«
Expand/Collapse
103 items tagged "device"
Related tags:
mac [+],
memory corruption [+],
cisco ios [+],
control [+],
tar [+],
sig [+],
manager [+],
mac address list [+],
harald scan [+],
bluetooth [+],
txt [+],
tar gz [+],
sr6 [+],
peripherals [+],
network [+],
lumension [+],
heap memory [+],
block [+],
access [+],
Software [+],
user [+],
service advertisement [+],
service [+],
sami [+],
ruggedcom [+],
ros [+],
manageengine [+],
mac address [+],
linux kernel [+],
linux [+],
led [+],
java server [+],
ise [+],
input [+],
information store [+],
expert version [+],
expert [+],
dos vulnerability [+],
dll [+],
directory traversal vulnerability [+],
device configuration [+],
classic [+],
cisco telepresence [+],
cisco service [+],
cisco ip [+],
chaos communication camp [+],
central cs [+],
backdoor [+],
adobe [+],
BackTrack [+],
12 months [+],
wlan [+],
unauthenticated [+],
time [+],
teensy [+],
tcp [+],
super ad blocker [+],
source release [+],
service vulnerability [+],
security [+],
reverse engineering [+],
remote reboot [+],
remote buffer overflow vulnerability [+],
remote buffer overflow [+],
red hat security [+],
python [+],
proof of concept [+],
pov [+],
pcb [+],
null pointer [+],
nikhil mittal [+],
model discrimination [+],
model [+],
mode [+],
mobile [+],
misc [+],
milk consumption [+],
milk [+],
manager express [+],
mac osx [+],
logical block [+],
linux 64bit [+],
ldp [+],
label distribution protocol [+],
kvm [+],
kernel space [+],
kautilya [+],
intel 64 [+],
im me [+],
human interface devices [+],
human interface device [+],
host [+],
home [+],
gps [+],
franz tags [+],
firmware [+],
exploitation activities [+],
error [+],
entertainment [+],
engineering [+],
device server [+],
device parameters [+],
device manager [+],
denial of service dos [+],
dap [+],
cucme [+],
cs5 [+],
cisco unified [+],
cisco ios software release [+],
cisco ios software [+],
cisco ios device [+],
bugtraq [+],
buffer overflow vulnerability [+],
black hat [+],
arduino [+],
android [+],
accelerometer [+],
abu dhabi [+],
Wireless [+],
Newbie [+],
Bugs [+],
Area [+],
hacks [+],
cisco security [+],
zenprise [+],
youtube [+],
yasir afifi [+],
world [+],
workbench [+],
white spaces [+],
wheelchair [+],
vulnerabilities [+],
video playlist [+],
video demonstration [+],
vibration motors [+],
usb [+],
usa [+],
upnp [+],
ultrasonic range finders [+],
tv remotes [+],
travis goodspeed [+],
travis [+],
toy works [+],
toy [+],
toothbrush holder [+],
tool [+],
time marches on [+],
the netherlands [+],
terry garrett [+],
terry [+],
tek [+],
team [+],
stand [+],
spectrum users [+],
spectrum analyzer [+],
sophos [+],
something [+],
software hacks [+],
snowbot [+],
smith charts [+],
small [+],
single board computer [+],
simple [+],
side [+],
shawn [+],
security device [+],
scanner [+],
sayings [+],
s.o.s [+],
rucalgary [+],
rout [+],
root [+],
robots [+],
robotic [+],
ring magnets [+],
ring [+],
rf wireless [+],
repair [+],
relays [+],
raphael abrams [+],
raphael [+],
qr code [+],
puncher [+],
presidential vote [+],
presidential [+],
pre spun [+],
piezo sensor [+],
photoresistors [+],
phone [+],
persistence of vision [+],
paul klemstine [+],
paul [+],
parameter [+],
page [+],
own computer [+],
own accord [+],
operating system [+],
openfiler [+],
open tcp ports [+],
nook [+],
noob [+],
noblenook [+],
netv [+],
netgear [+],
nerdkits [+],
nat [+],
nanotouch [+],
multitouch [+],
mouse movements [+],
mount leds [+],
motherboard [+],
morse code [+],
morse [+],
mobile device management [+],
mobile device [+],
miro [+],
microcontrollers [+],
microcontroller [+],
mechanical engineering [+],
magnetic levitation device [+],
location technology [+],
linux images [+],
lifehacks [+],
levitation [+],
latest gizmos [+],
kathy [+],
johnny cache [+],
joe grand [+],
jetdirect [+],
introduction [+],
internet gateway [+],
interaction [+],
index table [+],
ifixit [+],
icebreaker [+],
hp jetdirect device [+],
hp jetdirect [+],
hdd [+],
hardware hacks [+],
hard drives [+],
goodspeed [+],
geolocation [+],
gateway device [+],
game control [+],
game [+],
gadget world [+],
fxi [+],
freelance [+],
free input [+],
forum entries [+],
forgery [+],
fm bands [+],
feedback device [+],
feedback [+],
fbi [+],
exploits [+],
executive decision maker [+],
executive decision [+],
essential minerals [+],
engineering student [+],
easy [+],
e ballot [+],
dvd [+],
drivers [+],
dongle [+],
digital calipers [+],
device drivers [+],
design principles [+],
dell wireless [+],
dell inspiron [+],
defective capacitor [+],
dead bugs [+],
dave [+],
database [+],
cs4 [+],
cross site scripting [+],
cotton candy [+],
cool device [+],
converting [+],
contests [+],
congo [+],
con [+],
computer [+],
compliance enforcement [+],
complete control [+],
compability [+],
colin [+],
click [+],
cisco router [+],
chumby industries [+],
chumby [+],
chris harrison [+],
china [+],
ceramic ring [+],
cellphones [+],
ccd sensor [+],
candy [+],
cadmium sulfide [+],
cache tags [+],
building [+],
broadcom [+],
brazil [+],
boss [+],
blurry image [+],
blown fuse [+],
blinkm [+],
bind [+],
better days [+],
beacon [+],
barnes [+],
bacon [+],
avr [+],
authors [+],
atapi device [+],
arm band [+],
application store [+],
apic [+],
antenna design [+],
antenna [+],
answers questions [+],
and [+],
afifi [+],
acoustic signatures [+],
Supporto [+],
Support [+],
NON [+],
Hardware [+],
General [+],
Fixes [+],
ARM [+],
802 11b [+],
555 timers [+],
1080p [+],
cisco security advisory [+],
vulnerability [+],
free software updates [+],
advisory [+]
-
-
![Permalink for '[Video] Who's snitching my milk?'](/themes/lilina/web//media/mark_off.gif)
21:55
»
SecDocs
Authors:
André Franz Tags:
science Event:
Chaos Communication Camp 2011 Abstract: Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. Therefore, in this talk we will present experiments and the experimental setup to determine the volatility of milk in tea kitchens and possible causes. The experimental setup consists of a device for determining the amount of vanished milk (DDAVM), a device for counting fridge door openings (DCFDO) and a device for measuring the consumed electrical energy (DMCEE). The light diode based DCFDO is hidden in a regular yoghurt cup. Additional to these measurements we will present some model canditates which are based on plausible psychological behavior of the employees. With innovative model discrimination techniques, model candidates are falsified by suggesting model-based experimental designs. With these experiments and mathematical models we strongly believe to contribute to a better understanding of vanishing bovine products in office environments. This can help to predict the present state of milk in refrigerators, which leads to a more efficient milk consumption. Further, deep insights into social-psycological interplays between colleagues may be extrapolated to generic properties of different societies. The snitching milk consumption curve may also hint, which kind of social system (e.g. communism, socialism, capitalism), people belong to.
-
21:55
»
SecDocs
Authors:
André Franz Tags:
science Event:
Chaos Communication Camp 2011 Abstract: Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. Therefore, in this talk we will present experiments and the experimental setup to determine the volatility of milk in tea kitchens and possible causes. The experimental setup consists of a device for determining the amount of vanished milk (DDAVM), a device for counting fridge door openings (DCFDO) and a device for measuring the consumed electrical energy (DMCEE). The light diode based DCFDO is hidden in a regular yoghurt cup. Additional to these measurements we will present some model canditates which are based on plausible psychological behavior of the employees. With innovative model discrimination techniques, model candidates are falsified by suggesting model-based experimental designs. With these experiments and mathematical models we strongly believe to contribute to a better understanding of vanishing bovine products in office environments. This can help to predict the present state of milk in refrigerators, which leads to a more efficient milk consumption. Further, deep insights into social-psycological interplays between colleagues may be extrapolated to generic properties of different societies. The snitching milk consumption curve may also hint, which kind of social system (e.g. communism, socialism, capitalism), people belong to.
-
-
17:19
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host.
-
17:19
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0676-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A malicious user in the kvm group on the host could use this flaw to crash the host. A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user in the kvm group on the host who has the ability to assign a device to a guest could use this flaw to crash the host.
-
-
15:22
»
SecDocs
Tags:
phone Event:
Chaos Communication Camp 2011 Abstract: The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. The most ubiquitous device on the planet is arguably the mobile phone. We use them, we need them, we get new ones every few years. Our old phones are either in a drawer, a landfill, or in the hands of those people in places like China and Brazil where old electronics are broken down or repurposed. Meanwhile in many parts of one of the most troubled nations in the world, the minerals that make are new phones are being mined under some very questionable circumstances. From some of the worst labor conditions in the world comes the cobalt and other essential minerals that will one day be your iphone. -- Is this how it simply has to be? -- A group in the Netherlands has embarked on an ambitious, risky, and little known quest - To build the world's first ethical phone. Are where did they start? In the Congo of course...
-
-
10:22
»
Packet Storm Security Exploits
An undocumented backdoor account exists within all released versions of RuggedCom's Rugged Operating System (ROS®). The username for the account, which cannot be disabled, is "factory" and its password is dynamically generated based on the device's MAC address. Multiple attempts have been made in the past 12 months to have this backdoor removed and customers notified. Exploit included.
-
10:22
»
Packet Storm Security Recent Files
An undocumented backdoor account exists within all released versions of RuggedCom's Rugged Operating System (ROS®). The username for the account, which cannot be disabled, is "factory" and its password is dynamically generated based on the device's MAC address. Multiple attempts have been made in the past 12 months to have this backdoor removed and customers notified. Exploit included.
-
10:22
»
Packet Storm Security Misc. Files
An undocumented backdoor account exists within all released versions of RuggedCom's Rugged Operating System (ROS®). The username for the account, which cannot be disabled, is "factory" and its password is dynamically generated based on the device's MAC address. Multiple attempts have been made in the past 12 months to have this backdoor removed and customers notified. Exploit included.
-
-
11:15
»
Hack a Day
This game of Space Invaders is played by tilting your iPhone to the left or right. It’s a demonstration of HTML5 used to link devices in-browser. The only setup that’s required is for the base device to load up a webpage, then the control device scans a QR code (or just types in a link) to [...]
-
-
11:01
»
Hack a Day
Seeing this device help a man get up out of his wheelchair makes us wonder why this hasn’t been around for ages. The design principles behind the Tek RMD greatly benefit those without use of their legs. But it’s not just to help him stand, it also serves as motorized transport that makes bulky electric [...]
-
-
16:02
»
Packet Storm Security Exploits
ManageEngine Device Expert version 5.6 suffers from a Java Server ScheduleResultViewer servlet unauthenticated remote directory traversal vulnerability.
-
16:02
»
Packet Storm Security Recent Files
ManageEngine Device Expert version 5.6 suffers from a Java Server ScheduleResultViewer servlet unauthenticated remote directory traversal vulnerability.
-
16:02
»
Packet Storm Security Misc. Files
ManageEngine Device Expert version 5.6 suffers from a Java Server ScheduleResultViewer servlet unauthenticated remote directory traversal vulnerability.
-
-
8:01
»
Hack a Day
Because his computer is gradually turning into an all-inclusive media display device, [Shawn] figured a remote to control the volume and a video playlist would be a reasonable addition. TV remotes for computers have been around for years, but [Shawn] decided to go the DIY route and build his own computer remote. For the build, [...]
-
-
11:25
»
Hack a Day
[Raphael Abrams] does a lot of freelance work, but he has trouble accurately keeping track of the hours he has put in for his clients. After trying various applications and methods of logging his time, he finally decided to build a device that worked just the way he liked. He calls his device the “Freelance [...]
-
-
3:04
»
SecDocs
Authors:
Nikhil Mittal Tags:
penetration testing embedded Event:
Black Hat Abu Dhabi 2011 Abstract: As hackers, we have been exploiting the inherent trust by Operating System on Human Interface Devices for some time now. Teensy is a USB Micro-controller; a device which can act as a Human Interface Device when connected to a computer and is able to do the job pre-programmed in it. Many interesting things have been done using Teensy as a keyboard. We have mostly seen shells, many types of them. It is time we start looking at Teensy as a pentesting device capable of doing much more than popping shells. Introducing Kautilya, a toolkit which can be used to perform various pre-exploitation and post-exploitation activities. Kautilya aims on easing the use of attack vectors which traditionally require human intervention but can be automated using Teensy. Kautilya contains some nice customizable payloads which may be used for enumeration, info gathering, disabling countermeasures, keylogging and using Operating System against itself for much more. The talk will be full of live demonstrations.
-
3:02
»
SecDocs
Authors:
Nikhil Mittal Tags:
penetration testing embedded Event:
Black Hat Abu Dhabi 2011 Abstract: As hackers, we have been exploiting the inherent trust by Operating System on Human Interface Devices for some time now. Teensy is a USB Micro-controller; a device which can act as a Human Interface Device when connected to a computer and is able to do the job pre-programmed in it. Many interesting things have been done using Teensy as a keyboard. We have mostly seen shells, many types of them. It is time we start looking at Teensy as a pentesting device capable of doing much more than popping shells. Introducing Kautilya, a toolkit which can be used to perform various pre-exploitation and post-exploitation activities. Kautilya aims on easing the use of attack vectors which traditionally require human intervention but can be automated using Teensy. Kautilya contains some nice customizable payloads which may be used for enumeration, info gathering, disabling countermeasures, keylogging and using Operating System against itself for much more. The talk will be full of live demonstrations.
-
-
8:47
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
8:47
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
8:47
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
7:01
»
Hack a Day
It happens to the best of designers, spending untold amounts of time designing a complex device just to find out that you missed a trace, or you couldn’t rout something to something else. As time marches on its becoming a bit less common to pop open a commercially produced device and see a little jumper [...]
-
-
11:00
»
Hack a Day
[Ch00f] spent some serious time figuring out how the Icebreaker POV toy works. This is a pretty cool device about the size of a toothbrush holder. It’s in a clear plastic case, which lets the row of 32 surface mount LEDs shine through. But making light isn’t their only function. You can use the device [...]
-
-
15:00
»
Sophos security news
Latest version of Sophos Mobile Control enriches Mobile Device Management with New Enterprise Application Store, reporting dashboard for Compliance Enforcement and easy-to-use Self Service Portal
-
-
16:59
»
Packet Storm Security Exploits
HP Device Access Manager for Protect Tools Information Store versions prior to 6.1.0.1 suffer from a heap memory corruption vulnerability.
-
-
9:36
»
Hack a Day
Want that 70″ LCD television in your living room to be an Android device? This little guy can make it happen. With an HDMI port on one end, and a USB plug on the other for power, just plug in FXI Technologies’ Cotton Candy dongle to create a 1080p Android television. The price isn’t set [...]
-
-
6:01
»
Hack a Day
The team over at NerdKits recently put together a device aimed to help make the process of measuring things more accessible to those with disabilities. [Terry Garrett] is a Mechanical Engineering student, and as anyone who is in the field knows, it’s a discipline which requires taking tons of measurements. Since [Terry] cannot see he [...]
-
-
20:19
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.
-
20:19
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.
-
20:19
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.
-
-
14:01
»
Hack a Day
Check out the new set-top box on the block, the NeTV from Chumby Industries. That link will take you to their video demonstration of the device, which is a humble-looking black box with no apparent user interface. You’ll see a few cool tricks that may impress you, like pairing the device with an Android phone [...]
-
-
17:16
»
Packet Storm Security Advisories
Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.
-
17:16
»
Packet Storm Security Recent Files
Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.
-
17:16
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Two denial of service (DoS) vulnerabilities exist in the Cisco Intercompany Media Engine. An unauthenticated attacker could exploit these vulnerabilities by sending crafted Service Advertisement Framework (SAF) packets to an affected device, which may cause the device to reload. Cisco has released free software updates that address these vulnerabilities. There are no available workarounds to mitigate these vulnerabilities.
-
-
8:48
»
Hack a Day
Like many of us, [Bertho] has had plenty if interaction with “Executive” types who seem to make decisions randomly, and most certainly not based upon any sort of reason. As he was picking through parts bins at his local hackerspace, he thought it would be fun to build an “Executive Decision Maker”. The device he [...]
-
-
9:01
»
Hack a Day
[Andrey Mikhalchuk] built his own magnetic levitation device and you can too… if you have the patience. He’s not using electromagnets, like the Arduino levitator or the floating globe. Instead, a pair of ceramic ring magnets and a few hours are all it takes. The base of his device is a couple of very large ring magnets [...]
-
-
18:33
»
Packet Storm Security Advisories
Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.
-
18:33
»
Packet Storm Security Recent Files
Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.
-
18:33
»
Packet Storm Security Misc. Files
Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.
-
-
8:00
»
Hack a Day
While not necessarily an easy thing to learn, the ability to reverse engineer embedded device firmware is an incredibly useful skill. Reverse engineering firmware allows you to analyze a device for bugs and vulnerabilities, as well as gives you the opportunity to add features if you happen to be so inclined. When it comes to [...]
-
-
14:01
»
Hack a Day
[ifixit] has apparently grown tired of tearing apart Apple’s latest gizmos, and their latest display of un-engineering has a decidedly more federal flair. You may have heard about Yasir Afifi’s discovery of a FBI-installed tracking device on his car back in October of last year. Apparently, the feds abandoned a similar device with activist Kathy [...]
-
-
10:01
»
Hack a Day
We’ve already added the components needed to build [Rucalgary's] tiny POV device to our next parts order. The little device sets a new standard for tiny persistence of vision boards. Instead of relying on the user to find the best speed and timing for swinging the board around, [Rucalgary] used an accelerometer. This is the [...]
-
-
11:00
»
Hack a Day
The BlinkM “Smart LED” is a great little device on its own accord. It allows for complete control of its RGB LED using a built-in microcontroller, enabling the user to do a wide array of things that normally require PWM to accomplish. At just over half an inch square, this little device might also be [...]
-
-
7:06
»
Hack a Day
[Sprite_TM] was cleaning up his hacking workbench when he came across an all-in-one device that had seen better days. After a bit of consideration he decided to tear down the scanner portion of the device and ended up turning it into a multi-touch display. The scanner relies on a long PCB with a line CCD sensor. This [...]
-
-
10:18
»
Hack a Day
[BadWolf] sent us a device called the “Bacon Beacon“, which is his 555 Design Contest entry. In short, it’s a life-saving device that emits an S.O.S. signal in Morse code over both the AM and FM bands. The device uses five 555 timers to get the job done, each of them dedicated to a specific [...]
-
-
10:00
»
Hack a Day
[Mirko] is working on a library that will allow you to add RF control to just about any device. The only requirement is that the device be capable of running a Linux kernel, and that it have a few GPIO pins available. One example is fairly straight forward, a Netgear router. Many, if not most [...]
-
-
9:17
»
Hack a Day
Occasionally when a device breaks, the defect is obvious. Whether it is a blown fuse or a defective capacitor, generally the easy to see stuff is easy to fix. When a problem is more subtle, or when doing some more advanced tasks like adding functionality to a device, greater knowledge about a circuit board is [...]
-
-
13:54
»
Hack a Day
[polymythic] Is helping the blind see with his haptic feedback device called HALO. At the heart of the device is an Arduino Mega 2560 which senses objects with a few ultrasonic range finders and then relays the information back to the user using some vibration motors from old cell phones. The user can feel the distance [...]
-
-
14:29
»
Wirevolution
For now, all White Spaces devices will use a geolocation database to avoid interfering with licensed spectrum users. The latest FCC Memorandum and Order on TV White Spaces says that it is still OK to have a device that uses spectrum sensing only (one that doesn’t consult a geolocation database for licensed spectrum users), but to get certified for sensing only, a device will have to satisfy the FCC’s Office of Engineering and Technology, then be approved by the Commissioners on a case-by-case basis.
So all the devices for the foreseeable future are going to use a geolocation database. But they will have spectrum-sensing capabilities too, in order to select the cleanest channel from the list of available channels provided by the database.
Fixed devices (access points) will normally have a wired Internet connection. Once a fixed device has figured out where it is, it can query the database over the Internet for a list of available channels. Then it can advertise itself on those channels.
Mobile devices (phones, laptops etc.) will normally have non-whitespace connections to the Internet too, for example Wi-Fi or cellular data. These devices can know where they are by GPS or some other location technology, and query the geolocation database over their non-whitespace connection. If a mobile device doesn’t have non-whitespace Internet connectivity, it can sit and wait until it senses a beacon from a fixed whitespace device, then query the geolocation database over the whitespace connection. There is a slight chance at this point that the mobile device is using a licensed frequency inside the licensee’s protected contour. This chance is mitigated because the contour includes a buffer zone, so a mobile device inside a protected contour should be beyond the range of any whitespace devices outside that contour. The interference will also be very brief, since when it gets the response from the database it will instantly switch to another channel.
Nine companies have proposed themselves as geolocation database providers. Here they are, linked to the proposals they filed with the FCC:
Here’s an example of what a protected contour looks like. Here’s an example database. Note that this database is not accurate yet.
Actually, a geolocation database is overkill for most cases. The bulk of the information is just a reformatting of data the FCC already publishes online; it’s only 37 megabytes compressed. It could be kept in the phone since it doesn’t change much; it is updated weekly.
The proposed database will be useful for those rare events where the number of wireless microphones needed is so large that it won’t fit into the spectrum reserved for microphones, though in this case spectrum sensing would probably suffice. In other words, the geolocation database is a heavyweight solution to a lightweight problem.
-
-
11:29
»
Hack a Day
[Julien] built an input device that uses reflected light detected by some photoresistors. Placing your hand above the device will reflect light from the LED back down onto the cadmium-sulfide sensors. The resistance of those sensors is read by four ADC pins on a Teensy microcontroller and translated to mouse movements. In the video after the [...]
-
-
9:19
»
Hack a Day
Want to try your hand at building a Linux package for an embedded device? [SnowBot] decided to give it a try and set out to build Ubuntu for a GumStix. The single-board computer will cost you about $150 to get started, plus a way to connect to the device’s serial port. But once you’ve got [...]
-
-
9:00
»
Hack a Day
That is a blurry image of a Barnes & Noble Nook eReader stuck in an infinite reboot loop. This is the result of trying to downgrade the firmware to 1.0 in preparation to soft-root the device. So after a few failures the device will recover itself, right? It doesn’t look that way. No problem, don’t you [...]
-
-
20:01
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software Release, 15.1(2)T is affected by a denial of service (DoS) vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these states could consume system resources and prevent an affected device from accepting or initiating new TCP connections, including any TCP-based remote management access to the device. No authentication is required to exploit this vulnerability. An attacker does not need to complete a three-way handshake to trigger this vulnerability; therefore, this this vulnerability can be exploited using spoofed packets. This vulnerability may be triggered by normal network traffic.
-
20:00
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software Release, 15.1(2)T is affected by a denial of service (DoS) vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these states could consume system resources and prevent an affected device from accepting or initiating new TCP connections, including any TCP-based remote management access to the device. No authentication is required to exploit this vulnerability. An attacker does not need to complete a three-way handshake to trigger this vulnerability; therefore, this this vulnerability can be exploited using spoofed packets. This vulnerability may be triggered by normal network traffic.
-
-
5:40
»
Hack a Day
If you’re working on a device that includes RF wireless, [Colin's] Guide to PCB Trace Antenna Design might clear some headaches when sending off for PCBs. While it is directed at devices transmitting at 2.4GHz, the techniques and recommended equipment (read: espresso smith charts and network analyzers) should work for almost any frequency. While trace [...]
-
-
17:37
»
remote-exploit & backtrack
Tryed to boot my bt 4 final dvd and this is the error i keep getting:
mp-bios 8254 timer not connected to IO-APIC
usb 2-2 device descriptor read/64, error -62
device not accpeting adress 4 hub
2-0:1.0: unable to enumerate usb device on port 2 buffer i/o error in device hub logical block
squashfs error: squashfs_read_data failed to read block
squashfs error unable to read id index table.
then sends me to a prompt. I tried the dvd on an older cimputer just to see if the dvd is working and it gave me a video error. So im pretty sure theres nothing wrong with the dvd. Any suggestions would be a huge help
-
-
10:42
»
Hack a Day
This is a concept input device that [Tech B] built for disabled users. The device uses an accelerometer along with a piezo sensor (right click) and a push button (left click) to function as a mouse. The Arduino that resides in a breadboard on the side of the hat communicates with the computer over a [...]
-
-
19:03
»
Packet Storm Security Tools
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 64bit binary release.
-
19:03
»
Packet Storm Security Tools
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 32bit binary release.
-
19:03
»
Packet Storm Security Tools
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Mac OSX source release.
-
19:03
»
Packet Storm Security Recent Files
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 64bit binary release.
-
19:03
»
Packet Storm Security Recent Files
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Linux 32bit binary release.
-
19:02
»
Packet Storm Security Recent Files
Harald Scan is a Bluetooth discovery scanner. It determines Major and Minor device classes according to the Bluetooth SIG specification and attempts to resolve a device's MAC address to the largest known vendor/MAC address list. Written in Python. This is the Mac OSX source release.
-
-
23:02
»
Packet Storm Security Recent Files
Unauthenticated access and modification of several device parameters, including Wi-Fi SSID, keys and passphrases is possible on the D-Link DAP-1160. Unauthenticated remote reboot of the device can be also performed.
-
23:01
»
Packet Storm Security Exploits
Unauthenticated access and modification of several device parameters, including Wi-Fi SSID, keys and passphrases is possible on the D-Link DAP-1160. Unauthenticated remote reboot of the device can be also performed.
-
-
23:00
»
Packet Storm Security Tools
Umap (UPNP Map) attempts to scan open TCP ports on the hosts behind a UPNP enabled Internet Gateway Device(IGD) NAT. It sends SOAP requests to map ports and then attempts to connect to the mapped ports discovering hosts and services behind the device's NAT.
-
-
9:30
»
Hack a Day
[Paul Klemstine] is working on some PC-side software hacks for the IM-ME. We’ve seen a lot of hardware hacks for this device, such as controlling the display, firmware flashing, and using it as a spectrum analyzer, but if you don’t want to alter the device right away you can try [Paul's] collection of hacks. Working [...]
-
-
6:10
»
Hack a Day
This one could be a game changer. [Chris Harrison] and a team of researchers are showing off a method of using your arm as an input device. An arm band worn by the user picks up acoustic signatures created by tapping on your arm with the other hand, or taping your fingers and thumb together [...]
-
-
11:51
»
Packet Storm Security Recent Files
Cisco Security Advisory - Devices running Cisco IOS Software and configured for Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) operation are affected by two denial of service vulnerabilities that may result in a device reload if successfully exploited. The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages.
-
11:51
»
Packet Storm Security Recent Files
Cisco Security Advisory - The H.323 implementation in Cisco IOS Software contains two vulnerabilities that may be exploited remotely to cause a denial of service (DoS) condition on a device that is running a vulnerable version of Cisco IOS Software. Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device if H.323 is not required.
-
11:51
»
Packet Storm Security Recent Files
Cisco Security Advisory - A device running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software is vulnerable to a remote denial of service (DoS) condition if it is configured for Multiprotocol Label Switching (MPLS) and has support for Label Distribution Protocol (LDP). A crafted LDP UDP packet can cause an affected device running Cisco IOS Software or Cisco IOS XE Software to reload. On devices running affected versions of Cisco IOS XR Software, such packets can cause the device to restart the mpls_ldp process. A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP). Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
11:51
»
Packet Storm Security Advisories
Cisco Security Advisory - Devices running Cisco IOS Software and configured for Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) operation are affected by two denial of service vulnerabilities that may result in a device reload if successfully exploited. The vulnerabilities are triggered when the Cisco IOS device processes specific, malformed Skinny Call Control Protocol (SCCP) messages.
-
11:51
»
Packet Storm Security Advisories
Cisco Security Advisory - The H.323 implementation in Cisco IOS Software contains two vulnerabilities that may be exploited remotely to cause a denial of service (DoS) condition on a device that is running a vulnerable version of Cisco IOS Software. Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device if H.323 is not required.
-
11:51
»
Packet Storm Security Advisories
Cisco Security Advisory - A device running Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software is vulnerable to a remote denial of service (DoS) condition if it is configured for Multiprotocol Label Switching (MPLS) and has support for Label Distribution Protocol (LDP). A crafted LDP UDP packet can cause an affected device running Cisco IOS Software or Cisco IOS XE Software to reload. On devices running affected versions of Cisco IOS XR Software, such packets can cause the device to restart the mpls_ldp process. A system is vulnerable if configured with either LDP or Tag Distribution Protocol (TDP). Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
-
-
13:00
»
Hack a Day
[Travis Goodspeed] wrote a guide to firmware flashing for the IM-ME. He’s using a GoodFET open-source JTAG adapter that he designed to do the programming. This is really taking [Dave's] work on the device and running with it. The end goal being to develop an operating system for the device. If you haven’t read the [...]
-
-
19:00
»
Packet Storm Security Recent Files
SUPERAntiSpyware and Super Ad Blocker have almost identical device drivers in order to set up hooks and perform other duties from kernel space. These device drivers suffer from lack of validation of parameters passed from user mode. Additionally, some of the functions accessible from user mode are inherently insecure and lead to easy privilege escalation. All vulnerabilities are applicable to both applications. Proof of concept code included with full advisory.
-
19:00
»
Packet Storm Security Exploits
SUPERAntiSpyware and Super Ad Blocker have almost identical device drivers in order to set up hooks and perform other duties from kernel space. These device drivers suffer from lack of validation of parameters passed from user mode. Additionally, some of the functions accessible from user mode are inherently insecure and lead to easy privilege escalation. All vulnerabilities are applicable to both applications. Proof of concept code included with full advisory.
-
-
12:07
»
Hack a Day
This device is lovingly called the SPINmaster. [Linux-works] built it to spin up multiple hard drives before the motherboard starts up. It detects the power-up from the PSU and uses a relay to hold the motherboard in reset, indicated by the red LED. Each of four relays then spins up a hard drive and illuminates [...]
-
-
13:33
»
remote-exploit & backtrack
Hello
Im looking for a device with same compability and power like ALFA AWUS036H, but with 802.11n support.
I checked some forum entries, but there are so many different sayings about devices, that Im confused more and more...
I hope somone of you can give me an undisputed answer.
-
11:14
»
remote-exploit & backtrack
Ciao ragazzi,
ho un problema. Ho appena installato BT4 final e mi riconosce tranquillamente la scheda eth del mio del Dell Inspiron 1545. Invece la wifi mi da problemi.
Ho sbagliato a scrivere nel titolo. No device volevo intendere
Con lspci me la trova e ho anche i driver b43-fwcutter installati.
Non so perché quando vado a fare "/etc/init.d/networking start" non mi riesce a far partire wlan0 e mi riporta questo:
SIOCSIFADDR: No such device
wlan0: ERROR while getting interface flags: No such device
wlan0: ERROR while getting interface flags: No such device
Bind socket to interface: No such device
Failed to bring up wlan0.
done.
Non so che fare.
Qualsiasi cosa può servire chiedete
Grazie in anticipo per l'aiuto
Aggiungo che ho cercato anche di installare gli ultimi driver dal sito linuxwireless.org/en/users/Drivers/b43 ma niente. Ho fatto fare anche gli aggiornamenti ma hanno solamente fatto aggiornare il postgre server non facendogli installare correttamente i pacchetti (non so perché).
-
-
8:00
»
Hack a Day
[Rossum] is at it again. This time, he has created a super tiny media device to get us drooling. You might recall him from the 8-bit device we showed you before. The Nanotouch is roughly the dimensions of a 96×64 OLED screen(slightly larger than a quarter), with about 1/3 to 1/2 of an inch of [...]
-
-
13:50
»
remote-exploit & backtrack
Hello, im having troubles with my wlan device. I am using a Dell Wireless 1397 802.11b/g Half Mini Card.
Ok so my drivers are not linux compatible, so i read that i have to install ndiswrapper. Ok so i downloaded the drivers from the dell site,extracted them and transferred the files to my laptop.
Then i used ndiswrapper to install them with a tutorial on youtube on how to do it. Still it doesn't manage to detect my device :(.
ndiswrapper -l shows that my device driver(14e4:4315) is present.
How can i make it detect my wlan device?
btw im a total noob on this. I've never used linux :/
-
-
11:24
»
remote-exploit & backtrack
Hello, today i have searched to launch BackTrack 4 Final on my computer and it give me this error during the launch...
Buffer I/O error on device hdd, logical block etc...
ATAPI device hdd:
Unrecovered read error
and other errors...
what is it ?
