The Edge of I-Hacked

We have received a FREE PASS to DEFCON15 from a very generous I-Hacked member.

We have decided to have a little contest — The winner will receive this free pass, an I-Hacked T-Shirt, and a VIP pass to the I-Hacked party all of which is worth over $120!

All you have do is submit the most Hackerish, scandalous, or ingenious i-hacked.com photo or image! Previous contests excluded Photoshops, but not this one. Examples of entries: Could be of someone in a I-Hacked T-shirt doing something they shouldnt, or a Photoshop of the word I-Hacked.com on the NYSE. The possibilities are endless.

Send all submissions to: defcon-entry@i-hacked.com

Contest will end Wed at Noon (central), and all entries will be posted on I-Hacked.com.

SPREAD THE WORD!

Just FYI Defcon starts THIS FRIDAY (8/3) SO HURRY!

from TUAW

The busy beavers of the #iphone IRC channel, whose collective efforts have built the first unauthorized iPhone GUI application it displays “Hello World” and does nothing else, have released the source for the demo app, buildable with the community-built toolchain and UIKit. Theres also a compiled binary version of the app being hosted here.

Our collective hat is off to the dedicated hackers who are building a development environment for the iPhone from bits of string and folded-up tinfoil. Its an impressive achievement.

from Engadget

If there wasnt a vast, cold expanse of internet in the way, we could just hug those iPhone Dev Wiki folks. Apparently a particularly dedicated hacker who goes by “Nightwatch” has compiled and launched the iPhones very first independent “Hello World” application, paving the way for 3rd party applications to run on the heretofore closed device. Of course, user implications are a long ways away, but Nightwatch has built a pre-alpha ARM/Mach-O Toolchain for other hackers to follow his example, and other folks should be able to get 3rd party code running on the iPhone before long. Exciting times indeed.

from arstechnica.com

MIT Project aims human buffer overflow at Secret Service

By Nate Anderson
| Published: July 16, 2007 - 11:59AM CT

We’ve known for years that color laser printers can embed a series of tiny yellow dots on pages they print. The dots—almost invisible under normal circumstances—can be used to determine which particular printer produced the image. Essentially, each printer outputs its own serial number. This is great for busting counterfeiters but raises all sorts of privacy concerns. Now, MIT students are getting involved in the campaign against the dots with the new Seeing Yellow project.

Seeing Yellow is the brainchild of MIT’s Computing Culture research group, which “want to preserve the right to anonymous communication by fighting both printing dots and the government bullying used to sustain them.” The project was conceived after the team received word that an anonymous hacker had called his printer manufacturer to complain and was subsequently visited by the Secret Service, who were curious to know why someone with nothing to hide would want to disable the tracking dots.

The dots (image courtesy of Seeing Yellow)

Seeing Yellow now encourages waves of people to contact printer manufacturers, enough so that the Secret Service and other government agencies cannot simply single out those who call to complain. The project is simple: suggest that people call manufacturers, then provide contact information and talking points. That’s it. So far, according to the site, 434 people have called.

Not sure if your printer is on the list? The EFF has a partial list of dot-printing machines. The dots are nearly invisible to the naked eye, but Seeing Yellow points out that the easiest way to see them is to shine a blue light on one of the printed pages. If the dots are there, they will show up as tiny black marks.

via Gizmodo

Richard Baguley, chief cellular ninja over at WirelessInfo.com, just published a number that, when called, turns your iPhone into a mobile field testing station. Suddenly, up pops a new menu (as you can see on our own iPhone at left) that provides detailed reporting on strengths and characteristics of the cell towers in your area, plus a load of other nerdy networky factoids. In other words, you can see things that AT&T might not want you to see.

What’s cool is that you can even enter field test mode during a call just by tapping the iPhone’s “Add Call” icon, then the field test number. But before I give you this magic number, it is my duty to share Richard’s warning.

NOTE: Although it seems that most of the information is read-only (so you can’t change anything), field modes like this have the potential to damage your phone and possibly interfere with the phone network. We are providing this information as-is; we cannot be held responsible if anything you do in this field mode damages your phone or the phone network.

There, now that the warning is out of the way, here you go:
*3001#12345#*
Dial that, and have fun fiddling. If you do discover anything freaky, please report back to us, and, of course, to Richard. If you whack out your iPhone in the process, don’t come crying to me. [WirelessInfo.com]

from Mark Shuttleworth’s Blog

With projects like Gobuntu and gNewSense aiming to provide a platform that is zealous about free software, the obvious question is “where can I run it?”. And right now, as far as laptops go, there are no good answers. Pretty much any laptop you can buy today needs some sort of non-free bits to make the most of its hardware, putting you in the tricky position of having to choose between hardware usefulness and software freedom. And boy, do we know about that choice in Ubuntu

There have been several threads about this, in comments on this blog and also on comments to Bug #1. Most of them have focused on free drivers but we should also be thinking about OpenBIOS the new name for the LinuxBIOS project. An ideal solution would also use firmware that has a free software licence as well, but I personally would see OpenBIOS and free drivers as a good start.

Right now, software freedom isn’t a huge priority for most of the companies that make up components for the PC and laptop industry. If we want to get onto their radar screen, we need to show that its worth their while to think about it. To that end I’d like to build up a list of people who are interested in this idea, and would potentially buy a high-powered laptop if it were guaranteed to work completely with free software drivers and OpenBIOS.

So I’ve setup a mailing list over here:

https://lists.ubuntu.com/mailman/listinfo/free-software-laptop

Please go ahead and join that list if you think you would seriously consider buying a laptop that was powerful and designed specifically to be free-software friendly.

from The Economic Times

NEW YORK: Good news for hackers and software security experts. Wabisabilabi WSLabi, a Swiss security firm has created an online auction house called WabiSabiLabi to bring together people who can find loopholes in the software used by companies and can find a solution.

Many criminal hackers rely on loopholes in widely used software, usually Windows, to get access to the valuable information on computers.

Security researchers who find holes in such software can sell their findings to the highest bidder in this new online platform, said the online edition of BBC News.

They will have to identify themselves to WSLabi but no personal information will be revealed in the public domain. Each buyer and seller will have a nickname under which they will trade.

WabiSabiLabi aims to give software experts a legitimate marketplace where they can trade the loopholes they find in a software. This will stop the use of these loopholes or vulnerabilities by underground elements, Herman Zampariolo, head of the auction site said.

It aims to close the gap between the small number of bugs investigated and the huge number thought to exist in reality. By rewarding researchers, he claimed the auction house will prevent the flaws getting in to the hands of hi-tech criminals.

He added that it could tempt many researchers to report findings they would otherwise keep quiet about.

“Very few of them are able or willing to report the loopholes to the right people due to the fear of being exploited,” Zampariolo said.

Once a vulnerability is reported, WSLabi will confirm it is real and can be exploited. Then, it will be placed on the auction site where it can be sold to the highest bidder or to just one firm.

WSLabi said it would ensure that all those who buy the vulnerabilities were legitimate.

The first vulnerabilities posted to WSLabi are selling for between 500 £340 and 2000 £1,350 euros.

from defensedevices

Our friends at Defense Devices gave us some time to play with their credit card lock pick set.

Being a locksmith you know that carrying lock smith tools can raise a lot of eye brows. But with this slick device you can carry your tools conveniently and securely. This set is intended for the real skilled lock smith.

The card case is made out of hard plastic so it will hold up to everyday wear and tear. Packed with 4 stainless steel picks and 1 stainless steel tension tool. The case is just the right size to fit in your wallet or pocket.
As always you should check with you local law before buy lock pick sets if you are not a trained professional.

Dont forget to say ihacked for a 5% discount on your purchase!

from The Unofficial Apple Weblog TUAW

It looks like hacking the iPhone took a huge step forward last night. iPhone enthusiasts over at the #iphone-talk and #iphone-mac channels on irc.osx86.hu have developed iPhoneInterface, a new Windows and Mac tool that allows you to manipulate the iPhones state, launch services, and interact with the iPhone filesystem. With it, youll be able to scan the iPhone file structure, create and remove folders, start iPhone services, and more. Its still in its early days so dont expect too much from this first release. A public subversion server should be up overnight. Pop over to the irc channel for more information.

from consumerist

The Consumerist’s 3-month sting operation snared a Geek Squad technician stealing porn from our hard drive, and we’ve got the work-safe video and logfiles to prove it.