Internet
posted by MattMangels on Mar 6, 2015 - 31 comments

I prefer to be called a hacker.

I Know This! is a game about movie-hacking. (via) [more inside]
posted by curious nu on Feb 20, 2015 - 8 comments

Chilling Effects

We Should All Step Back from Security Journalism. I’ll Go First. Quinn Norton (previously) responds to the sentencing of Barrett Brown (previously.) [Via]
posted by homunculus on Jan 23, 2015 - 34 comments

Redditor does the research behind the Sony Pictures hacking scandal.

Redditor CSMastermind composes an epic timeline of the Sony information breach. Well sourced, and in laymans terms. [more inside]
posted by butterstick on Dec 21, 2014 - 100 comments

I know who you are and I saw what you did.

How secure is public wi-fi? A lot less than you probably imagine.
posted by Obscure Reference on Oct 20, 2014 - 52 comments

clearly a lab computer!

Sentenced in a Swedish court, Gottfrid Svartholm Warg gets extradited to Denmark to stand trial for another case of system intrusion.

Mefi's Own, Jacob Applebaum has some choice words after his testimony in the Danish court. [more inside]
posted by xcasex on Sep 21, 2014 - 25 comments

5 million gmail accounts compromised

Last night, a hacker posted a text file on a cryptocurrency forum in Russia which contained 5 million Gmail accounts and associated passwords. It's probably time to change yours again.
posted by Chocolate Pickle on Sep 10, 2014 - 94 comments

"It seems like a dead wire leading nowhere."

How does a Dell laptop know what kind of power adapter is connected? The adapter tells it. Reverse-engineering: Hacking the Dell laptop power adapter 1, 2, 3, 4.
posted by We had a deal, Kyle on Sep 2, 2014 - 50 comments

WarKitteh

How to Use Your Cat to Hack Your Neighbor’s Wi-Fi.
posted by homunculus on Aug 9, 2014 - 59 comments

A quantum leap in computer games from Protovision.

1980s computer hacking supercut. [more inside]
posted by Chrysostom on Jul 24, 2014 - 49 comments

Estimated 20 million cyberattacks per day against locations within Utah.

Who's hacking whom? U.S.-based computer security firm Norse has released a real-time animated map that illustrates ongoing cyberattacks around the world.
posted by Obscure Reference on Jun 30, 2014 - 33 comments

"What would work even against an infosec guy? Linkedin invites."

How I Hacked Your Router
posted by the man of twists and turns on Apr 6, 2014 - 63 comments

18 million reasons to go to two-factor authentication

German authorities have discovered yet another giant database of hacked passwords. The German Federal Office for Information Security says it will have a website allowing people to check if their accounts are affected up and running by Monday. Some 3 million Germans are believed affected; there is no indication that the impact is limited to Germans or Germany. A link to an ARD article on the case is here, in German.
posted by rhombus on Apr 4, 2014 - 26 comments

The Ghost in MIT

The inside story of MIT and Aaron Swartz. The Boston Globe reviews over 7,000 pages of discovery documents in the Aaron Swartz case (previously): Most vividly, the e-mails underscore the dissonant instincts the university grappled with. There was the eagerness of some MIT employees to help investigators and prosecutors with the case, and then there was, by contrast, the glacial pace of the institution’s early reaction to the intruder’s provocation.... MIT never encouraged Swartz’s prosecution, and once told his prosecutor they had no interest in jail time. However, e-mails illustrate how MIT energetically assisted authorities in capturing him and gathering evidence — even prodding JSTOR to get answers for prosecutors more quickly — before a subpoena had been issued.... Yet if MIT eventually adopted a relatively hard line on Swartz, the university had also helped to make his misdeeds possible, the Globe review found. Numerous e-mails make it clear that the unusually easy access to the campus computer network, which Swartz took advantage of, had long been a concern to some of the university’s information technology staff.
posted by Cash4Lead on Mar 31, 2014 - 53 comments

"irresistible high-low raw material for an online news cycle"

From a small town in Romania, Guccifer skewered and glorified the power elite.
If Snowden perfectly fit the profile of geek crusader, Lehel, a stone-faced, disheveled man in a tight leather jacket, seemed an odd candidate for one of the world’s most notorious hackers. But Guccifer is to hacking what the Beatles are to rock and roll. He had predecessors, 4Chan cowboys like Anonymous and Sabu of LulzSec, but he’s changed the nature of hacking fame. Guccifer rose by exploiting the connections people make online to infiltrate the private lives of some of the most powerful people on Earth. He served up the results to the media, irresistible high-low raw material for an online news cycle driven by leaks and voyeurism and racked by anxiety over privacy.
What Is A Guccifer? [more inside]
posted by the man of twists and turns on Jan 27, 2014 - 12 comments

Aaron Swartz

Losing Aaron. "After his son was arrested for downloading files at MIT, Bob Swartz did everything in his power to save him. He couldn’t. Now he wants the institute to own up to its part in Aaron’s death." [Via]
posted by homunculus on Jan 5, 2014 - 32 comments

"they run a body of code that can be modified"

On Hacking MicroSD Cards
posted by the man of twists and turns on Dec 30, 2013 - 13 comments

The First Botnet, 25 Years Ago Today

How a grad student trying to build the first botnet brought the Internet to its knees. via
posted by nevercalm on Nov 3, 2013 - 7 comments

"This is the voice of Vrillon..."

The alien cult that hacked British TV: In 1977 a British television channel was hijacked by someone claiming to be a space alien called ‘Vrillon’. [Via]
posted by homunculus on Sep 23, 2013 - 14 comments

Innovation or Exploitation

The Limits of Computer Trespass Law (Lengthy video with audio available) "Have you ever borrowed a smartphone without asking? Modified a URL? Scraped a website? Called an undocumented API? Congratulations: you might have violated federal law!" Legal and internet thinkers (including Ed Felten, Jennifer Granick, Dan Auerbach, & others) talk about vagueness in the Computer Fraud and Abuse Act, chilling effects, and the prosecution of Aaron Swartz in a panel discussion at Stanford's Center for Internet and Society. [more inside]
posted by gauche on Aug 29, 2013 - 16 comments

How to: make a microscope from a webcam

Create a high-powered microscope from a cheap webcam by following Mark's simple step-by-step instructions. Because your microscope is connected to your computer, you can save and share your images easily.
posted by nickyskye on Aug 9, 2013 - 26 comments

Breaking: NSA conducts espionage on foreign targets

In an interview with Hong Kong's South China Morning Post, NSA leaker, Edward Snowden, claims that the US is "trying to bully the Hong Kong government" into extraditing him, and provides new documents which describe the NSA's routine hacking of targets in Hong Kong and mainland China since 2009, including regular access of large backbone networks. [more inside]
posted by pjenks on Jun 12, 2013 - 938 comments

Time to rethink keyless entry?

Police are stumped as to how thieves are breaking into cars holding small unknown devices, even when they are caught on video doing it.
posted by mathowie on Jun 12, 2013 - 88 comments

Being the nerd that I am, I was itching to crunch some badass numbers

Debarghya Das, an Indian student at Cornell, wanted to impress his friends by obtaining their examination marks for the Indian Certificate of Secondary Examination and the Indian School Certificate and, thanks to some poorly written javascript, discovers the entire database containing the grades for 200,000 Indian students, as well as potential evidence of widespread tampering.
posted by elgilito on Jun 7, 2013 - 36 comments

"Phone companies didn't think you were going to blow them up back then."

What's in the database? Roughly 1,000 records of documents related to phone phreaking history. It includes newspaper and magazine articles, letters, memos, FBI memos, audio recordings, you name it.. Extra Goodies! [more inside]
posted by shoesfullofdust on Jun 6, 2013 - 7 comments

DOS attack shuts down EVE Online for a day

A DOS attack on Sunday, 3 June caused the moderators of the MMORPGs EVE Online and Dust 514 to shut down the server cluster that hosted both games. The games were offline for most of the day and into the following morning, having just recently been restored. The COO of EVE's parent company, CCP, described the situation this way:
What we can now confirm is that a person was able to utilize a vulnerability in one of the back-end services that support the operation of the Tranquility server. This vulnerability has now been secured and thoroughly tested. We would like to stress that at no time was customer data compromised or accessible in any way. The effort of returning the complex server structure of the EVE Universe and associated websites to service in a methodical and highly-scrutinized fashion began hours ago and Tranquility has now been brought online (at 10:13 UTC). Our teams will monitor the situation carefully in the coming hours to ensure that our services are accessible and that all customer data remains secure.
CCP also took the precaution of shutting down the games' websites, and so communicated with players via Twitter ("Your patience has been legendary and appreciated.") and its Facebook page. [more inside]
posted by Gelatin on Jun 3, 2013 - 40 comments

Poets and fanatics will be known

Security alert: notes from the frontline of the war in cyberspace Jon Ronson interviews Andrew Auernheimer aka weev, Kim Dotcom, 'Troy' from Anonymous and Mercedes Haefer
posted by fearfulsymmetry on May 4, 2013 - 17 comments

Fixing E.T. / Rehabilitating E.T.

We all know that E.T. for the Atari 2600 was a terrible no-good awful game (previously, previously-er). But could it be that our received wisdom about the cartridge is just wrong? Yeah, probably not ... But to be fair, follow this in-depth guide to hacking the ET ROM and you, too, can transform the game into something far more play-worthy (and don't worry, you can still turn ET into its ninja form).
posted by barnacles on Mar 31, 2013 - 66 comments

"Phreaking Out Ma Bell"

How a buccaneering young engineer built the little blue box that broke into the biggest network in the world
posted by the man of twists and turns on Mar 24, 2013 - 17 comments

the ultimate in spyware

Meet the men who spy on women through their webcams - "If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please? I got 2 bucks lol I will give it to you :b" At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection."
posted by madamjujujive on Mar 10, 2013 - 172 comments

All Your Nets Are Belong to the PLA

The Mandiant security firm has released a report attributing a number of hacking events to Advanced Persistent Threat (APT) activity perpetrated by China's 2nd Bureau of the People's Liberation Army General Staff Deparment's 3rd Department. They have also released an appendix containing multiple artifacts that can be used to detect intrusions on networks.
posted by bfranklin on Feb 19, 2013 - 64 comments

the mundane face of evil: Chinese state-sponsored hackers

A new report, the National Intelligence Estimate, released by the US Office of the Director of National Intelligence "represents the consensus view of the U.S. intelligence community, describes a wide range of sectors that have been the focus of [China-based] hacking over the past five years, including energy, finance, information technology, aerospace and automotive." One face of Chinese state-sponsored hackers profiled by Bloomberg Business Week is Zhang Changhe, an instructor at the People's Liberation Army Information Engineering University in Zhengzhou. [more inside]
posted by gen on Feb 14, 2013 - 11 comments

Welcome to the Malware-Industrial Complex

“On the one hand the government is freaking out about cyber-security, and on the other the U.S. is participating in a global market in vulnerabilities and pushing up the prices,” says Soghoian, who says he has spoken with people involved in the trade and that prices range from the thousands to the hundreds of thousands. Even civilian law-enforcement agencies pay for zero-days, Soghoian says, in order to sneak spy software onto suspects’ computers or mobile phones.
posted by Chrysostom on Feb 14, 2013 - 15 comments

"The cryptanalyst has two cards in her hand, so there's nothing to do"

A card game to teach computer security. [d0x3d!] is the creation of some Naval Postgraduate School computer scientists, designed to help players learn digital security concepts. Playtested with middle school students.
posted by doctornemo on Feb 8, 2013 - 7 comments

Significant hacking activity targeting journalists at large newspapers

The New York Times has detailed a successful 4-month hacking campaign by China, infiltrating its computer systems and acquiring passwords for reporters/employees. The campaign was likely in retaliation for the NYT investigation of the wealth amassed by relatives of Chinese Prime Minister Wen Jiabao. Following the NYT announcement, the Wall Street Journal announced that it too was hacked last year. The Washington Post may also have been infiltrated. Slate asks if this could have a chilling effect on journalists writing about China. [more inside]
posted by gemmy on Feb 1, 2013 - 102 comments

Google Ring?

If special hardware can crack all your passwords, if people have a hard time remembering them anyway, if people don't implement them in the first place, it is no wonder Google (with Yubico) is "declar[ing] war on the password." [more inside]
posted by the man of twists and turns on Jan 19, 2013 - 76 comments

Live Mail Art.

Delivery for Mr. Assange. [more inside]
posted by azarbayejani on Jan 16, 2013 - 18 comments

The Hunt For "Red October"

An advanced and well-orchestrated computer spy operation that targeted diplomats, governments and research institutions for at least five years has been uncovered by security researchers in Russia.
The highly targeted campaign, which focuses primarily on victims in Eastern Europe and Central Asia based on existing data, is still live, harvesting documents and data from computers, smartphones and removable storage devices, such as USB sticks, according to Kaspersky Lab, the Moscow-based antivirus firm that uncovered the campaign. Kaspersky has dubbed the operation “Red October.”
[more inside]
posted by the man of twists and turns on Jan 15, 2013 - 26 comments

NSF/smashthestate

Password Security in Deus Ex
posted by Zarkonnen on Jan 5, 2013 - 61 comments

Neat stuff

10 Raspberry Pi creations that show how amazing the tiny PC can be "The Raspberry Pi, the $35 credit card-sized computer, has lived an interesting life despite being less than a year old. It has been used to teach programming and host servers, but above all it has provided a near-perfect platform for some of the most fun and interesting hobbyist projects in the computing world. Arcade cabinets, computing clusters housed in LEGOs, musical instruments, robots, and wearable computers are just some of the uses Pi owners have found. It turns out you can do a lot with an ARM processor, GPU, a few ports and GPIO pins, and an operating system (typically Linux-based) loaded onto an SD card. Here are 10 of the coolest Raspberry Pi creations we've been able to find."
posted by bookman117 on Jan 1, 2013 - 73 comments

Open the pod bay doors, Siri!

Hacker sets up SiriProxy and a Raspberry Pi-controlled relay to make his iPhone's Siri voice control open his garage door
posted by Blazecock Pileon on Dec 19, 2012 - 21 comments

Page: 1 2 3 4 5