Traced to where? To a country with laws favorable to them? Or maybe they rented a room using only cash and use that room as a mailbox. Hire a bum or trick a kid into picking the mail in case the house is surveiled.
Nonsense. Every console they sell reduces the cost of overhead (developement, etc) per console, which reduces the cost of each console. Given that they charge more than manufacturing and distribution costs for each console (as required by law), every console they sell either reduces their loss or increases their profit (depending on whether they've crossed the break-even point or not).
Of course, but I was replying to the comment that "To get your keys out, you have to put it in park and then lock the steering". That's just not true. To get the keys out, you have to put it into park, but you don't have to lock the steering.
I rent cars on a regular basis, all of which with an automatic transmission (unfortunately). While all of them do force me to go into park before removing the key, none of them force me to lock the steering. I have had the latest model Pontiac Grand Am, Chevrolet Malibu and Oldsmobile Alero.
I once thought "it would be nice if they minituarized a locatable transmiter so much that I could slip one into my expensive gadgets (starting with my camera) so I could locate it if it was lost or stolen." The person to which I mentioned this pointed out "but then, people could easily track someone else by slipping such a device into someone's pocket." Unfortunately, this will happen, as this article demonstrates.
Re:Nuclear energy works!
on
China Goes Nuclear
·
· Score: 4, Interesting
I must agree! And so does the wildlife: There's about a dozen deers living within the fenced area around the Bruce "B" nuclear power plant here in Ontario. And why not! the radiation levels around nuclear power plants are *lower* than those found in cities.
"SCO's opposition papers thus seek only to perpetuate fear, uncertainty and doubt is has fostered reguarding Linux." (On page 14 of
IBM memo to support summary judgement.)
The GHz for cordless phones refer to frequency of the radio waves used to communicate between the base and the phone, and not to microprocessor speed. It's similar to the MHz used to identify radio stations, but it's totally unlike the MHz/GHz of computers which refer to how fast the CPU is running. Do phones even have a central processor? I imagine they have a whole bunch of chips doing the work that needs to be done.
Hackers have found many flaws with Bluetooth devices. As these devices gain in popularity, the public needs to be made aware of vulnerability issues with the various Bluetooth devices such as phones, PDAs and wireless headsets.
Three of the most interesting attacks were Bluesnarfing, Bluetracking and Bluebugging. Bluesnarfing is attacking the Bluetooth device, usually a phone, to rip out information. Hackers can obtain phonebooks, calendars and stored SMS messages.
Bluetracking is tracking a person's movement by tracking their Bluetooth device. All Bluetooth devices have a unique address, similar to a MAC address on computer network cards. By using special sensors or antennas you can see where a particular Bluetooth device pops up and record a person's movement. [an error occurred while processing this directive]
Bluebugging involves sending executable commands to the Bluetooth device. With the proper software, you could secretly turn on a phone and make it call you. Why is this important? You have just turned the phone into a listening device that can record without your target knowing it.
When the Flexilis team walked in with their BlueSniper Bluetooth sniper, everyone wanted to know what this evil looking contraption could do. It looks like a mutant cross between a sniper rifle and Ghostbusters particle canon, complete with nuclear backpack. Thankfully, it is a very simple device that can do one thing well: find and attack Bluetooth devices from far away.
The BlueSniper is a rifle stock with a scope and yagi antenna attached. A cable attaches the antenna to the Bluetooth card, which can be in a PDA or laptop computer. The laptop can be carried in a backpack with the cables connecting into the backpack, giving it the Ghostbusters look.
The Flexilis teams demonstrated the gun with some home-brewed Bluetooth scanning software. They pointed the gun down the hallways and out windows. Almost instantly, vulnerable phones with their unique Bluetooth device numbers appeared on the laptop screen. The device is powerful enough to detect devices through building walls.
Video Interview
Here is a downloadable interview with the Flexilis team that designed the BlueSniper Bluetooth rifle
The vendor area had several stores that sold everything from lockpicks to funny shirts. Most everything was available as a cash-only purchase. There are no paper trails here.
Irvine Underground was selling all types of lockpicks and lockpicking manuals. They also had a practice lockpick area where attendees could try out their newly purchased picks.
Defcon had its second annual Wi-Fi Shootout contest. This contest pits teams against each other in the pursuit of the longest 802.11 link. Teams must be able to send a test message from laptop to laptop out in the searing Nevada desert. P.A.D. was the winning team with an amazing 55.1 mile successful link.
continued from hereBluetooth Vulnerabilities
Hackers have found many flaws with Bluetooth devices. As these devices gain in popularity, the public needs to be made aware of vulnerability issues with the various Bluetooth devices such as phones, PDAs and wireless headsets.
Three of the most interesting attacks were Bluesnarfing, Bluetracking and Bluebugging. Bluesnarfing is attacking the Bluetooth device, usually a phone, to rip out information. Hackers can obtain phonebooks, calendars and stored SMS messages.
Bluetracking is tracking a person's movement by tracking their Bluetooth device. All Bluetooth devices have a unique address, similar to a MAC address on computer network cards. By using special sensors or antennas you can see where a particular Bluetooth device pops up and record a person's movement. [an error occurred while processing this directive]
Bluebugging involves sending executable commands to the Bluetooth device. With the proper software, you could secretly turn on a phone and make it call you. Why is this important? You have just turned the phone into a listening device that can record without your target knowing it.
BlueSniper
IMG: bluesniper.jpg
When the Flexilis team walked in with their BlueSniper Bluetooth sniper, everyone wanted to know what this evil looking contraption could do. It looks like a mutant cross between a sniper rifle and Ghostbusters particle canon, complete with nuclear backpack. Thankfully, it is a very simple device that can do one thing well: find and attack Bluetooth devices from far away.
The BlueSniper is a rifle stock with a scope and yagi antenna attached. A cable attaches the antenna to the Bluetooth card, which can be in a PDA or laptop computer. The laptop can be carried in a backpack with the cables connecting into the backpack, giving it the Ghostbusters look.
The Flexilis teams demonstrated the gun with some home-brewed Bluetooth scanning software. They pointed the gun down the hallways and out windows. Almost instantly, vulnerable phones with their unique Bluetooth device numbers appeared on the laptop screen. The device is powerful enough to detect devices through building walls.
Video Interview
Here is a downloadable interview with the Flexilis team that designed the BlueSniper Bluetooth rifle
Video - 14.9 MB - 3 Minutes 16 seconds
Vendor Area
IMG: lockpicks.jpg
The vendor area had several stores that sold everything from lockpicks to funny shirts. Most everything was available as a cash-only purchase. There are no paper trails here.
Irvine Underground was selling all types of lockpicks and lockpicking manuals. They also had a practice lockpick area where attendees could try out their newly purchased picks.
IMG: shirts.jpg
Hackers wanting to proclaim their skills to the whole world could buy cool shirts and stickers at the Jinx.com booth.
IMG: stickers.jpgWi-Fi Shootout Contest
IMG: pad.jpg
Defcon had its second annual Wi-Fi Shootout contest. This contest pits teams against each other in the pursuit of the longest 802.11 link. Teams must be able to send a test message from laptop to laptop out in the searing Nevada desert. P.A.D. was the winning team with an amazing 55.1 mile successful link. This was done with regular Wi-Fi cards and no amplifier. The team said that they could have probably gone a longer distance, but they ran out of road to drive. [an error oc
Yup, slashdotted. Here's what I've been able to read so far.
The 12th annual Defcon hacker convention was held at the Alexis Park Hotel in Las Vegas Nevada. For three days, hackers exchanged ideas, presented new and sometimes scary information and partied hard. More than a hundred speakers gave dozens of talks on computer security, hacking and privacy issues.
For a mere $80 attendees received access to the talks, contests and the after-hours parties. In this article we will cover some of the more interesting contests and give you an overall feel for the convention so that you can decide whether you want to attend next year. Three download videos are included. [an error occurred while processing this directive]
The Wall of Sheep is a projector screen that displays captured usernames and passwords. The Wall, which originally was named as the Wall of Shame, is a time-honored tradition at Defcon where a loose knit group of people continuously sniffs the network for any plaintext usernames and passwords on the wired and wireless networks. Since this is a hacker convention, attendees using the Defcon network should protect their logins by using VPN, SSH or other encryption technology. Some attendees apparently didn't get the message.
In the first few years, the usernames and passwords were written on paper plates and then taped to the wall. As the number of passwords found grew, a better solution had to be found. A computer security engineer, named "Riverside", wrote the Wall of Sheep software from scratch. He also was one of the original people who started the Wall. The usernames and passwords cycle up and down so people can see all the information gathered since the start of the convention. In addition only the first three characters of the password are shown in order to protect the privacy of the user.
Riverside said that some people have been so ignorant in using the wireless at Defcon. He gave several examples of people who had their passwords intercepted, who then tried to change their passwords on the same insecure network, only to have the information intercepted again! Riverside examines all the new attacks at Defcon and then implements a defense at his daytime job.
About 200-500 passwords are found every year at Defcon. The typical passwords are email, FTP and other login passwords.
This year, someone was dumb enough to email their tax returns in.PDF format at the convention. This traffic was immediately intercepted and the above humorous message was displayed on the projector. Also another person was emailing people asking how to get a fake ID. This was also intercepted and displayed. I have blacked out some identifying information to protect the users' privacy. [an error occurred while processing this directive]
As Riverside explains, "The Wall has shown people the importance of using encryption, not just at Defcon but in all network traffic. I have had security experts who have attended Black Hat, SANS and other conventions thank me for showing them how vulnerable their traffic was."
Video
Here is a downloadable video of the Wall of Sheep in action.
Another time-honored tradition at Defcon is the "Spot the Fed" contest. Attendees win shirts for spotting federal agents in the crowd. Most of the time the Feds are very easy to spot as they generally appear healthier and wear a more conservative style of clothing than the normal Defcon attendee.
She most definitely can. It'll take a lawyer to answer whether she has a chance of winning. But that would hinder her efforts to keep the domain, since it could be said she's only keeping the domain to gain money or to hurt the book.
Yes that works, but the problem is.. how do you get you old data in those files on your modern disk?
Aye, that's very tricky. If the drive isn't compatible with modern hardware, even geting one's hands on the a drive (by buying, renting borrowing or using someone else's) won't be sufficient. You'd have to get your hands on the entire computer, write a program to read the data from the disk and send it to a PC, which is tricky in of itself. Does the old computer have a modem? a serial port? a parallel port? The local-ish nuclear power station has a PC emualuting a papertape machine, enabling communication between the PC and the old '72 computer that controls the reactor.
Some programs create virtual CD-ROM drives when you give them an (.iso) image of a CD-ROM. You could say that the said program is emulating a CD-ROM drive.
Similarly, if you were emulating an old computer which has some kind of old disk drive, the drive itself would be emulated along with the rest of the computer. The data would be read from a file on the emulator's host's hard drive. Or maybe it could even read 3.5" disks that were formatted to hold no more data than the old disks. Either way, you woulnd't actually use one of the old disks.
Some programs create virtual CD-ROM drives when you give them an (.iso) image of a CD-ROM.
If the computer you are emulating had a some kind of old disk drive, the drive itself would be emulated. The data would be read from a file on the emulator's host's hard drive. Or maybe it could even read 3.5" disks that were formatted to hold no more data than the old disks. Either way, you woulnd't actually use one of the old disks.
The article does well by pointing out a great list of problems that can be encountered when emulating a machine.
Some of the projects on which I work are for nuclear power plants, many of which here in Canada use computers from 1972 -- I was born in 1976 -- to control the plant. While spare parts are dwindling, the prospect of having to retest all of the code is daunting, not to mention the costs of making a program as complex as an emulator in the first place.
I've seen (the assembler equivalent to) the following code used in embeded processors to perform a sleep(): counter = 500; while (counter--) {/* nothing */ } Imaginine executing that on an emulator that didn't pay any attention to timing?
So why does a bank robber wear a mask? If I read your post correctly, you're saying nothing can be achieved by changing the RFID code because it's only purpose is to identity the product? Changing the identity of something allows people to possibly get away with things they couldn't otherwise. The bank robber possibly gets away with robbery, and Joe Hacker might get away with a 80" TV for the price of 65" one.
Slashdot Mirror
Traced to where? To a country with laws favorable to them? Or maybe they rented a room using only cash and use that room as a mailbox. Hire a bum or trick a kid into picking the mail in case the house is surveiled.
In the handes of an expert marksman, the .22 could be used to blind Godzilla...
Nonsense. Every console they sell reduces the cost of overhead (developement, etc) per console, which reduces the cost of each console. Given that they charge more than manufacturing and distribution costs for each console (as required by law), every console they sell either reduces their loss or increases their profit (depending on whether they've crossed the break-even point or not).
Imagina all the fun you could with this on hallowe'en? :)
Of course, but I was replying to the comment that "To get your keys out, you have to put it in park and then lock the steering". That's just not true. To get the keys out, you have to put it into park, but you don't have to lock the steering.
I rent cars on a regular basis, all of which with an automatic transmission (unfortunately). While all of them do force me to go into park before removing the key, none of them force me to lock the steering. I have had the latest model Pontiac Grand Am, Chevrolet Malibu and Oldsmobile Alero.
Telemarketers already spam me over the phone, and by the automated leaving of messages on my voice mail. How's this any different?
A system allowing 911 to use the caller's cell phone's camera (should the user allow it) would be much less intrusive (and technologically neat!)
I once thought "it would be nice if they minituarized a locatable transmiter so much that I could slip one into my expensive gadgets (starting with my camera) so I could locate it if it was lost or stolen." The person to which I mentioned this pointed out "but then, people could easily track someone else by slipping such a device into someone's pocket." Unfortunately, this will happen, as this article demonstrates.
I must agree! And so does the wildlife: There's about a dozen deers living within the fenced area around the Bruce "B" nuclear power plant here in Ontario. And why not! the radiation levels around nuclear power plants are *lower* than those found in cities.
I'm amused at:
FUD is now a legal term! :D
This appears to be a follow up of an earlier slashdot story.
You don't need to extract every email in it to break it...
For example, if your employer got their hands on your list, they could check if you've been in contact with people at your competitors.
It's even worse if they try and get a false positive!
You're right. I'll start capitalizing "The" in "The Internet".
: It's particularly hard for them when they're using a fancy schmancy editor, so they can't even Alt-Tab through their editing windows.
A quick tip: Try using Ctrl-Tab (or Ctrl-F6) to cycle through an appliation's child windows.
The GHz for cordless phones refer to frequency of the radio waves used to communicate between the base and the phone, and not to microprocessor speed. It's similar to the MHz used to identify radio stations, but it's totally unlike the MHz/GHz of computers which refer to how fast the CPU is running. Do phones even have a central processor? I imagine they have a whole bunch of chips doing the work that needs to be done.
continued from here
Bluetooth Vulnerabilities
Hackers have found many flaws with Bluetooth devices. As these devices gain in popularity, the public needs to be made aware of vulnerability issues with the various Bluetooth devices such as phones, PDAs and wireless headsets.
Three of the most interesting attacks were Bluesnarfing, Bluetracking and Bluebugging. Bluesnarfing is attacking the Bluetooth device, usually a phone, to rip out information. Hackers can obtain phonebooks, calendars and stored SMS messages.
Bluetracking is tracking a person's movement by tracking their Bluetooth device. All Bluetooth devices have a unique address, similar to a MAC address on computer network cards. By using special sensors or antennas you can see where a particular Bluetooth device pops up and record a person's movement. [an error occurred while processing this directive]
Bluebugging involves sending executable commands to the Bluetooth device. With the proper software, you could secretly turn on a phone and make it call you. Why is this important? You have just turned the phone into a listening device that can record without your target knowing it.
BlueSniper
IMG: bluesniper.jpg
When the Flexilis team walked in with their BlueSniper Bluetooth sniper, everyone wanted to know what this evil looking contraption could do. It looks like a mutant cross between a sniper rifle and Ghostbusters particle canon, complete with nuclear backpack. Thankfully, it is a very simple device that can do one thing well: find and attack Bluetooth devices from far away.
The BlueSniper is a rifle stock with a scope and yagi antenna attached. A cable attaches the antenna to the Bluetooth card, which can be in a PDA or laptop computer. The laptop can be carried in a backpack with the cables connecting into the backpack, giving it the Ghostbusters look.
The Flexilis teams demonstrated the gun with some home-brewed Bluetooth scanning software. They pointed the gun down the hallways and out windows. Almost instantly, vulnerable phones with their unique Bluetooth device numbers appeared on the laptop screen. The device is powerful enough to detect devices through building walls.
Video Interview
Here is a downloadable interview with the Flexilis team that designed the BlueSniper Bluetooth rifle
Video - 14.9 MB - 3 Minutes 16 seconds
Vendor Area
IMG: lockpicks.jpg
The vendor area had several stores that sold everything from lockpicks to funny shirts. Most everything was available as a cash-only purchase. There are no paper trails here.
Irvine Underground was selling all types of lockpicks and lockpicking manuals. They also had a practice lockpick area where attendees could try out their newly purchased picks.
IMG: shirts.jpg
Hackers wanting to proclaim their skills to the whole world could buy cool shirts and stickers at the Jinx.com booth.
IMG: stickers.jpg
Wi-Fi Shootout Contest
IMG: pad.jpg
Defcon had its second annual Wi-Fi Shootout contest. This contest pits teams against each other in the pursuit of the longest 802.11 link. Teams must be able to send a test message from laptop to laptop out in the searing Nevada desert. P.A.D. was the winning team with an amazing 55.1 mile successful link.
continued from here Bluetooth Vulnerabilities Hackers have found many flaws with Bluetooth devices. As these devices gain in popularity, the public needs to be made aware of vulnerability issues with the various Bluetooth devices such as phones, PDAs and wireless headsets. Three of the most interesting attacks were Bluesnarfing, Bluetracking and Bluebugging. Bluesnarfing is attacking the Bluetooth device, usually a phone, to rip out information. Hackers can obtain phonebooks, calendars and stored SMS messages. Bluetracking is tracking a person's movement by tracking their Bluetooth device. All Bluetooth devices have a unique address, similar to a MAC address on computer network cards. By using special sensors or antennas you can see where a particular Bluetooth device pops up and record a person's movement. [an error occurred while processing this directive] Bluebugging involves sending executable commands to the Bluetooth device. With the proper software, you could secretly turn on a phone and make it call you. Why is this important? You have just turned the phone into a listening device that can record without your target knowing it. BlueSniper IMG: bluesniper.jpg When the Flexilis team walked in with their BlueSniper Bluetooth sniper, everyone wanted to know what this evil looking contraption could do. It looks like a mutant cross between a sniper rifle and Ghostbusters particle canon, complete with nuclear backpack. Thankfully, it is a very simple device that can do one thing well: find and attack Bluetooth devices from far away. The BlueSniper is a rifle stock with a scope and yagi antenna attached. A cable attaches the antenna to the Bluetooth card, which can be in a PDA or laptop computer. The laptop can be carried in a backpack with the cables connecting into the backpack, giving it the Ghostbusters look. The Flexilis teams demonstrated the gun with some home-brewed Bluetooth scanning software. They pointed the gun down the hallways and out windows. Almost instantly, vulnerable phones with their unique Bluetooth device numbers appeared on the laptop screen. The device is powerful enough to detect devices through building walls. Video Interview Here is a downloadable interview with the Flexilis team that designed the BlueSniper Bluetooth rifle Video - 14.9 MB - 3 Minutes 16 seconds Vendor Area IMG: lockpicks.jpg The vendor area had several stores that sold everything from lockpicks to funny shirts. Most everything was available as a cash-only purchase. There are no paper trails here. Irvine Underground was selling all types of lockpicks and lockpicking manuals. They also had a practice lockpick area where attendees could try out their newly purchased picks. IMG: shirts.jpg Hackers wanting to proclaim their skills to the whole world could buy cool shirts and stickers at the Jinx.com booth. IMG: stickers.jpg Wi-Fi Shootout Contest IMG: pad.jpg Defcon had its second annual Wi-Fi Shootout contest. This contest pits teams against each other in the pursuit of the longest 802.11 link. Teams must be able to send a test message from laptop to laptop out in the searing Nevada desert. P.A.D. was the winning team with an amazing 55.1 mile successful link. This was done with regular Wi-Fi cards and no amplifier. The team said that they could have probably gone a longer distance, but they ran out of road to drive. [an error oc
Yup, slashdotted. Here's what I've been able to read so far.
.PDF format at the convention. This traffic was immediately intercepted and the above humorous message was displayed on the projector. Also another person was emailing people asking how to get a fake ID. This was also intercepted and displayed. I have blacked out some identifying information to protect the users' privacy. [an error occurred while processing this directive]
The 12th annual Defcon hacker convention was held at the Alexis Park Hotel in Las Vegas Nevada. For three days, hackers exchanged ideas, presented new and sometimes scary information and partied hard. More than a hundred speakers gave dozens of talks on computer security, hacking and privacy issues.
For a mere $80 attendees received access to the talks, contests and the after-hours parties. In this article we will cover some of the more interesting contests and give you an overall feel for the convention so that you can decide whether you want to attend next year. Three download videos are included. [an error occurred while processing this directive]
Wall of Sheep
IMG: sheep1.jpg
The Wall of Sheep is a projector screen that displays captured usernames and passwords. The Wall, which originally was named as the Wall of Shame, is a time-honored tradition at Defcon where a loose knit group of people continuously sniffs the network for any plaintext usernames and passwords on the wired and wireless networks. Since this is a hacker convention, attendees using the Defcon network should protect their logins by using VPN, SSH or other encryption technology. Some attendees apparently didn't get the message.
In the first few years, the usernames and passwords were written on paper plates and then taped to the wall. As the number of passwords found grew, a better solution had to be found. A computer security engineer, named "Riverside", wrote the Wall of Sheep software from scratch. He also was one of the original people who started the Wall. The usernames and passwords cycle up and down so people can see all the information gathered since the start of the convention. In addition only the first three characters of the password are shown in order to protect the privacy of the user.
Riverside said that some people have been so ignorant in using the wireless at Defcon. He gave several examples of people who had their passwords intercepted, who then tried to change their passwords on the same insecure network, only to have the information intercepted again! Riverside examines all the new attacks at Defcon and then implements a defense at his daytime job.
About 200-500 passwords are found every year at Defcon. The typical passwords are email, FTP and other login passwords.
IMG: sheep2.jpg
This year, someone was dumb enough to email their tax returns in
As Riverside explains, "The Wall has shown people the importance of using encryption, not just at Defcon but in all network traffic. I have had security experts who have attended Black Hat, SANS and other conventions thank me for showing them how vulnerable their traffic was."
Video
Here is a downloadable video of the Wall of Sheep in action.
Wall of Sheep video - 1.4 MB - 1 Minute 24 Seconds
Spot The Fed
IMG: spotthefed.jpg
Another time-honored tradition at Defcon is the "Spot the Fed" contest. Attendees win shirts for spotting federal agents in the crowd. Most of the time the Feds are very easy to spot as they generally appear healthier and wear a more conservative style of clothing than the normal Defcon attendee.
At the beginning of a ta
She most definitely can. It'll take a lawyer to answer whether she has a chance of winning. But that would hinder her efforts to keep the domain, since it could be said she's only keeping the domain to gain money or to hurt the book.
Some programs create virtual CD-ROM drives when you give them an (.iso) image of a CD-ROM. You could say that the said program is emulating a CD-ROM drive.
Similarly, if you were emulating an old computer which has some kind of old disk drive, the drive itself would be emulated along with the rest of the computer. The data would be read from a file on the emulator's host's hard drive. Or maybe it could even read 3.5" disks that were formatted to hold no more data than the old disks. Either way, you woulnd't actually use one of the old disks.
Some programs create virtual CD-ROM drives when you give them an (.iso) image of a CD-ROM. If the computer you are emulating had a some kind of old disk drive, the drive itself would be emulated. The data would be read from a file on the emulator's host's hard drive. Or maybe it could even read 3.5" disks that were formatted to hold no more data than the old disks. Either way, you woulnd't actually use one of the old disks.
The article does well by pointing out a great list of problems that can be encountered when emulating a machine.
/* nothing */ }
Some of the projects on which I work are for nuclear power plants, many of which here in Canada use computers from 1972 -- I was born in 1976 -- to control the plant. While spare parts are dwindling, the prospect of having to retest all of the code is daunting, not to mention the costs of making a program as complex as an emulator in the first place.
I've seen (the assembler equivalent to) the following code used in embeded processors to perform a sleep():
counter = 500; while (counter--) {
Imaginine executing that on an emulator that didn't pay any attention to timing?
So why does a bank robber wear a mask? If I read your post correctly, you're saying nothing can be achieved by changing the RFID code because it's only purpose is to identity the product? Changing the identity of something allows people to possibly get away with things they couldn't otherwise. The bank robber possibly gets away with robbery, and Joe Hacker might get away with a 80" TV for the price of 65" one.