«
Expand/Collapse
108 items tagged "use"
Related tags:
webkit [+],
chaos communication congress [+],
android [+],
BackTrack [+],
safer use [+],
microsoft [+],
arduino [+],
ziparchive [+],
security [+],
privacy event [+],
php [+],
memory corruption [+],
internet [+],
glob [+],
x sandbox [+],
tiff parsing [+],
tiff [+],
spring [+],
sp3 [+],
sandbox [+],
proof of concept [+],
predefined profiles [+],
predefined [+],
policy [+],
photoshop [+],
opposition mp [+],
login request [+],
location url [+],
irai [+],
health care education [+],
government [+],
free microsoft excel [+],
free adobe photoshop [+],
exploit [+],
excel [+],
code execution [+],
automgen [+],
audio [+],
apple os x [+],
apple os [+],
apple events [+],
adobe photoshop version [+],
adobe [+],
acceptable use [+],
General [+],
xel [+],
whitepaper [+],
virus scanners [+],
video [+],
unix [+],
united states [+],
unfair [+],
tool [+],
terrorism event [+],
terrorism [+],
temporary files [+],
speculations [+],
solaris [+],
retention [+],
read [+],
programmer [+],
port [+],
police [+],
piracy [+],
parallel port [+],
new chip [+],
mouse [+],
misc [+],
microsoft corp [+],
microcontrollers [+],
messaging [+],
marco gercke [+],
mandy [+],
legislative approaches [+],
internet traffic data [+],
instant [+],
information [+],
hungarian [+],
home [+],
hacking [+],
hacker [+],
geolocation [+],
game [+],
free memory [+],
free [+],
flash rom [+],
firewall gateway [+],
firewall [+],
europe [+],
eu member states [+],
directive [+],
digital [+],
denmark [+],
controller [+],
code [+],
clock [+],
chaos communication camp [+],
arbitrary code [+],
aircrack [+],
Wireless [+],
hacks [+],
zero day [+],
yahoo answers [+],
xfs [+],
x cve [+],
wtf [+],
wristwatch [+],
wireless weather stations [+],
wireless weather station [+],
wireless headphones [+],
wire loop [+],
wire [+],
windows xp [+],
windows [+],
wikileaks [+],
while [+],
wep [+],
websites [+],
weather [+],
wbem [+],
water usage [+],
water [+],
vulnerabilities [+],
voltage [+],
voice security [+],
virus [+],
vinod [+],
verizon customers [+],
use of internet [+],
tv remote control [+],
trojan [+],
transportation [+],
time [+],
thumb [+],
thieves [+],
the rise [+],
tft panel [+],
testing [+],
terrorists [+],
tank ard [+],
system [+],
syria [+],
susan [+],
subject lines [+],
strident [+],
street fighter [+],
static analysis [+],
ssl [+],
ssid [+],
something [+],
smudge [+],
smart phone [+],
siri security [+],
simple [+],
shocking [+],
settles [+],
security toolkit [+],
security policies [+],
security hole [+],
security community [+],
sebastian [+],
scanning [+],
robust [+],
rob miles [+],
reset pin [+],
rendering software [+],
remote [+],
reduced cost [+],
real time clock [+],
ransomware [+],
property management system [+],
property [+],
propane tank [+],
propane [+],
projector [+],
project [+],
proftpd [+],
probes [+],
preferred method [+],
precision [+],
pre [+],
powerpoint [+],
playing games [+],
pipe [+],
pin microcontroller [+],
php 5 [+],
phone [+],
phishers [+],
personal laptops [+],
peripherals [+],
penetration [+],
pcs [+],
paul [+],
patrick becker [+],
patrice [+],
pain in the ass [+],
package [+],
open source version [+],
old laptop [+],
nokia products [+],
nokia n82 [+],
nokia [+],
nixie tube [+],
nfslogd [+],
neat idea [+],
natural progression [+],
musical [+],
multitouch [+],
mouse work [+],
mon [+],
mobile hotspot [+],
misuse [+],
mike shegedin [+],
mike schiffman [+],
microsoft powerpoint [+],
microcontroller platform [+],
microcontroller [+],
merkz [+],
maze game [+],
malaysia [+],
magnetic switch [+],
magnet [+],
macchanger [+],
mac trojan [+],
mac os x [+],
mac address [+],
mac [+],
lucid dreaming [+],
lucid [+],
love [+],
lithium cells [+],
lithium [+],
linguists [+],
lifehacks [+],
let [+],
legal challenge [+],
leds [+],
lead acid battery [+],
lazy susan [+],
laptops [+],
laptop [+],
la crosse wireless weather station [+],
kristof [+],
kinect [+],
kernal [+],
karl [+],
junk box [+],
jan [+],
james dalby [+],
ips [+],
ipod charger [+],
ipod [+],
iphone [+],
internet explorer [+],
instructable [+],
information systems management [+],
information disclosure [+],
ice [+],
hybrid car [+],
html element [+],
html [+],
how [+],
hotspot [+],
home electronics [+],
hole [+],
high [+],
headsets [+],
headphones [+],
hadouken [+],
hackers [+],
hack in the box [+],
green [+],
garage door openers [+],
garage [+],
functional devices [+],
frequency measurement [+],
fred [+],
for [+],
firefox [+],
ff ff ff [+],
fellow travelers [+],
feedback system [+],
feedback changes [+],
feedback [+],
feature [+],
eye movement [+],
exploits [+],
engineering [+],
encryption [+],
emulator [+],
element [+],
eeg [+],
easy [+],
ear buds [+],
eagle cad [+],
eagle [+],
dutch police [+],
dutch [+],
droid [+],
don [+],
display [+],
disclosure [+],
digitize [+],
digital camera manufacturers [+],
desktop [+],
definite need [+],
default [+],
deface [+],
david pollino [+],
david pankhurst [+],
darknet [+],
d cad [+],
culmination [+],
crypto [+],
control signals [+],
control scheme [+],
control [+],
construction glass [+],
conductive wire [+],
conductive containers [+],
computing [+],
complex project [+],
commandos [+],
coils [+],
cloud [+],
classic [+],
chopchop [+],
chip architecture [+],
chemistry [+],
charging system [+],
charger [+],
cellphones [+],
cellphone manufacturers [+],
cameras [+],
bypass [+],
business [+],
bugtraq [+],
bssid [+],
braille computer [+],
boot [+],
bionic [+],
betta splendens [+],
belgium [+],
battlestation [+],
battery pack [+],
bagpipes [+],
bag [+],
authentication request [+],
audrey braille [+],
attributechildremoved [+],
attiny [+],
attack [+],
atmega8 [+],
application [+],
apple webkit [+],
apple quicktime [+],
apple mac os x [+],
apple mac os [+],
andy [+],
andrew [+],
and [+],
analysis [+],
after [+],
advertiser [+],
adobe flash [+],
administrative interface [+],
accelerometers [+],
accelerometer [+],
ac outlet [+],
Support [+],
Software [+],
Requests [+],
Newbie [+],
Discussion [+],
Area [+],
Angolo [+],
3d mouse [+],
3d mapping [+],
vulnerability [+]
-
-
11:01
»
Hack a Day
When we’re trying to get a relatively complex project to work we often end up with twenty windows open. When this happens we’re usually referencing multiple data sheets, webpages, and trying to write code that the same time. We’ve seen people with two or three monitors to alleviate the situation (often called a battlestation), but [...]
-
-
16:00
»
SecuriTeam
Apple QuickTime is prone to a remote code-execution vulnerability.
-
-
21:45
»
SecDocs
-
-
15:31
»
SecDocs
Tags:
privacy Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The talk describes some of the current practices of Instant Messaging providers, and go over what makes some of the design choices better or worse, describing possible and known attacks against messaging protocols and suggest possible solutions to those problems. If possible a live demonstration of exploitation of AOLs Instant Messenger will be shown though a simple attack on DNS. Instant messaging has become one of the most common methods of communication in the Internet age, just about every person who has an Internet connection has one or more instant messaging accounts with one or more of the big providers (AOL, MSN, Yahoo, etc.). The problem with current messaging providers is that each and every instant messaging protocol designed so far has made security and privacy an after-thought. With simple blunders like non-cryptographicly mangled passwords, clear text conversations, the use of format strings in server-client communications. And in some cases, just plain dumb protocol implementations. Another topic I will attempt to cover is the suppression of securing technologies by the American (and other) governments by law, for example the US's use of the ITAR to suppress the use and distribution of such simple technologies as virus scanners, SSL and how even the act of assisting someone in implementing these can land a person in jail.. my intent is to color the talk with personal stories, news articles, and textual examples from the laws themselves.
-
15:31
»
SecDocs
Tags:
privacy Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The talk describes some of the current practices of Instant Messaging providers, and go over what makes some of the design choices better or worse, describing possible and known attacks against messaging protocols and suggest possible solutions to those problems. If possible a live demonstration of exploitation of AOLs Instant Messenger will be shown though a simple attack on DNS. Instant messaging has become one of the most common methods of communication in the Internet age, just about every person who has an Internet connection has one or more instant messaging accounts with one or more of the big providers (AOL, MSN, Yahoo, etc.). The problem with current messaging providers is that each and every instant messaging protocol designed so far has made security and privacy an after-thought. With simple blunders like non-cryptographicly mangled passwords, clear text conversations, the use of format strings in server-client communications. And in some cases, just plain dumb protocol implementations. Another topic I will attempt to cover is the suppression of securing technologies by the American (and other) governments by law, for example the US's use of the ITAR to suppress the use and distribution of such simple technologies as virus scanners, SSL and how even the act of assisting someone in implementing these can land a person in jail.. my intent is to color the talk with personal stories, news articles, and textual examples from the laws themselves.
-
-
6:58
»
SecDocs
Authors:
Marco Gercke Tags:
terrorism Event:
Chaos Communication Camp 2007 Abstract: A number of legislative approaches that are regulating the use of the internet have two things in common: The cut back civil liberties and justify this with the fight against terrorism. But is it sufficient to justify such intensive measures with vague topics? The presentations highlights those areas where terrorists make use of the internet, analysis the potential of some of the measures that are currently on the wish list of law makers worldwide and compares both aspects.
-
6:52
»
SecDocs
Authors:
Marco Gercke Tags:
terrorism Event:
Chaos Communication Camp 2007 Abstract: A number of legislative approaches that are regulating the use of the internet have two things in common: The cut back civil liberties and justify this with the fight against terrorism. But is it sufficient to justify such intensive measures with vague topics? The presentations highlights those areas where terrorists make use of the internet, analysis the potential of some of the measures that are currently on the wish list of law makers worldwide and compares both aspects.
-
-
8:30
»
Hack a Day
[Andy] has been hard at work reverse-engineering the Nokia N82 2.4 inch cell phone display for use with an Arduino. As pointed out in the article, this same 2.4 inch display can be found in at least seven other Nokia products, so they are readily available. The panels can be found for as low as [...]
-
-
21:56
»
SecDocs
Tags:
data retention Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The EU adopted a directive on the retention of data regarding the communications, movements and use of media of all 365 mio. EU citizens. The struggle is now continuing on the national levels, and privacy groups are preparing legal, political and technical challenges to this surveillance scheme. A year ago, the European ministers of justice and home affairs struck a deal with the European parliament and the commission according to which personal data regarding the communications, movements and use of media of all 365 mio. EU citizens is to be collected and stored for up to two years. While the EU directive 2006/24 EG on data retention has entered into force in May 2006, the struggle is continuing. The panel of three key anti-data retention activists will present to you the latest political and legal developments in this field in Europe and overseas. Two antagonistic trends can be observed: On the one hand, some member states such as Denmark have started the implementation process, as expected with a broader scope of data to be stored than is required by the directive. The United States are also moving towards data retention, and hardware vendors are preparing to sell the necessary surveillance equipment to telcos and ISPs. On the other hand, the opposition against this step towards a police state is growing. A number of EU member states have announced that they will postpone the retention of internet traffic data. The Irish government is challenging the entire directive before the European Court of Justice. Privacy groups are preparing legal, political and technical challenges. The panel of three key anti-data retention activists will present to you the latest political and legal developments in this field in Europe and overseas.
-
21:56
»
SecDocs
Tags:
data retention Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The EU adopted a directive on the retention of data regarding the communications, movements and use of media of all 365 mio. EU citizens. The struggle is now continuing on the national levels, and privacy groups are preparing legal, political and technical challenges to this surveillance scheme. A year ago, the European ministers of justice and home affairs struck a deal with the European parliament and the commission according to which personal data regarding the communications, movements and use of media of all 365 mio. EU citizens is to be collected and stored for up to two years. While the EU directive 2006/24 EG on data retention has entered into force in May 2006, the struggle is continuing. The panel of three key anti-data retention activists will present to you the latest political and legal developments in this field in Europe and overseas. Two antagonistic trends can be observed: On the one hand, some member states such as Denmark have started the implementation process, as expected with a broader scope of data to be stored than is required by the directive. The United States are also moving towards data retention, and hardware vendors are preparing to sell the necessary surveillance equipment to telcos and ISPs. On the other hand, the opposition against this step towards a police state is growing. A number of EU member states have announced that they will postpone the retention of internet traffic data. The Irish government is challenging the entire directive before the European Court of Justice. Privacy groups are preparing legal, political and technical challenges. The panel of three key anti-data retention activists will present to you the latest political and legal developments in this field in Europe and overseas.
-
-
13:49
»
SecDocs
Authors:
Arjen Kamphuis Tags:
hacking Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: On January 1st, 2002 I tried to use the website of the Dutch national railway (www.ns.nl) using Linux. The site refused me access, it was IE-only. This sparked a conversation with members of parliament about the need for open standards. Over a five year period I progressed from talking to opposition-MP's to meeting the economics minister directly and was able to significantly influence national policy despite total lack of funding or any specific mandate. On December 12th we achieved a stunning victory, the Dutch public sector will move to standardize on Open Documents Format and use opensource where comparable functionality is available in all new procurements as of 2008. Use of ODF as a public sector document standard will be mandatory in 2009. My talk will tell the tale of why we did it but mostly how we did it and how others can do it too in other countries around the world. How to get access to the power-that-be, how to get non-technical people interested in the subject. How to align your policy proposals with existing policies. While I'll do a short lead-in with some of the political reasons for wanting open standards and opensource in government IT I'll focus mainly on how to get results. From having no policy at all in 2002 the Dutch government has recently decided to mandate the use of open standards for all government institutions, health care, education, libraries and any other tax-funded organizations. Opensource software will receive preferential treatment.
-
13:46
»
SecDocs
Authors:
Arjen Kamphuis Tags:
hacking Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: On January 1st, 2002 I tried to use the website of the Dutch national railway (www.ns.nl) using Linux. The site refused me access, it was IE-only. This sparked a conversation with members of parliament about the need for open standards. Over a five year period I progressed from talking to opposition-MP's to meeting the economics minister directly and was able to significantly influence national policy despite total lack of funding or any specific mandate. On December 12th we achieved a stunning victory, the Dutch public sector will move to standardize on Open Documents Format and use opensource where comparable functionality is available in all new procurements as of 2008. Use of ODF as a public sector document standard will be mandatory in 2009. My talk will tell the tale of why we did it but mostly how we did it and how others can do it too in other countries around the world. How to get access to the power-that-be, how to get non-technical people interested in the subject. How to align your policy proposals with existing policies. While I'll do a short lead-in with some of the political reasons for wanting open standards and opensource in government IT I'll focus mainly on how to get results. From having no policy at all in 2002 the Dutch government has recently decided to mandate the use of open standards for all government institutions, health care, education, libraries and any other tax-funded organizations. Opensource software will receive preferential treatment.
-
13:45
»
SecDocs
Authors:
Arjen Kamphuis Tags:
hacking Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: On January 1st, 2002 I tried to use the website of the Dutch national railway (www.ns.nl) using Linux. The site refused me access, it was IE-only. This sparked a conversation with members of parliament about the need for open standards. Over a five year period I progressed from talking to opposition-MP's to meeting the economics minister directly and was able to significantly influence national policy despite total lack of funding or any specific mandate. On December 12th we achieved a stunning victory, the Dutch public sector will move to standardize on Open Documents Format and use opensource where comparable functionality is available in all new procurements as of 2008. Use of ODF as a public sector document standard will be mandatory in 2009. My talk will tell the tale of why we did it but mostly how we did it and how others can do it too in other countries around the world. How to get access to the power-that-be, how to get non-technical people interested in the subject. How to align your policy proposals with existing policies. While I'll do a short lead-in with some of the political reasons for wanting open standards and opensource in government IT I'll focus mainly on how to get results. From having no policy at all in 2002 the Dutch government has recently decided to mandate the use of open standards for all government institutions, health care, education, libraries and any other tax-funded organizations. Opensource software will receive preferential treatment.
-
-
7:01
»
Hack a Day
[Vinod's] latest project lets him use a TV remote control as a mouse. It may not sound like much, but he did it with a minimum of hardware and packed in the maximum when it comes to features. He’s using an ATmega8 to read the remote control signals and provide USB connectivity. With the V-USB [...]
-
-
6:01
»
Hack a Day
[Pulko Mandy] doesn’t use his flash ROM programmer very often, but he does use it. When he tried to get support for a new chip and the manufacturer suggested he just buy a newer version he decided to hack the programmer and it’s software instead. This device connects to the parallel port and was intended [...]
-
6:01
»
Hack a Day
[Pulko Mandy] doesn’t use his flash ROM programmer very often, but he does use it. When he tried to get support for a new chip and the manufacturer suggested he just buy a newer version he decided to hack the programmer and it’s software instead. This device connects to the parallel port and was intended [...]
-
-
15:01
»
Hack a Day
[Mikey] got a real deal on some A123 Pouch Cells. These are large Lithium cells that tolerate 100A discharge and 50A recharge currents, with 20 AH of life off of one charge. He’s been doing a bunch of testing to find out if the cells can go into an expandable battery pack and be made [...]
-
-
4:01
»
Hack a Day
[Buddhra] wanted to use a set of ear buds that also had a controller built into the wire. The headset he chose to go with is meant for use with iPod, but he figured it should be possible to make it work with Android too. He was right, and managed to alter the controller for [...]
-
-
10:02
»
Hack a Day
Despite the obvious use of a lot of wire, this project is actually a wireless charging system. [Jared] built it as a way to explore the concepts behind transferring power inductively. Alternating current on one of the white coils induces current on the other. This is then rectified, and regulated for use as a 5V charger. In this [...]
-
-
11:01
»
Hack a Day
This turntable can automatically digitize objects for use in 3D rendering software like Blender3D. [James Dalby] built it using a high-quality DSLR, and some bits and pieces out of his junk box. The turntable itself is a Lazy Susan turned on its head. The base for the spinning model is normally what sits on the [...]
-
-
16:05
»
Hack a Day
Looks like ice-cube trays are once again proving their versatility as this one is serving as the vessel for a home made lead-acid battery. With a collection of uniformly sized non-conductive containers, it makes the perfect base for a set of small cells. This project is the culmination of a Hackerspace class about batteries, and [...]
-
-
6:01
»
Hack a Day
A lot of people might turn their noses up at an electronic version of bagpipes. But we see a definite need for them. After all, it’s pretty hard to take your bagpipes on a road trip, but this eChanter will have no trouble entertaining your fellow travelers. The musical instrument is Arduino-based and the builder can [...]
-
-
11:36
»
Hack a Day
[Karl] needed a programmable real-time clock for one of his projects. He considered adding an RTC chip, LCD screen, and some buttons for use with a microcontroller. That’s not necessarily hard, but it takes time and can be considered a project in itself. Instead, he headed to the hardware store to look for a cheap [...]
-
10:37
»
Hack a Day
We really like this take on a conductive wire maze game. It’s the result of a 48-hour hackathon in Belgium which required that all projects stemming from the event use an Arduino. We think [Jan] and [Kristof] made perfect use of the prototyping device in the time allotted. The event organizers thought so too because [...]
-
-
15:29
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:00
»
Hack a Day
Apparently a Braille computer display can cost several thousand dollars. That’s why [David Pankhurst] is working on a low-cost alternative. His offering is an open source version he calls the Audrey Braille Display. The concept is quite good. This prototype has one line of six Braille characters. Each character is made of two sliding strips [...]
-
-
19:11
»
Packet Storm Security Exploits
Core Security Technologies Advisory - Apple OS X suffered from a sandbox predefined profiles bypass vulnerability. Several of the default pre-defined sandbox profiles do not properly limit all the available mechanisms and therefore allow exercising part of the restricted functionality. Namely, sending Apple events is possible within the no-network sandbox (kSBXProfileNoNetwork). A compromised application hypothetically restricted by the use of the no-network profile may have access to network resources through the use of Apple events to invoke the execution of other applications not directly restricted by the sandbox.
-
19:11
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - Apple OS X suffered from a sandbox predefined profiles bypass vulnerability. Several of the default pre-defined sandbox profiles do not properly limit all the available mechanisms and therefore allow exercising part of the restricted functionality. Namely, sending Apple events is possible within the no-network sandbox (kSBXProfileNoNetwork). A compromised application hypothetically restricted by the use of the no-network profile may have access to network resources through the use of Apple events to invoke the execution of other applications not directly restricted by the sandbox.
-
19:11
»
Packet Storm Security Misc. Files
Core Security Technologies Advisory - Apple OS X suffered from a sandbox predefined profiles bypass vulnerability. Several of the default pre-defined sandbox profiles do not properly limit all the available mechanisms and therefore allow exercising part of the restricted functionality. Namely, sending Apple events is possible within the no-network sandbox (kSBXProfileNoNetwork). A compromised application hypothetically restricted by the use of the no-network profile may have access to network resources through the use of Apple events to invoke the execution of other applications not directly restricted by the sandbox.
-
-
8:03
»
Hack a Day
[Mike Shegedin] makes full use of an 8-pin microcontroller with this ATtiny13-based dice project. With a maximum of six I/O pins (that includes using the reset pin as I/O) he needed a couple of tricks in order to drive 14 LEDs and use a momentary push button for user input. We’re certainly familiar with the [...]
-
-
10:04
»
Hack a Day
Apparently Verizon customers are expected to pay for a second data plan if they want to be allowed to use a cellphone as a mobile hotspot. This means one data plan for the phone, and a second for the tethering. [DroidBionicRoot] thinks this is a little silly since there is already a data cap on [...]
-
-
7:41
»
Packet Storm Security Exploits
Spring Security allows the use of a parameter (named "spring-security-redirect" by default) to determine the location URL to which a user will be redirected after logging in. This will normally be submitted as part of the login request, so is deemed to be an acceptable use of remote supplied data. However, the functionality is in a base class which is also shared by logout code, so a logout URL could be maliciously constructed to contain a version of this parameter which contained CRLF characters in order to inject additional headers or split the response. Versions 2.0.0 to 2.0.6 and 3.0.0 to 3.0.5 are affected.
-
7:41
»
Packet Storm Security Recent Files
Spring Security allows the use of a parameter (named "spring-security-redirect" by default) to determine the location URL to which a user will be redirected after logging in. This will normally be submitted as part of the login request, so is deemed to be an acceptable use of remote supplied data. However, the functionality is in a base class which is also shared by logout code, so a logout URL could be maliciously constructed to contain a version of this parameter which contained CRLF characters in order to inject additional headers or split the response. Versions 2.0.0 to 2.0.6 and 3.0.0 to 3.0.5 are affected.
-
7:41
»
Packet Storm Security Misc. Files
Spring Security allows the use of a parameter (named "spring-security-redirect" by default) to determine the location URL to which a user will be redirected after logging in. This will normally be submitted as part of the login request, so is deemed to be an acceptable use of remote supplied data. However, the functionality is in a base class which is also shared by logout code, so a logout URL could be maliciously constructed to contain a version of this parameter which contained CRLF characters in order to inject additional headers or split the response. Versions 2.0.0 to 2.0.6 and 3.0.0 to 3.0.5 are affected.
-
6:00
»
Hack a Day
After seeing many projects that use microcontrollers to switch mains voltages [Rob Miles] decided to share his preferred method. The shots you see above are an enclosed relay, part number RIBTU1C manufactured by Functional Devices Inc. This in itself is not the full control scheme that he uses, but it takes care of the bulk [...]
-
-
9:22
»
Hack a Day
If you’ve ever wondered about the use of or theory behind or the use of accelerometers, this tutorial by Love Electronics is a very good resource. In this article, Love takes one through how to hook up an ADXL345 accelerometer and use it with a Netduino processor. Before the subject of hooking everything up is [...]
-
-
8:07
»
Hack a Day
Instructables user [tcollinsworth] is a big fan of his Android smart phone. He practically carries it with him everywhere, so he figured it would be cool to integrate as many of his home electronics with the phone as possible. His garage door openers seemed like easy enough targets, and while he was in the garage, [...]
-
-
13:58
»
Hack a Day
[Fred] got a La Crosse wireless weather station as a gift and thought the LCD display was great, but he was dismayed that there was no means of extracting the temperature data for use on a computer. He thought that the modular design of the system would make it great for use in his home [...]
-
-
6:07
»
Hack a Day
[Paul] has been working on porting over Arduino libraries for use with the Teensy microcontroller platform. This tends to be pretty simple since they both use the same Atmel chip architecture. But once in a while he finds the Arduino libraries are not what they’re cracked up to be. When looking to port over a [...]
-
-
0:00
»
Sophos security news
Sophos survey highlights worrying lack of security policies regarding use of personal laptops and mobiles for business purposes.
-
-
7:57
»
Hack a Day
Here’s something we haven’t run across before. We’re familiar with proprietary battery shapes (we’re looking at you, digital camera manufacturers), or custom recharge connections (look of death directed toward cellphone manufacturers), but using electrical tricks to force AAA brand loyalty is a new one. It seems that’s exactly what is happening with [OiD's] wireless headphones [...]
-
-
9:01
»
Hack a Day
[hpstoutharrow's] new instructable is a neat idea on how to re-use those single use small propane bottles by turning it into an insulated canteen. Once the bottles are emptied through normal use, the safety valve is popped loose and allowed to vent. There are also comments on the article that suggest that the bottle be [...]
-
-
13:40
»
Hack a Day
[Don't stop the clock] is doing some work with a projector, a camera, and the Kinect. What he’s accomplished is quite impressive, combining the three to manipulate light with your body. The image above is a safer rendition of the Hadouken from the Street Fighter video games, throwing light across the room instead of fire. [...]
-
-
20:29
»
SecuriTeam
Many routers that provide an HTTPS administrative interface use default or hard-coded SSL keys that can be recovered by extracting the file system from the device's firmware.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:00
»
Hack a Day
How much water do you use when showering, or washing your hands, or washing the dishes? Not how much does the average person use, but how much to you use? That’s what the team over at Teague Labs set out to find with this water usage feedback system. The sensor used is a Koolance flow meter [...]
-
-
9:00
»
Hack a Day
[Sebastian] made a 3D mouse work with Eagle CAD. He was inspired after using a 3DConnexion device to manipulate the views in a copy of Solid Edge 3D CAD modeling software. The system uses the 3D mouse in one hand with the regular mouse in the other. It turns out that 3DConnecxion offers a lot of tools [...]
-
-
12:00
»
Hack a Day
This bulky package is a Nixie tube wristwatch. We still like [Woz's] watch better but this one has a few nice tricks of its own. Notably, there aren’t any buttons to set the time. Instead, a large magnet is used to actuate a magnetic switch inside the body. Speaking of enclosures, the case is aluminum and [...]
-
-
14:18
»
remote-exploit & backtrack
Sorry its been a while since i been here as well as use BT4-pre Final.
My question is that or may i say my concern is, i have alot of things customized and stored on my vmware with bt4-pre final installed. And since i haven't used it for a while i forgot how to use a few things....
But if i open it up as of right now, those things would comeback to memory.
Q: if i were to upgrade to backtrack 4 final, can i or will i still be able to keep everything on bt4 pre final intact ?
-such as notes, personal .sh scripts, settings, etc...
cause i dont want to upgrade and forget how to do this, that, and the third. I remember updating the kernal on bt4-pre and that was a pain in the ass, but i got through.
-
-
18:15
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the WebKit library handles recursively defined Use elements. Upon expanding the target of the use element within the tree, the application will create a dual-reference of a Use element. Upon page deconstruction the application will destroy the single reference and then attempt to destroy the second one that is currently occupying the recently freed memory. Successful exploitation can lead to code execution under the context of the application.
-
12:28
»
SecuriTeam
Remote exploitation of a use after free vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
8:00
»
Hack a Day
[Patrice] hacked all of his classic controllers for use when playing games on an emulator. He made the base station starting with a USB gaming controller. From there he soldered wires connecting the PCB pads for all of the buttons to the pins of a d-sub connector. The same is done on the classic controller, [...]
-
-
10:00
»
Hack a Day
Finally, a good use for those EEG headsets. [Andrew] has set up a system that will turn his TV on and off if he focuses hard enough. He’s got the software set to trigger an IR LED when the “strength” gets high enough. When the action starts, around 4:30 in the video, you can see [...]
-
-
5:33
»
SecuriTeam
Remote exploitation of a use-after-free vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
13:20
»
SecuriTeam
Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
7:08
»
Hack a Day
When we saw [merkz] use of an Arduino to produce lucid dreaming we were quite shocked. Unlike typical setups that just flash a light through sleep, his system monitors eye movement through electrodes and is able to send the data to a computer for graphing and analyzing. The only problem being we couldn’t find a [...]
-
-
14:00
»
Hack a Day
[Patrick Becker] had an ancient PC on his hands with a blown PSU. He converted this into a stylish home for his Betta splendens.
The aquarium itself is fashioned from a piece for construction glass block with the top cut off. This allows for a window that looks through the tank and shows off the motherboard [...]
-
-
9:11
»
remote-exploit & backtrack
provato a recuperare la key in modo senza cliente ( dati non sono reali ma precisi nei vari comandi)
airodump-ng -c 11 -b 00:1A:C1:15:BE:34 -w cap mon0
CH 11 ][ Elapsed: 3 mins ][ 2010-02-26 13:34
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH E
00:1A:C1:15:BE:34 -74 100 1986 0 0 11 54 . WEP WEP OPN 3
BSSID STATION PWR Rate Lost Packets Probes
fin qua tutto ok nessun clinte attacco chopchop
aireplay-ng -1 0 -a 00:1A:C1:15:BE:34 -h 00:E0:4C:05:1A:32 mon0 comando per associare
13:31:11 Waiting for beacon frame (BSSID: 00:1A:C1:15:BE:34) on channel 11
13:31:11 Sending Authentication Request (Open System) [ACK]
13:31:11 Authentication successful
13:31:11 Sending Association Request [ACK]
13:31:11 Association successful :-) (AID: 1)
fin qua tutto ok almeno secondo il mio parere.
aireplay-ng -4 -b 00:1A:C1:15:BE:34 -h 00:E0:4C:05:1A:32 mon0
13:31:29 Waiting for beacon frame (BSSID: 00:1A:C1:15:BE:34) on channel 11
^Cad 1502 packets...
Qui penso che ci sia un problema non avrebbe dovuto crearmi un finestra differente e poi confermare con Y invece e partita senza domandarmi niente e girare cosi all'infinito ?
avrebbe dovuto risponder cosi :
Read 165 packets...
Size: 86, FromDS: 1, ToDS: 0 (WEP)
BSSID = 00:14:6C:7E:40:80
Dest. MAC = FF:FF:FF:FF:FF:FF
Source MAC = 00:40:F4:77:E5:C9
0x0000: 0842 0000 ffff ffff ffff 0014 6c7e 4080 .B..........l~@.
0x0010: 0040 f477 e5c9 603a d600 0000 5fed a222 .@.w..`:...._.."
0x0020: e2ee aa48 8312 f59d c8c0 af5f 3dd8 a543 ...H......._=..C
0x0030: d1ca 0c9b 6aeb fad6 f394 2591 5bf4 2873 ....j.....%.[.(s
0x0040: 16d4 43fb aebb 3ea1 7101 729e 65ca 6905 ..C...>.q.r.e.i.
0x0050: cfeb 4a72 be46 ..Jr.F
Use this packet ? y
-
-
8:05
»
remote-exploit & backtrack
This is related to backtrack because i use backtrack. And no one on yahoo answers answered. But if I major in Information technology, can I eventually land a job in network security. I realize i would have to get certificates but is this how one starts? is there a difference in IT and information systems management.
-
-
4:53
»
remote-exploit & backtrack
Im using backtrack 4 final and use "macchanger -m 00:11:22:33:44:55 wlan0" to change my mac address. I can connect to my SSID with no problem.
But in windows, i use macshift to change my mac address but i cant connect to my SSID. What actually macchanger in backtrack do?? Can anyone explain shortly to me..
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution
5:00