John Kelly's phone was hacked

NEW REPORTING CONFIRMS what previous stories speculated: chief of staff John Kelly's phone was hacked, and now they know where. They still don't know by whom, or how, or why, or what the damage was. Read the rest

FBI says to reboot your router ASAP to avoid Russia malware VPNFilter

Have you tried turning it off and on again?

The FBI sent out an urgent bulletin advising anyone with a home or small office internet router to immediately turn it off and then turn it on again as a way to help stop the spread of a malware outbreak with origins in Russia. Read the rest

Security researchers demonstrate inexpensive one-minute method to clone master hotel key cards

Finnish security researchers Tomi Tuominen and Timo Hirvonen can clone many master hotel keys very quickly using their clever cryptography, an expired keycard from the hotel trash, and a $300 Proxmark RFID card reading and writing device. It takes them about one minute to create a master hotel key. Video demo below. From Wired:

The two researchers say that their attack works only on Vingcard's previous-generation Vision locks, not the company's newer Visionline product. But they estimate that it nonetheless affects 140,000 hotels in more than 160 countries around the world; the researchers say that Vingcard's Swedish parent company, Assa Abloy, admitted to them that the problem affects millions of locks in total. When WIRED reached out to Assa Abloy, however, the company put the total number of vulnerable locks somewhat lower, between 500,000 and a million. They note, though, that the total number is tough to measure, since they can't closely track how many of the older locks have been replaced. Tuominen and Hirvonen say that they've collected more than a thousand hotel keycards from their friends over the last 10 years, and found that roughly 30 percent were Vingcard Vision locks that would have been vulnerable to their attack.

Tuominen and Hirvonen quietly alerted Assa Abloy to their findings a year ago, and the company responded in February with a software security update that has since been available on its website. But since Vingcard's locks don't have internet connections, that software has to be installed manually by a technician, lock by lock.

Read the rest

SEC fines Yahoo (now Altaba) $35 million over massive data breach

How the once mighty have fallen. Read the rest

FBI, DHS, and UK cyber agency warn of Russia internet attack that targets routers

The United States and Britain today accused Russia of launching a new wave of internet-based attacks targeting routers, firewalls and other computer networking equipment used by government agencies, businesses and critical infrastructure operators around the globe. Read the rest

Hacking particle accelerators for unexpected science

As advanced atom smashers like the Large Hadron Collider come online, older ones are sometimes abandoned or, better, used for unexpected science experiments. Examples range from recording high-speed X-rays of the biological "motor" that flaps a fly's wings to finding an easter egg in a Degas painting. In the video above, Science Hack Day "global instigator" Ariel Waldman reveals how researchers hack particle accelerators for new uses.

Read the rest

The Pocket Sprite's a game console that's small enough to fit on your keychain

Earlier this month, I was lucky enough to get my hands on a Pocket Sprite – a $55 piece of game emulation hardware that fits in the palm of your hand. Measuring just an inch wide and two inches tall, the Pocket Sprite looks like the smallest Game Boy you've ever seen. It plays like it too, with A, B, start and selection buttons and a wee display with dimension sized to make playing games from the 1980s and 1990s in their original format feel "right."

Out of the box, the Pocket Sprite can play homebrew games designed to work with Game Boy, Game Boy Color and Sega console emulators. Before you ask, yes, this also means that any Game Boy or Sega ROMs you happen to find online will work with the hardware.

Before laying hands on it, I was apprehensive about how playable the Pocket Sprite might be. I still carry around a Game Boy Micro console with me, everywhere I go. I find that it's juuuuust small enough to pocket and still large enough that playing Super Mario World for 30 minutes can actually be enjoyable. The Pocket Sprite's way smaller than my GB Micro is. I was surprised by how easy its chunky controls were to use. But I was disappointed by how hard it was to keep track of a game's action on its display. For my eyes, it's just too small. But maybe your experience will be different.

Whether or not the Game Sprite is worth $55 really depends on why you're buying it. Read the rest

Did Equifax execs sell stock before data breach news broke because they knew? U.S. Senators want to know

Two influential members of the U.S. Senate today demanded answers from Equifax on the recent massive data breach that affected 143 million Americans. Read the rest

Man adds proper headphone jack to an iPhone that lacks one

Scotty from Strange Parts famously built a fully-functioning iPhone from replacement parts sourced in Chinese electronic wholesale markets. Now he's gone a step further, and upgraded one to have a headphone jack: "Is it possible? I'm headed to Shenzhen to find out!"

I’m pretty proud of the final implementation. I took apart an Apple lightning to headphone adapter, put that inside the phone, and hooked it up by man in the middling the lightning jack with a flexible PCB. The PCB has a switching chip that switches between connecting the headphone adapter to the phone by default, and then disconnecting it and connecting the lightning jack when something is plugged into it. I have a couple other timer chips that briefly disconnect everything from the phone when something is connected/disconnected to improve the reliability of the phone detecting when something is plugged/unplugged (otherwise it sometimes gets confused).

You won't be doing this work with the soldering iron grandpa left ya.

Read the rest

Facebook pitches in $500K to launch Harvard effort to fight election hacking and propaganda attacks

Joe Menn at Reuters reports that Facebook is pitching in an initial $500,000 in seed funding to launch a nonprofit that will work to protect American political parties, voting systems and information providers from malicious attacks by hackers and foreign nation-states. Read the rest

Hackers steal Trump Hotel guests' credit card numbers and other info. Again.

For the third time in the past three years, hotel guests at 14 Trump properties including Washington, New York and Vancouver, had their personal credit card info exposed to hackers. Read the rest

A tiny Hayes modem for your tiny retro computer

The WiFi232 is a traditional old-timey old-schooley Hayes-compatible 300-115200 baud modem, no wider than its own parallel DB25 port.

Automatically responds with a customizable busy message when already in a call.

The killer app seems to be using it to get internet onto ancient retro portables like the TRS-80 Model 102, but it's been put through its paces on various 16-bit Commodores, Ataris and Apples too. Here's Blake Patterson:

https://www.youtube.com/watch?v=92RIT_L-8jA

The purpose of the device is to act as a bridge between your serial port and your local WiFi router. It has a 25-pin RS-232 data interface and a Mini-USB connector for power — it should work with any computer sporting a standard serial port.

The WiFi232 is configured by connecting to the device’s built-in web server and loading the configuration page or by issuing extended AT configuration commands. For example,

AT$SSID=MyWifiHotspotName

points the device to your WiFi hotspot. Once things are configured (it supports 300 to 115,200 baud), just load up your favorite terminal program, type:

ATDT bbs.myfavbbs.com

and the WiFi232 “dials” into that telnet BBS. Your vintage computer thinks its talking on the phone.

It's $33 as a pile o' parts or $49 assembled, but there's a waiting list. Read the rest

iPhone killed tinkering, but only if you want to tinker with iPhone

Most tech-media takes on the iPhone's 10th anniversary are bland and self-congratulatory, but I like Tom Warren's at The Verge. He laments how Apple's pocket computer killed his inner nerd. As a youngster, he'd be constantly tearing down and building computers, even in the sweltering heat of summer. But now...

...All of that tinkering and hacking things ended for me shortly after the iPhone arrived ... When I look at modern PCs, tablets, and phones now I’m surprised at the simplicity of them. Not all of them are perfect, but technology is rapidly turning into something in the background that’s accessible to everyone and doesn’t require hours of configuration. I miss the thrill of hacking away and tinkering, but as I shout to Alexa to turn off my lights at night I can’t help but appreciate just how easy everything is now.

If anything I've had the opposite experience. I hate having to fiddle with technology because I have to if I want it to do something interesting, or simply to work in the first place. But now tinkering is all creation. Experimentation, hacking--all of it is freed from whatever technical needs I have.

Perhaps what people miss is the feeling that tinkering with tech will put them on the cutting edge of performance, will move them into the unequally-distributed future. But the same thing is now diversion, mere art, and that's not what they care about.

It's true, though, that the iPhone made gadgets boring. It's striking, when you look at the products released around that time and for years thereafter, just how astronomically ahead of the game Apple was in 2007. Read the rest

North Korea has been hacking the U.S. since 2009, warn DHS and FBI—and they're not stopping

A rare joint alert from the U.S. Department of Homeland Security and the Federal Bureau of Investigation explicitly blames the government of North Korea for a series of hacking attacks on various American targets, dating as far back as 2009. The government alert warns that more such ”state-sponsored cyberattacks,” as they're known in security jargon, are likely to come. Read the rest

Why is Trump so silent on French election hacking?

Putin got your tongue? President Donald Trump's history of remarks on U.S. election hacking makes his current silence on the France election cyberattacks very strange. Russia is suspected of being behind those recent hacking attacks, which appeared to be directed at helping the fascist, hardcore right-wing candidate Marine Le Pen win. Despite open support from Donald Trump and others aligned with the U.S. President, Le Pen lost to the more moderate candidate, Emmanuel Macron. Read the rest

Justice Dept. to charge 2 Russian spies and 2 criminal hackers with 2014 Yahoo breach of 500 million accounts

Before today's anticipated announcement by the Justice Department, more details are already leaking out about who they're after: “two Russian spies, and two criminal hackers.” Read the rest

The joy of troubleshooting the Raspberry Pi

In his Lifehacker essay looking back on his five years of tinkering with the Raspberry Pi, Thorin Klosowski says one of the desirable features of the Pi is the fact that it's not easy to use right out of the box.

Snip:

The joy I get from finding a solution to some dumb problem is one of the main things that drew me to the Raspberry Pi to begin with. Thankfully, Raspberry Pi projects have gotten easier over the years. Where it was once a complicated process to build an SD card, it’s now pretty much automatic. Still, the Raspberry Pi is far, far away from being as user friendly as a PC or Mac. That’s a feature, not a bug. The Raspberry Pi is built to force you to learn troubleshooting, and that’s still one of my favorite things about it.

Before hobbyists latched onto the Raspberry Pi, it was a computer for learning how to code targeted mainly at kids. Since then, the appeal has broadened, but it’s still impossible for a project to “just work” out of the box. You will have to tweak something, dig into the command line, or spend a few hours buried in an obscure internet forum to find solutions to problems that only you seem to be having. You will slam your head against the wall, yell a little, and throw your Raspberry Pi at least once for every project you attempt to make.

For every project you complete, for every bug you squash, and for every typo you correct, comes a small, glowing feeling inside your stomach that is well worth the trouble of it all.

Read the rest

More posts