I installed an ad-blocker because a couple sites that I visit were serving up auto-playing videos with sound, and it was driving me crazy, so I broke down and installed an extension. That totally took care of my problem. However, it had the undesired side-effect of removing ads for sites that I would like to support. It's likely that I could find the extension I installed, go through the options, and add some sites to the whitelist. However, I'm far too lazy to actually do that.
If I went to a website I wanted to support and they displayed a message saying "We've notice you're using an ad-blocker. If you'd like to support us, click here to add us to your whitelist", I'd do that in a heartbeat.
From TFA: "When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.)"
So, it's a remote exploit in that you can do it if you're within Wi-Fi range (and the gun has it's Wi-Fi turned on), and they had to do some work to find what settings they could change via the API. Seems like a cromulent hack to me.
I can't believe these were his primary goals at the time. I think he got into something that was way more than he expected, and he pulled a c.y.a. move and sent Manning down the river. Saying he did it for the good of the Afghan people that might be named in the documents seems revisionist. But I guess only he knows, so he gets to tell whatever story he wants.
Actually it isn't. I tried to get my thumb drive to run a program when I attached it to my computer at home, and found that Windows won't automatically run an autorun.inf on anything that reports itself as a removable media device, I believe. I think different USB drives behave differently, but I couldn't get mine to run anything that way.
I'm not sure you understand an SQL injection attack. In your example, your query would be something like "SELECT * FROM table WHERE id = " + tagID. If the valid RFID tag gives you "12345", all is well. If the altered RFID tag gives you "12345 or 1 = 1", well, you've got a problem. If your tagID is a numeric or you check the data you receive from the tag, you'll be fine, but if you just take in the data as a string or byte array, you're susceptible to this attack. Obviously my example doesn't fall into the virus category, but it gives you an example of how the attack works.
Re:Big Brother? not necessarily.
on
RFID Explained
·
· Score: 1
I'm totally with you on this. I'm seeing a house set up with scanners at each doorway, and occupants having RFID tags on them. Combine this with some X-10 and you could come up with some fairly cool apps. And as long as you control the system there shouldn't be any privacy concerns.
I scanned the article looking for just that portion as well. Kind of sad they didn't bother to get real world data as to what change amounts occured most often, basically makes this into a first-year statistical programming assignment.
Slashdot Mirror
He'll be missed, I'm glad he was a part of /.
I installed an ad-blocker because a couple sites that I visit were serving up auto-playing videos with sound, and it was driving me crazy, so I broke down and installed an extension. That totally took care of my problem. However, it had the undesired side-effect of removing ads for sites that I would like to support. It's likely that I could find the extension I installed, go through the options, and add some sites to the whitelist. However, I'm far too lazy to actually do that.
If I went to a website I wanted to support and they displayed a message saying "We've notice you're using an ad-blocker. If you'd like to support us, click here to add us to your whitelist", I'd do that in a heartbeat.
From TFA: "When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.)"
So, it's a remote exploit in that you can do it if you're within Wi-Fi range (and the gun has it's Wi-Fi turned on), and they had to do some work to find what settings they could change via the API. Seems like a cromulent hack to me.
Then you have yet to unlock the full hilarity potential of the internet...
https://chrome.google.com/webs...
Is this just early viral marketing for a new Aquaman movie?
His gender identity issues were visible in the chat logs with Lamo: http://boingboing.net/2010/06/20/was-alleged-wikileak.html
I can't believe these were his primary goals at the time. I think he got into something that was way more than he expected, and he pulled a c.y.a. move and sent Manning down the river. Saying he did it for the good of the Afghan people that might be named in the documents seems revisionist. But I guess only he knows, so he gets to tell whatever story he wants.
Actually it isn't. I tried to get my thumb drive to run a program when I attached it to my computer at home, and found that Windows won't automatically run an autorun.inf on anything that reports itself as a removable media device, I believe. I think different USB drives behave differently, but I couldn't get mine to run anything that way.
I'm not sure you understand an SQL injection attack. In your example, your query would be something like "SELECT * FROM table WHERE id = " + tagID. If the valid RFID tag gives you "12345", all is well. If the altered RFID tag gives you "12345 or 1 = 1", well, you've got a problem. If your tagID is a numeric or you check the data you receive from the tag, you'll be fine, but if you just take in the data as a string or byte array, you're susceptible to this attack. Obviously my example doesn't fall into the virus category, but it gives you an example of how the attack works.
I'm totally with you on this. I'm seeing a house set up with scanners at each doorway, and occupants having RFID tags on them. Combine this with some X-10 and you could come up with some fairly cool apps. And as long as you control the system there shouldn't be any privacy concerns.
I scanned the article looking for just that portion as well. Kind of sad they didn't bother to get real world data as to what change amounts occured most often, basically makes this into a first-year statistical programming assignment.
Perhaps we'll start seeing reverse-blipverts...
That is the best (worst?) story ever.
Hah, that's awesome!