O’Reilly is presenting a free webcast by Jonathan Zdziarski on the topic of Hacking and Securing iOS Applications on May 3, 2012, at 1 PM PT. Jonathan is the author of the O’Reilly book by the same title. In this … Read more
In this full length presentation from the recent 28C3 conference in Berlin, Tiffany Rad, Teague Newman and John Strauchs describe the opportunities and challenges presented by SCADA systems used in prisons and jails. These systems are often used in conjunction … Read more
In this short video, Jeri and company answer the age old question: what’s inside one of those anti-theft sensor alarm devices used by the big box stores? You could call this destructive reverse engineering, or literal brute forcing. It looks … Read more
This lightning talk from the recent 28C3 conference in Berlin is a general introduction and status update on the development of the FreedomBox project. The FreedomBox is a personal server running a free software operating system and free applications, designed … Read more
Security researcher John McNabb presented this talk at the Defcon 19 (2011) conference highlighting vulnerabilities of wireless water meter systems. John managed a small water system for 13 years and draws on his experiences in this presentation covering water security … Read more
firestorm_v1 from yourwarrantyisvoid has published this detailed tutorial on building and using a passive ethernet tap. His goal in this project is to facilitate network monitoring for intrusion detection purposes, and wanted hardware which will allow the monitoring for traffic … Read more
X10 home automation devices control household systems over AC power lines. In the past their online pop-up ads were pervasive and hard to avoid and these devices are fairly common today. Researchers Dave Kennedy, aka Rel1k, and Rob Simon, aka … Read more
Osmocom stands for Open Source MObile COMmunications. The crew developing the OsmocomBB (baseband) software project presented the above talk at the DeepSec conference last November in Vienna, Austria. As they describe their efforts: OsmocomBB is an Free Software / Open … Read more
At the recent Black Hat security conference in Las Vegas, hacker Adam Laurie revealed a flaw in the Square credit card reader hardware/software that allows the injected emulation of credit card data to fraudulently obtain funds. He inserted a different … Read more
You’ve probably seen aerial surveillance drones. You also probably know that GSM towers can be spoofed to fool unsuspecting users into connecting and having their phone security compromised. Well at this year’s Blackhat conference recently held in Las Vegas, security … Read more
Looking forward to the upcoming Defcon 19 conference, we note that Gibson open source software will be used there to monitor traffic. Dan Klinedinst, the project owner, writes: Some of you have seen the “Gibson” software, which models a network … Read more
Researchers in Germany have released two papers detailing how security of the bitstream on Xilinx FPGAs can be compromised. The first paper (11 pages) discusses power analysis attacks and extracting keys from Virtex-II devices. The second (3 pages) describes an … Read more
We’ve been interested in the Universal Software Radio Peripheral (USRP) SDR and the associated open source GNU Radio software for some time, but the $1500+ cost has kept the project on the back burner. Nevertheless, we always like a good … Read more
The Luxembourg based syn2cat hackerspace has a system in place to provide members with information on the open/closed status of the space online or via an Android app. They call it OpenDuino, and it is more than a web based … Read more
Netragard is a security company that provides anti-hacking services (penetration testing, vulnerability assessments, web application security testing, etc) to its customers via the realistic reproduction of threats. In a recent assignment the client specified that the test could not use … Read more
When you decide to copy protect the firmware on your MCU, how effective are efforts such as setting a lock bit or enabling chip erase modes? Sergei P. Skorobogatov’s article provides an overview of the methods he’s tried against MCUs … Read more
KEELOQ® is an authentication system designed by Microchip. It’s based on a proprietary, non-linear encryption algorithm that creates a unique transmission on every use, supposedly rendering RF replay attacks useless. The algorithm uses a programmable 64-bit encryption key unique to … Read more
Travis Goodspeed wrote this article on his blog detailing his extraction of firmware from the MC13224 that had been read protected. This is the same MCU used in the Defcon 18 badge and the Redwire Econotag. He presents two methods. … Read more
OK, so it isn’t open source… but it is free (today only)! CNET is making available FREE downloads of PC Lock™ privacy encryption software for your PC. Just visit this link and follow the instructions. It will provide you with … Read more
Verizon has released their 2011 Data Breach Investigations Report, a 74 page PDF cataloging the various type of cyber attacks they encountered in 2010. It resulted from a study conducted by the Verizon RISK Team with cooperation from the U.S. … Read more
Recent Comments